greptilian logo

IRC log for #rest, 2015-09-03

https://trygvis.io/rest-wiki/

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
00:09 fuzzyhorns joined #rest
00:10 ralphschindler joined #rest
00:15 vanHoesel joined #rest
02:57 wsiqueir joined #rest
03:33 baweaver joined #rest
04:01 jangid joined #rest
05:25 jangid joined #rest
06:11 jangid joined #rest
06:39 jangid joined #rest
06:59 jangid joined #rest
07:05 timg___ joined #rest
07:23 _ollie joined #rest
07:36 graste joined #rest
07:50 mezod joined #rest
07:51 jangid joined #rest
08:28 chthon joined #rest
08:28 timg___ joined #rest
08:32 fumanchu joined #rest
08:53 bobsapp joined #rest
08:54 timg___ joined #rest
08:57 bobsapp Howdy all, could someone tell me why its considered less secure to store session ids in the url of a request?
08:58 trygvis one argument is that they're often stored in logs while headers are not
08:58 trygvis URLs are in general not treated as sensitive data
08:59 trygvis and it is silly because there are much better ways to do sessions and authentication
09:06 bobsapp Thanks.  The place I currently work at uses this technique, I might push them to address that.
09:06 bobsapp once I know enough myself :)
09:15 jangid joined #rest
09:20 mezod joined #rest
09:31 interop_madness joined #rest
09:40 mooncup joined #rest
09:41 mooncup hey guys
09:41 mooncup would you generally use JSON or GET to pass filters etc to the server?
09:42 mooncup I think I'm probably going to go with GET, but I didn't know if there was anything to watch out for
09:42 mooncup just to clarify, I'm going to be creating my own RESTful api and was wondering what people generally went with, as from what I can see there doesn't seem to be any consensus
09:54 jangid joined #rest
10:02 Andre-B joined #rest
10:11 pdurbin mooncup: when you say JSON I guess you mean similar to how you can POST filters (queries) with elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/current/_executing_searches.html
10:55 fumanchu_ joined #rest
10:57 timg___ joined #rest
11:06 timg___ joined #rest
12:08 jangid joined #rest
12:54 mezod joined #rest
13:01 mooncup yeah exactly pdurbin
13:02 mooncup I've been reading this: http://www.vinaysahni.com/best-practices-for-a-pragmatic-restful-api#json-requests
13:02 mooncup the section I linked suggests that I use json for input as well as output
13:02 mooncup but I'm unsure as to whether that is just the opinion of the author rather than a generally accepted standard
13:02 mooncup most apis I've used seem to use the url
13:06 pdurbin yeah, especially search APIs
13:29 paul______ joined #rest
13:30 paul______ hello.   Are REST services documented these days in a similar way as SOAP services are ?
13:35 paul______ wow is REST dead ?
13:38 pith REST APIs are usually self describing so they don't need an immutable doc like SOAP does
13:46 mezod joined #rest
14:07 mooncup man I hate soap
14:07 mooncup had to write a soap server last week
14:07 mooncup it was awful :<
14:10 sfisque mooncup, now so, ever since EE5, it amounts to an annotation on a stateless ejb.
14:11 wsiqueir joined #rest
14:37 paul______ joined #rest
14:48 jangid joined #rest
15:10 jangid joined #rest
15:19 jangid joined #rest
15:22 jangid joined #rest
15:25 jangid joined #rest
15:35 jangid joined #rest
15:45 jangid joined #rest
15:49 timg___ joined #rest
16:29 jangid joined #rest
16:56 mezod joined #rest
17:37 foist joined #rest
17:45 jangid joined #rest
19:00 jangid joined #rest
20:07 Coldblackice joined #rest
21:29 talios joined #rest
22:09 Coldblackice joined #rest
22:17 fuzzyhorns joined #rest

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

https://trygvis.io/rest-wiki/