6.0.0-alpha10
▾
Tasks
New Task
Search
Photos
Wiki
▾
Tickets
New Ticket
Search
dev.horde.org
Toggle Alerts Log
Help
5/15/25
H
istory
A
ttachments
C
omment
W
atch
Download
Comment on [#8200] Aviary's Phoenix image editor support
*
Your Email Address
*
Spam protection
Enter the letters below:
. ..__ .___.. ..__ | |[__) | \ /[__) |__|[__) | \/ |
Comment
> Looking at this further, I think we should probably wait until this > API matures a bit, or the "advanced api" version is implemented. With > the simple API there is no shared secret between the client server > and Aviary, only a client specified identifier for each image that is > passed to Aviary in a GET request. After saving the image, Aviary > POSTS back to the client server a URL to find the new image, along > with the same identifier that was originally passed in the clear via > GET. So, unless I'm missing something, it would theoretically be > possible for a 3rd party to hijack this identifier and cause the > user's image to be replaced.
Attachment
Watch this ticket
N
ew Ticket
M
y Tickets
S
earch
Q
uery Builder
R
eports
Saved Queries
Open Bugs
Bugs waiting for Feedback
Open Bugs in Releases
Open Enhancements
Enhancements waiting for Feedback
Bugs with Patches
Enhancements with Patches
Release Showstoppers
Stalled Tickets
New Tickets
Horde 5 Showstoppers