On 9/18/21 3:10 AM, Mattia Verga via devel wrote: > On 17/09/21 14:07, Ben Cotton wrote: >> I'm passing along a lightly-edited announcement from the Red Hat >> Bugzilla admins. You may have noticed this change already. The short >> version is that the search API now defaults to returning 20 bugs, but >> authenticated calls can request up to 1000. >> > Is there a safe way to authenticate a jquery ajax call without exposing > the api token? > > Background: Bodhi uses a javascript call to populate the list of bugs > associated to a package when creating a new update in the web UI form. > For some packages this is now broken (for example, kernel package has > over a thousand bugs, but as now Bodhi form will only show the first 20). > > I know that authentication to Bugzilla REST service can be done by > sending an Authentication header in the request. But adding that to > javascript code wouldn't mean to expose the API token to all? I'm a bit > confused how to accomplish that. At the moment, Bodhi uses no > authentication at all, but that would mean to fetch bugs by steps of 20 > (and for some packages this is way too small as it would end in sending > **a lot** of requests). Can the requests be performed concurrently? With HTTP/2 and HTTP/3, sending lots of concurrent requests is cheap. Sincerely, Demi
Attachment:
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
