[Xerte-dev] Re: Flickr API Going SSL-Only on June 27th, 2014

Smith, John J.J.Smith at gcu.ac.uk
Thu May 8 11:37:49 BST 2014


In some cases it can also depend on what comes down from the api but since it is just JSON data this time that is parsed then it should be fine...

Regards,

John Smith | Learning Technologist
Room A251, Govan Mbeki Building | School of Health & Life Sciences | Glasgow Caledonian University
Cowcaddens Road | Glasgow | G4 0BA

Please address ALL support requests to hlsblt at gcu.ac.uk where one of the School Learning Technologists will pick up the job. This will ensure that all jobs are completed as promptly as possible.
________________________________________
From: xerte-dev-bounces at lists.nottingham.ac.uk [xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Tom Reijnders [reijnders at tor.nl]
Sent: 08 May 2014 11:26
To: xerte at pgogywebstuff.com; For Xerte technical developers
Subject: [Xerte-dev] Re: Flickr API Going SSL-Only on June 27th, 2014

As far as I know, only the other way around causes problems, i.e. calling http from https.

In that sense this would be a good change  :-)

Tom

Pat L (pgogy) schreef op 8-5-2014 10:52:
depends on where the script is loaded from? I have http js calling https APIs without much trouble


On Thu, May 8, 2014 at 9:34 AM, Smith, John <J.J.Smith at gcu.ac.uk<mailto:J.J.Smith at gcu.ac.uk>> wrote:
It might still have security implications on latest browsers where XOT sits on http and access Flickr on https... similar to recent Youtube etc problems...

Regards,

John Smith | Learning Technologist
Room A251, Govan Mbeki Building | School of Health & Life Sciences | Glasgow Caledonian University
Cowcaddens Road | Glasgow | G4 0BA

Please address ALL support requests to hlsblt at gcu.ac.uk<mailto:hlsblt at gcu.ac.uk> where one of the School Learning Technologists will pick up the job. This will ensure that all jobs are completed as promptly as possible.
________________________________________
From: xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk> [xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk>] On Behalf Of Julian Tenney [Julian.Tenney at nottingham.ac.uk<mailto:Julian.Tenney at nottingham.ac.uk>]
Sent: 08 May 2014 09:26
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Flickr API Going SSL-Only on June 27th, 2014

Yep, seems to work on our server,

J

From: Tenney Julian
Sent: 08 May 2014 08:59
To: 'For Xerte technical developers'
Subject: RE: Flickr API Going SSL-Only on June 27th, 2014

It appears as simple as changing the url to https from http. I’ve committed those changes, but not tested,

From: xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk><mailto:xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk>> [mailto:xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk>] On Behalf Of Julian Tenney
Sent: 08 May 2014 08:45
To: For Xerte technical developers (xerte-dev at lists.nottingham.ac.uk<mailto:xerte-dev at lists.nottingham.ac.uk><mailto:xerte-dev at lists.nottingham.ac.uk<mailto:xerte-dev at lists.nottingham.ac.uk>>)
Subject: [Xerte-dev] FW: Flickr API Going SSL-Only on June 27th, 2014

This is going to have an impact I think. I’ll investigate.

From: Flickr Mail [mailto:no-reply-flickrmail at flickr.com<mailto:no-reply-flickrmail at flickr.com>]
Sent: 07 May 2014 18:19
To: julian.tenney at nottingham.ac.uk<mailto:julian.tenney at nottingham.ac.uk><mailto:julian.tenney at nottingham.ac.uk<mailto:julian.tenney at nottingham.ac.uk>>
Subject: Flickr API Going SSL-Only on June 27th, 2014

We see that you own an active API key for the Flickr API, and wanted make sure you know about some upcoming changes to the API related to SSL.

As you may have read on the Flickr code blog<http://code.flickr.net/2014/04/30/flickr-api-going-ssl-only-on-june-27th-2014/>, we've updated all of the API endpoints to fully support SSL. You no longer need to use a special subdomain to access the API securely, and we want to make sure that all API communication adopts SSL.

Many of you have moved over to using SSL already, which is great! If you haven't, it shouldn't be much more work than updating your apps to call the API at: https://api.flickr.com/

We'll be updating the blog with information as we get close to the switchover date, but here's the most important info:

New API keys will be issued for HTTPS access only: as of 6 May 2014
First blackout test window: 3 June 2014, 10:00-12:00 Pacific Daylight Time (PDT)
Second blackout test window: 17 June 2014, 18:00-20:00 (PDT)
Non-SSL API deprecated: 27 June 2014, 10:00 (PDT)

During the blackout tests and after the 27th of June, calls to the Flickr API that are not over SSL will fail with an HTTP error code 403. We will also return an error message with (Flickr) code 95 and msg "SSL is required".

Here are example error responses:

XML (REST):

<?xml version="1.0" encoding="utf-8" ?> <rsp stat="fail"> <err code="95" msg="SSL is required" /> </rsp>

JSONP:

jsonFlickrApi({ "stat": "fail", "code": "95", "message": "SSL is required" })

JSON:

{ "stat": "fail", "code": "95", "message": "SSL is required" }

We realize that this change might be more difficult for some. We will follow the Developer Support Group<https://groups.yahoo.com/neo/groups/yws-flickr/info> closely, so please let us hear your questions.

If you have a question about the API transition to SSL that you feel is unique to your situation or is more appropriate to handle via conversation directly with Flickr, send an email to flickr-api-help at yahoo-inc.com<mailto:flickr-api-help at yahoo-inc.com><mailto:flickr-api-help at yahoo-inc.com<mailto:flickr-api-help at yahoo-inc.com>>. We will monitor that mailbox through July 2014.

Thank you for being a member of our API community,
The Flickreenos

Glasgow Caledonian University is a registered Scottish charity, number SC021474

_______________________________________________
Xerte-dev mailing list
Xerte-dev at lists.nottingham.ac.uk<mailto:Xerte-dev at lists.nottingham.ac.uk>
http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
This message and any attachment are intended solely for the addressee and may contain confidential information. If you have received this message in error, please send it back to me, and immediately delete it.   Please do not use, copy or disclose the information contained in this message or in any attachment.  Any views or opinions expressed by the author of this email do not necessarily reflect the views of the University of Nottingham.

This message has been checked for viruses but the contents of an attachment
may still contain software viruses which could damage your computer system, you are advised to perform your own checks. Email communications with the University of Nottingham may be monitored as permitted by UK legislation.








_______________________________________________
Xerte-dev mailing list
Xerte-dev at lists.nottingham.ac.uk<mailto:Xerte-dev at lists.nottingham.ac.uk>
http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev



--
--

Tom Reijnders
TOR Informatica
Chopinlaan 27
5242HM Rosmalen
Tel: 073 5226191
Fax: 073 5226196




This message and any attachment are intended solely for the addressee and may contain confidential information. If you have received this message in error, please send it back to me, and immediately delete it.   Please do not use, copy or disclose the information contained in this message or in any attachment.  Any views or opinions expressed by the author of this email do not necessarily reflect the views of the University of Nottingham.

This message has been checked for viruses but the contents of an attachment may still contain software viruses which could damage your computer system, you are advised to perform your own checks. Email communications with the University of Nottingham may be monitored as permitted by UK legislation.


Glasgow Caledonian University is a registered Scottish charity, number SC021474



More information about the Xerte-dev mailing list