Security issue?

Discussion in 'BukkitDev Information and Feedback' started by musicin3d, Nov 18, 2011.

Thread Status:
Not open for further replies.
  1. Offline

    musicin3d

    Does anyone else see the irony here...
    [​IMG]
     
    robinjam likes this.
  2. Offline

    md_5

    Lol thats pretty funny, I didn't catch that. Click the regenerate link and it will update with a unique one.
     
  3. Offline

    musicin3d

    Oh I haven't used one yet. But that is good to note.
     
  4. Offline

    chaseoes Retired Staff

    I don't understand.. unless if YourKeyHere is a real one?
     
  5. Offline

    md_5

    It's a LAWL, thats not a real key.
     
  6. Offline

    musicin3d

    What I'm getting at is: If you put your key in a url and that url is, in any way, available to the public, then you have given your key to the entire world.
     
  7. Offline

    Borch

    And where in the above text do they suggest you send the link to anyone?
     
  8. Offline

    cyberdude

    But you wouldn't. If you are doing that you are doing it wrong. There is absolutely nothing wrong with this here. This is very common practice. Facebook does, google does, lots of HTTP API's use this kind of key, that you make sure you keep private, by implementing it into a server script such as PHP. If you write an IFrame pointing to the API with your key, then you are begging for trouble and should stay away from programming.

    So basically, nothing to see here, move along.
     
  9. Also shell scripts that may use things like wget or curl can use this without too many problems.
     
  10. Offline

    chaseoes Retired Staff

    Now that makes sense, I guess you can just keep that URL to yourself? :p
     
  11. Offline

    musicin3d

    Alright. I admit I haven't even touch this yet … haven't needed to. And I did expect that bukkit wouldn't do something as ridiculous as I was implying. It just looked funny, and my second post was trying to explain why.

    It's a joke guys, but good job at making it a teaching point. ;)
     
Thread Status:
Not open for further replies.

Share This Page