On 11 Sep 2011, at 05:55, Stephan Beal wrote: > > In a JSON context, link-following is not an issue. There are no links, as > such, in JSON docs - though individual JSON strings might incidentally > contain HTML link strings, bots don't generically try to extract HTML text > from JSON. Doing anything at all with the data requires writing an > app-specific bot to do it. > > Given that, would be against fossil's nature if i reduce the JSON API's > authentication to only 2 levels: read and write? Non-logged in users would be > read-only and logged in would have write access only if their user profile > allows it (and if it doesn't then logging in for JSON access doesn't have any > benefit at all for the client).
Private repositories will need the user to authenticate to get read only access. I trust you're planning to respect the permissions for the anonymous user? Ben -- http://bens.me.uk/ _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
