osmosis icon indicating copy to clipboard operation
osmosis copied to clipboard

Published 20 hours ago verified publisher icon openstreetmap

Allow cookies to be sent with HTTP replication requests

Open Nakaner opened this issue 6 years ago • 2 comments

This is work in process but feedback is appreciated.

Geofabrik's download server has been requiring an authentication cookie for all OSM data which contains sensitive personal metadata (username, user IDs, changeset IDs) since Thursday. Data protection regulations require us to ensure that only authorized users access personal metadata.

To use the new cookie support of Osmosis, users have to place a file called cookie.txt in the working directory next to the configuration.txt file. configuration.txt needs to be extended by a property attachCookie = true to enable cookie support.

The server-side authentication software is open source. There is also a client to retrieve cookies automatically (it is necessary to do this every 48 hours for security reasons).

I will add an additional call to the bot API [1] of the Geofabrik Download server to make it possible for Osmosis to check the validity of the cookie instead of checking for HTTP status 301 (redirect to osm.org OAuth authorization form).

The OSM Foundation might choose to use existing software to reduce the necessary work because they have to do similar changes to planet.openstreetmap.org.

This is a follow-up of https://github.com/geofabrik/sendfile_osm_oauth_protector/issues/2 raised by @pedro042

[1] unofficial name

Nakaner avatar May 07 '18 15:05 Nakaner