Thanks for the heads up, it might be related to the recent change i
committed.
Can someone help with setting up an automated unit testing for the API?
Thanks!
--Yuri
On 5/16/07, Brion Vibber <brion(a)wikimedia.org> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gurch wrote:
It is possible to use api.php on a wiki to which
one does not have
access (read-only or otherwise) to do some things to which access
through the interface is denied.
For example, I can obtain a list of all pages on
board.wikimedia.org or
internal.wikimedia.org (neither of which I have read or write access
to), while attempting to view Special:Allpages on one of these gives a
"login required" error.
Attempting to retrieve revision information via the API correctly gives
a "no read permission" error, so I can't actually see the content of any
pages.
Is this a bug, or a feature?
Shouldn't happen; I'm disabling the read API for private wikis pending
security review.
- -- brion vibber (brion @
wikimedia.org)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iD8DBQFGS4utwRnhpk1wk44RAhuzAJ9ck17q+gdkbAG4lkZCcJ94FPM8PACfZ00X
1LfXakGtJL/ePKV4DP4DIu4=
=6Q1k
-----END PGP SIGNATURE-----
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/wikitech-l