Webpagemakerapi: Difference between revisions

→‎Risk considerations: changed from rel=nofollow to x-robots-tag
(→‎Risk considerations: changed from rel=nofollow to x-robots-tag)
 
(One intermediate revision by the same user not shown)
Line 39: Line 39:
== API Methods ==
== API Methods ==


These are all anonymous calls -- no auth is needed.
These are documented in the [https://github.com/mozilla/webpagemaker/tree/development/webpagemaker/api#readme API README].
 
<table>
  <tr>
    <td>Name</td>
    <td>Endpoint</td>
    <td>HTTP Method</td>
    <td>Parameters</td>
    <td>Return</td>
</tr>
  <tr>
    <td>Create Page</td>
    <td>/page</td>
    <td>POST</td>
    <td>Raw Post Data (HTML)</td>
      <td>Relative Short URL KEY id (eg. "ja5bn") which can be appended to the app index (eg. "http://webpagemakerapi.vcap.mozillalabs.com/ja5bn")</td>
  </tr>
  <tr>
    <td>Read Page</td>
    <td>/{short url id}</td>
    <td>GET</td>
    <td>short url id (in path)</td>
    <td>Sanitized ([http://pypi.python.org/pypi/bleach Bleach])</td>
  </tr>
</table>


== Stored Data ==
== Stored Data ==
Line 83: Line 59:
| Documents hosted via the API could be used as link farms
| Documents hosted via the API could be used as link farms
|  
|  
* nofollow attributes will be inserted in all "a" tags via Bleach
* Documents will be delivered with a <code>X-Robots-Tag: noindex, nofollow</code> header.
|-
|-
| Javascript could be used in a multitude of ways to compromise client machines
| Javascript could be used in a multitude of ways to compromise client machines
874

edits