Hi guys,
we just bought certificate for api.opensubtitles.org - so now it is possible to access it using https. Please use it just for LOGIN(), other methods are not officially supported for https (but they work for now).
Check the certificate here
https://www.ssllabs.com/ssltest/analyze ... Results=on
Forum rules
Under no circumstances is spamming or advertising of any kind allowed. Do not post any abusive, obscene, vulgar, slanderous, hateful, threatening, sexually-orientated or any other material that may violate others security. Profanity or any kind of insolent behavior to other members (regardless of rank) will not be tolerated. Remember, what you don’t find offensive can be offensive to other members. Please treat each other with the kind of reverence you’d expect from other members.
Failure to comply with any of the above will result in users being banned without notice. If any further details are needed, contact: “The team” using the link at the bottom of the forum page. Thank you.
Under no circumstances is spamming or advertising of any kind allowed. Do not post any abusive, obscene, vulgar, slanderous, hateful, threatening, sexually-orientated or any other material that may violate others security. Profanity or any kind of insolent behavior to other members (regardless of rank) will not be tolerated. Remember, what you don’t find offensive can be offensive to other members. Please treat each other with the kind of reverence you’d expect from other members.
Failure to comply with any of the above will result in users being banned without notice. If any further details are needed, contact: “The team” using the link at the bottom of the forum page. Thank you.
Re: HTTPS support for API
1)
Awesome! Making sure passwords are sent via encrypted connections improves security quite a bit.
2)
I'd be great if the clear-text password wasn't stored client-side neither. For example an option password_sha256 parameter in the LogIn function that can be passed instead of password that'll take a hash of the password. Something like sha256( encodeUTF8( OpenSubtitles + $PASSWORD ) ) hex-encoded.
Awesome! Making sure passwords are sent via encrypted connections improves security quite a bit.
2)
I'd be great if the clear-text password wasn't stored client-side neither. For example an option password_sha256 parameter in the LogIn function that can be passed instead of password that'll take a hash of the password. Something like sha256( encodeUTF8( OpenSubtitles + $PASSWORD ) ) hex-encoded.
Re: HTTPS support for API
1) maybe in the future we will make it for www too
2) not possible. we store password as hash, so we dont know user passwords.
(it would be possible, when user successfully log in and then we create this hash in table...)
2) not possible. we store password as hash, so we dont know user passwords.
(it would be possible, when user successfully log in and then we create this hash in table...)
Re: HTTPS support for API
Would it be possible to login with just that hash? It makes sense that you don't store passwords on the server side, so i'd like to do the same on the client side.we store password as hash
Who is online
Users browsing this forum: No registered users and 69 guests