Uploaded image for project: 'Moodle Community Sites'
  1. Moodle Community Sites
  2. MDLSITE-6597

Sesskey in api page for plugins directory

    XMLWordPrintable

Details

    Description

      When you want to use the plugins directory api to get your keys you have to go to this bespoke page:

      https://moodle.org/plugins/api.php?sesskey=xxxxxx  

      1) But this page has a sesskey in it which is wrong, urls should never have a sesskey in the visible url. eg you cannot deep link directly to this page

      2) It's not clear why this page exists, when core has a page for managing tokens:

      /user/managetoken.php

      Is there a reason why we can't just use this page and turn on this capability?

      Attachments

        Issue Links

          has a non-specific relationship to

          Improvement - An enhancement to an existing Moodle feature. MDL-73088 Refactor /user/managetoken.php to allow all user keys to be managed and revoked

          • Minor - Minor loss of function where workaround is possible
          • Open

          Activity

            People

              Unassigned Unassigned
              brendanheywood Brendan Heywood
              David Mudrák (@mudrd8mz)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: