[Xerte-dev] Re: Flickr API Going SSL-Only on June 27th, 2014
Smith, John
J.J.Smith at gcu.ac.uk
Thu May 8 09:46:31 BST 2014
True...
Regards,
John Smith | Learning Technologist
Room A251, Govan Mbeki Building | School of Health & Life Sciences | Glasgow Caledonian University
Cowcaddens Road | Glasgow | G4 0BA
Please address ALL support requests to hlsblt at gcu.ac.uk where one of the School Learning Technologists will pick up the job. This will ensure that all jobs are completed as promptly as possible.
________________________________________
From: xerte-dev-bounces at lists.nottingham.ac.uk [xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney [Julian.Tenney at nottingham.ac.uk]
Sent: 08 May 2014 09:43
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Flickr API Going SSL-Only on June 27th, 2014
Maybe, but we don't have any choice but to use https to access the flickr api,
J
-----Original Message-----
From: xerte-dev-bounces at lists.nottingham.ac.uk [mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Smith, John
Sent: 08 May 2014 09:34
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Flickr API Going SSL-Only on June 27th, 2014
It might still have security implications on latest browsers where XOT sits on http and access Flickr on https... similar to recent Youtube etc problems...
Regards,
John Smith | Learning Technologist
Room A251, Govan Mbeki Building | School of Health & Life Sciences | Glasgow Caledonian University Cowcaddens Road | Glasgow | G4 0BA
Please address ALL support requests to hlsblt at gcu.ac.uk where one of the School Learning Technologists will pick up the job. This will ensure that all jobs are completed as promptly as possible.
________________________________________
From: xerte-dev-bounces at lists.nottingham.ac.uk [xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney [Julian.Tenney at nottingham.ac.uk]
Sent: 08 May 2014 09:26
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Flickr API Going SSL-Only on June 27th, 2014
Yep, seems to work on our server,
J
From: Tenney Julian
Sent: 08 May 2014 08:59
To: 'For Xerte technical developers'
Subject: RE: Flickr API Going SSL-Only on June 27th, 2014
It appears as simple as changing the url to https from http. I've committed those changes, but not tested,
From: xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk> [mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney
Sent: 08 May 2014 08:45
To: For Xerte technical developers (xerte-dev at lists.nottingham.ac.uk<mailto:xerte-dev at lists.nottingham.ac.uk>)
Subject: [Xerte-dev] FW: Flickr API Going SSL-Only on June 27th, 2014
This is going to have an impact I think. I'll investigate.
From: Flickr Mail [mailto:no-reply-flickrmail at flickr.com]
Sent: 07 May 2014 18:19
To: julian.tenney at nottingham.ac.uk<mailto:julian.tenney at nottingham.ac.uk>
Subject: Flickr API Going SSL-Only on June 27th, 2014
We see that you own an active API key for the Flickr API, and wanted make sure you know about some upcoming changes to the API related to SSL.
As you may have read on the Flickr code blog<http://code.flickr.net/2014/04/30/flickr-api-going-ssl-only-on-june-27th-2014/>, we've updated all of the API endpoints to fully support SSL. You no longer need to use a special subdomain to access the API securely, and we want to make sure that all API communication adopts SSL.
Many of you have moved over to using SSL already, which is great! If you haven't, it shouldn't be much more work than updating your apps to call the API at: https://api.flickr.com/
We'll be updating the blog with information as we get close to the switchover date, but here's the most important info:
New API keys will be issued for HTTPS access only: as of 6 May 2014 First blackout test window: 3 June 2014, 10:00-12:00 Pacific Daylight Time (PDT) Second blackout test window: 17 June 2014, 18:00-20:00 (PDT) Non-SSL API deprecated: 27 June 2014, 10:00 (PDT)
During the blackout tests and after the 27th of June, calls to the Flickr API that are not over SSL will fail with an HTTP error code 403. We will also return an error message with (Flickr) code 95 and msg "SSL is required".
Here are example error responses:
XML (REST):
<?xml version="1.0" encoding="utf-8" ?> <rsp stat="fail"> <err code="95" msg="SSL is required" /> </rsp>
JSONP:
jsonFlickrApi({ "stat": "fail", "code": "95", "message": "SSL is required" })
JSON:
{ "stat": "fail", "code": "95", "message": "SSL is required" }
We realize that this change might be more difficult for some. We will follow the Developer Support Group<https://groups.yahoo.com/neo/groups/yws-flickr/info> closely, so please let us hear your questions.
If you have a question about the API transition to SSL that you feel is unique to your situation or is more appropriate to handle via conversation directly with Flickr, send an email to flickr-api-help at yahoo-inc.com<mailto:flickr-api-help at yahoo-inc.com>. We will monitor that mailbox through July 2014.
Thank you for being a member of our API community, The Flickreenos
Glasgow Caledonian University is a registered Scottish charity, number SC021474
_______________________________________________
Xerte-dev mailing list
Xerte-dev at lists.nottingham.ac.uk
http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
_______________________________________________
Xerte-dev mailing list
Xerte-dev at lists.nottingham.ac.uk
http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
This message and any attachment are intended solely for the addressee and may contain confidential information. If you have received this message in error, please send it back to me, and immediately delete it. Please do not use, copy or disclose the information contained in this message or in any attachment. Any views or opinions expressed by the author of this email do not necessarily reflect the views of the University of Nottingham.
This message has been checked for viruses but the contents of an attachment
may still contain software viruses which could damage your computer system, you are advised to perform your own checks. Email communications with the University of Nottingham may be monitored as permitted by UK legislation.
Glasgow Caledonian University is a registered Scottish charity, number SC021474
More information about the Xerte-dev
mailing list