Closed Bug 863403 Opened 12 years ago Closed 12 years ago

Consider not returning user email in search results

Categories

(Webmaker Graveyard :: MakeAPI, defect)

Product:
Webmaker Graveyard
Component:
MakeAPI
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: thecount, Assigned: mjschranz)

Details

(Whiteboard: u=dev c=makeAPI p=1 s=2013w17)

Attachments

(1 file)

https://github.com/mozilla/MakeAPI/pull/20
42 bytes, text/x-github-pull-request
cade
: review+
Details | Review
If searching the api is a public facing thing, we should not be returning emails in this result. Right now, I am using author to store the email, should probably not be the case. Author should be a written name, and email should probably be private. I'm not too familiar with this, so not sure on the normal way to deal with this sort of thing. Maybe do not store email at all and try to get it to work with a written name?
I honestly don't know the right approach here. I'm thinking we could easily enough ensure that emails aren't returned in the data (and change author to be a custom name someone chooses to use) but I don't know how important it is. Going to pass this along for some feedback.
Flags: needinfo?(david.humphrey)
We're moving to user domains (bug #863341), and therefore unique usernames which we can use to lookup email addresses. I agree that handing-out email addresses is a no-go. We've also been discussing today what the access to the Make API should be. Should we have an internal (node-to-node) version, and external (browser-to-node) version, each of which does something slightly different? In general, we probably don't want to give open access to everything in the Make API, or if we do, we have to be careful about how and what we write to it.
Flags: needinfo?(david.humphrey)
The only thing that at this point has been designed for open access is searching makes. Creation, deletion and updating are all restricted to authentication. Is there a bug on keeping two different versions of the API? Not sure I'm following on the benefit of it unless I've just missed something in the talk about security for the API.
Assignee: nobody → schranz.m
Status: NEW → ASSIGNED
This changes Author to be more in line with how our tools have been using author data. It adds email to the schema and makes it private in the following ways: - It won't appear in data returned from searches. - It won't appear in data returned when removing a Make. It will appear when creating/updating a make. At this point these only happen server side ( and would require authentication anyway ). Is this enough for what we want? Or do we want manual parsing to prevent it appearing in all cases?
Attachment #739962 - Flags: review?(david.humphrey)
Comment on attachment 739962 [details] [review] https://github.com/mozilla/MakeAPI/pull/20 I took a look at this, but I'm probably not the right reviewer for your changes. One of Chris or Simon should probably also take a look.
Attachment #739962 - Flags: review?(swex)
Attachment #739962 - Flags: review?(david.humphrey)
Attachment #739962 - Flags: review?(chris)
Comment on attachment 739962 [details] [review] https://github.com/mozilla/MakeAPI/pull/20 See Pull Request comments
Attachment #739962 - Flags: review?(chris) → review-
Comment on attachment 739962 [details] [review] https://github.com/mozilla/MakeAPI/pull/20 Fixed up review comments.
Attachment #739962 - Flags: review- → review?(chris)
Whiteboard: u=dev c=makeAPI p=1 s=2013w17
Attachment #739962 - Flags: review?(swex)
Attachment #739962 - Flags: review?(chris)
Attachment #739962 - Flags: review+
Staged on master: https://github.com/mozilla/MakeAPI/commit/f9293d4da364c7711a85ec8e42881b48200e5dea
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Attachment mime type: text/plain → text/x-github-pull-request
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: