Changes between Version 2 and Version 3 of Ticket #8612


Ignore:
Timestamp:
2013-04-16T10:58:26+02:00 (12 years ago)
Author:
stoecker
Comment:

I'm against 1, 2 and 5. These are things which should not be remotely controlled. Remote control is dangerous, it should not become a nightmare.

For 1: I could accept a similar feature, e.g. if we add something like "Don't show confirm request any more for this session".

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #8612

    • Property Cc simon04 removed

  • Ticket #8612 – Description

    v2 v3  
    771. Allow "noconfirm" option to `add_tags` parameter - do not show confirmation dialog at all (+one more security permission ? )
    88
    9 2. Allow separate request to return JOSM version (to check supporting extra functionality). Do we want to allow getting some more JOSM info, like installed plugins ?
     92. Allow separate request to return JOSM version (to check supporting extra fuctionality). Do we want to allow getting some more JOSM info, like installed plugins ?
    1010
    11113. Allow to add changeset tags that indicate using the specific validator/web tool by remote request (`changeset_tags` parameter?) , related to #8149
     
    1313-- From me:
    1414
    15 4. Document, enhance and use `zoom_mode` parameter  in all possible commands (see also #5669)
     154. Document, enchance and use `zoom_mode` parameter  in all possible commands (see also #5669)
    1616
    17 5. Add usage example to the reply on errors and empty parameter lists, #8228
    18 
    19 6. (most crazy) Support opening remote file with preferences http://josm.openstreetmap.de/wiki/Help/Preferences/ImportExport or execute configuration xml script sent in POST request if the user really agree with it. This could help to install plugins, specify imagery sources customize toolbars/styles/presets for team work.
     175. (most crazy) Support opening remote file with preferences http://josm.openstreetmap.de/wiki/Help/Preferences/ImportExport or execute configuration xml script sent in POST request if the user really agree with it. This could help to install plugins, specify imagery sources customize toolbars/styles/presets for team work.
    2018But there is possible security issue - for now, arbitrary JS execution is allowed and JS has full access to Java API. The code checker may be added to restrict the configuration, maybe forbid JS execution more complex than `${a==2 && b==3}`.
    2119