diff options
author | Dave Lawrence <dlawrence@mozilla.com> | 2013-09-09 19:24:10 +0200 |
---|---|---|
committer | Dave Lawrence <dlawrence@mozilla.com> | 2013-09-09 19:24:10 +0200 |
commit | 1b2da400dcad870226da1712f00474a8ca65e16a (patch) | |
tree | 8108ddc3652fb1f7c4f00c828170dfaa3b1814a7 /Bugzilla | |
parent | c9cdd836907191109c99e2680efe6aa14e0e8df0 (diff) | |
download | bugzilla-1b2da400dcad870226da1712f00474a8ca65e16a.tar.gz bugzilla-1b2da400dcad870226da1712f00474a8ca65e16a.tar.xz |
Bug 914196 - Documentation for User.login should state cookies not used for JSONRPC and REST when making future connections
Diffstat (limited to 'Bugzilla')
-rw-r--r-- | Bugzilla/WebService/User.pm | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm index 78d34a209..32e11a2a4 100644 --- a/Bugzilla/WebService/User.pm +++ b/Bugzilla/WebService/User.pm @@ -376,7 +376,9 @@ user that was logged in, and a C<token> which can be passed in the parameters as authentication in other calls. A set of http cookies is also sent with the response. These cookies *or* the token can be sent along with any future requests to the webservice, for the duration of the -session. +session. Note that cookies are not accepted for GET requests for JSONRPC +and REST for security reasons. You may, however, use the token or valid +login parameters for those requests. =item B<Errors> |