[Xerte-dev] Re: Flickr API Going SSL-Only on June 27th, 2014

Tom Reijnders reijnders at tor.nl
Thu May 8 11:26:42 BST 2014


As far as I know, only the other way around causes problems, i.e. 
calling http from https.

In that sense this would be a good change  :-)

Tom

Pat L (pgogy) schreef op 8-5-2014 10:52:
> depends on where the script is loaded from? I have http js calling 
> https APIs without much trouble
>
>
> On Thu, May 8, 2014 at 9:34 AM, Smith, John <J.J.Smith at gcu.ac.uk 
> <mailto:J.J.Smith at gcu.ac.uk>> wrote:
>
>     It might still have security implications on latest browsers where
>     XOT sits on http and access Flickr on https... similar to recent
>     Youtube etc problems...
>
>     Regards,
>
>     John Smith | Learning Technologist
>     Room A251, Govan Mbeki Building | School of Health & Life Sciences
>     | Glasgow Caledonian University
>     Cowcaddens Road | Glasgow | G4 0BA
>
>     Please address ALL support requests to hlsblt at gcu.ac.uk
>     <mailto:hlsblt at gcu.ac.uk> where one of the School Learning
>     Technologists will pick up the job. This will ensure that all jobs
>     are completed as promptly as possible.
>     ________________________________________
>     From: xerte-dev-bounces at lists.nottingham.ac.uk
>     <mailto:xerte-dev-bounces at lists.nottingham.ac.uk>
>     [xerte-dev-bounces at lists.nottingham.ac.uk
>     <mailto:xerte-dev-bounces at lists.nottingham.ac.uk>] On Behalf Of
>     Julian Tenney [Julian.Tenney at nottingham.ac.uk
>     <mailto:Julian.Tenney at nottingham.ac.uk>]
>     Sent: 08 May 2014 09:26
>     To: For Xerte technical developers
>     Subject: [Xerte-dev] Re: Flickr API Going SSL-Only on June 27th, 2014
>
>     Yep, seems to work on our server,
>
>     J
>
>     From: Tenney Julian
>     Sent: 08 May 2014 08:59
>     To: 'For Xerte technical developers'
>     Subject: RE: Flickr API Going SSL-Only on June 27th, 2014
>
>     It appears as simple as changing the url to https from http. I've
>     committed those changes, but not tested,
>
>     From: xerte-dev-bounces at lists.nottingham.ac.uk
>     <mailto:xerte-dev-bounces at lists.nottingham.ac.uk><mailto:xerte-dev-bounces at lists.nottingham.ac.uk
>     <mailto:xerte-dev-bounces at lists.nottingham.ac.uk>>
>     [mailto:xerte-dev-bounces at lists.nottingham.ac.uk
>     <mailto:xerte-dev-bounces at lists.nottingham.ac.uk>] On Behalf Of
>     Julian Tenney
>     Sent: 08 May 2014 08:45
>     To: For Xerte technical developers
>     (xerte-dev at lists.nottingham.ac.uk
>     <mailto:xerte-dev at lists.nottingham.ac.uk><mailto:xerte-dev at lists.nottingham.ac.uk
>     <mailto:xerte-dev at lists.nottingham.ac.uk>>)
>     Subject: [Xerte-dev] FW: Flickr API Going SSL-Only on June 27th, 2014
>
>     This is going to have an impact I think. I'll investigate.
>
>     From: Flickr Mail [mailto:no-reply-flickrmail at flickr.com
>     <mailto:no-reply-flickrmail at flickr.com>]
>     Sent: 07 May 2014 18:19
>     To: julian.tenney at nottingham.ac.uk
>     <mailto:julian.tenney at nottingham.ac.uk><mailto:julian.tenney at nottingham.ac.uk
>     <mailto:julian.tenney at nottingham.ac.uk>>
>     Subject: Flickr API Going SSL-Only on June 27th, 2014
>
>     We see that you own an active API key for the Flickr API, and
>     wanted make sure you know about some upcoming changes to the API
>     related to SSL.
>
>     As you may have read on the Flickr code
>     blog<http://code.flickr.net/2014/04/30/flickr-api-going-ssl-only-on-june-27th-2014/>,
>     we've updated all of the API endpoints to fully support SSL. You
>     no longer need to use a special subdomain to access the API
>     securely, and we want to make sure that all API communication
>     adopts SSL.
>
>     Many of you have moved over to using SSL already, which is great!
>     If you haven't, it shouldn't be much more work than updating your
>     apps to call the API at: https://api.flickr.com/
>
>     We'll be updating the blog with information as we get close to the
>     switchover date, but here's the most important info:
>
>     New API keys will be issued for HTTPS access only: as of 6 May 2014
>     First blackout test window: 3 June 2014, 10:00-12:00 Pacific
>     Daylight Time (PDT)
>     Second blackout test window: 17 June 2014, 18:00-20:00 (PDT)
>     Non-SSL API deprecated: 27 June 2014, 10:00 (PDT)
>
>     During the blackout tests and after the 27th of June, calls to the
>     Flickr API that are not over SSL will fail with an HTTP error code
>     403. We will also return an error message with (Flickr) code 95
>     and msg "SSL is required".
>
>     Here are example error responses:
>
>     XML (REST):
>
>     <?xml version="1.0" encoding="utf-8" ?> <rsp stat="fail"> <err
>     code="95" msg="SSL is required" /> </rsp>
>
>     JSONP:
>
>     jsonFlickrApi({ "stat": "fail", "code": "95", "message": "SSL is
>     required" })
>
>     JSON:
>
>     { "stat": "fail", "code": "95", "message": "SSL is required" }
>
>     We realize that this change might be more difficult for some. We
>     will follow the Developer Support
>     Group<https://groups.yahoo.com/neo/groups/yws-flickr/info>
>     closely, so please let us hear your questions.
>
>     If you have a question about the API transition to SSL that you
>     feel is unique to your situation or is more appropriate to handle
>     via conversation directly with Flickr, send an email to
>     flickr-api-help at yahoo-inc.com
>     <mailto:flickr-api-help at yahoo-inc.com><mailto:flickr-api-help at yahoo-inc.com
>     <mailto:flickr-api-help at yahoo-inc.com>>. We will monitor that
>     mailbox through July 2014.
>
>     Thank you for being a member of our API community,
>     The Flickreenos
>
>     Glasgow Caledonian University is a registered Scottish charity,
>     number SC021474
>
>     _______________________________________________
>     Xerte-dev mailing list
>     Xerte-dev at lists.nottingham.ac.uk
>     <mailto:Xerte-dev at lists.nottingham.ac.uk>
>     http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
>     This message and any attachment are intended solely for the
>     addressee and may contain confidential information. If you have
>     received this message in error, please send it back to me, and
>     immediately delete it.   Please do not use, copy or disclose the
>     information contained in this message or in any attachment.  Any
>     views or opinions expressed by the author of this email do not
>     necessarily reflect the views of the University of Nottingham.
>
>     This message has been checked for viruses but the contents of an
>     attachment
>     may still contain software viruses which could damage your
>     computer system, you are advised to perform your own checks. Email
>     communications with the University of Nottingham may be monitored
>     as permitted by UK legislation.
>
>
>
>
>
>
>
> _______________________________________________
> Xerte-dev mailing list
> Xerte-dev at lists.nottingham.ac.uk
> http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev

-- 
--

Tom Reijnders
TOR Informatica
Chopinlaan 27
5242HM Rosmalen
Tel: 073 5226191
Fax: 073 5226196

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20140508/67196565/attachment.html>


More information about the Xerte-dev mailing list