From: Dave Lawrence Date: Mon, 9 Sep 2013 17:22:31 +0000 (-0400) Subject: Bug 914196 - Documentation for User.login should state cookies not used for JSONRPC... X-Git-Tag: bugzilla-4.5.1~51 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9cacdb6cde7f37776139e84ef3bd667380ef779d;p=thirdparty%2Fbugzilla.git Bug 914196 - Documentation for User.login should state cookies not used for JSONRPC and REST when making future connections r/a=glob --- diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm index ba8640f3d7..22306a11f7 100644 --- a/Bugzilla/WebService/User.pm +++ b/Bugzilla/WebService/User.pm @@ -466,7 +466,9 @@ user that was logged in, and a C which can be passed in the parameters as authentication in other calls. A set of http cookies is also sent with the response. These cookies *or* the token can be sent along with any future requests to the webservice, for the duration of the -session. +session. Note that cookies are not accepted for GET requests for JSONRPC +and REST for security reasons. You may, however, use the token or valid +login parameters for those requests. =item B