digital-paper-edit-client icon indicating copy to clipboard operation
digital-paper-edit-client copied to clipboard

Published 20 hours ago verified publisher icon bbc

Security tightened for API and Client communication

Open emettely opened this issue 5 years ago • 0 comments

Context

The security for the API is completely loose right now for easier experimentation. We do not yet have any business critical data in the API. However this will change and we should tighten communication of the API.

Issues relating to this: https://github.com/bbc/digital-paper-edit-api/pull/7

Todo

  1. Revert changes in https://github.com/bbc/digital-paper-edit-api/commit/ad0e351ed96eb95ac83d3d6aca7923ce72d542fd to be like this: https://github.com/bbc/digital-paper-edit-api/commit/b9d30f1156909c768a3468d17906dbafb239b59d
  2. set up requests using certs in the Client. This would imply that the cert is an optional environment variable.

emettely avatar Jul 04 '19 11:07 emettely