You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Zotero server implementation only accepts requests from 127.0.0.1 and localhost hosts. This should prevent access from the outside of the local machine.
Original browser connector endpoints provide mostly write-only functionality and thus might do well without auth on the API endpoints.
ZotServer endpoints provide wider access to the database and could be considered more risky to run.
As of now ZotServer does not provide auth functionality on the endpoints.
Current thinking is:
Zotero server implementation is currently accessible from local machine only
Local applications that intend to get read access to the database could do so by reading directly from SQLite database, so API authentication will not prevent unauthorized access
Your thoughts on the topic in this thread are highly appreciated!
The text was updated successfully, but these errors were encountered:
Zotero server implementation only accepts requests from
127.0.0.1
andlocalhost
hosts. This should prevent access from the outside of the local machine.Original browser connector endpoints provide mostly write-only functionality and thus might do well without auth on the API endpoints.
ZotServer endpoints provide wider access to the database and could be considered more risky to run.
As of now ZotServer does not provide auth functionality on the endpoints.
Current thinking is:
Your thoughts on the topic in this thread are highly appreciated!
The text was updated successfully, but these errors were encountered: