Bug 914196 - Documentation for User.login should state cookies not used for…

Bug 914196 - Documentation for User.login should state cookies not used for JSONRPC and REST when making future connections r/a=glob

Bug 914196 - Documentation for User.login should state cookies not used for…
9cacdb6c · Dave Lawrence · a84cc300 · 9cacdb6c
Commit 9cacdb6c authored Sep 09, 2013 by Dave Lawrence
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

User.pm Bugzilla/WebService/User.pm +3 -1

No files found.
--- a/Bugzilla/WebService/User.pm
+++ b/Bugzilla/WebService/User.pm
@@ -466,7 +466,9 @@ user that was logged in, and a C<token> which can be passed in
 the parameters as authentication in other calls. A set of http cookies
 is also sent with the response. These cookies *or* the token can be sent
 along with any future requests to the webservice, for the duration of the
-session.
+session. Note that cookies are not accepted for GET requests for JSONRPC
+and REST for security reasons. You may, however, use the token or valid
+login parameters for those requests.

 =item B<Errors>