yeah the api could be made more robust on the server side, however that would require quite some work and i don't have the time to do it.fingon wrote:I'd guess you could just have the server-side ban anyone doing more than X ops/hour from one IP, doesn't sound like rocket science to me :-) Also, the access isn't anonymous anyway so I don't see the point - sure, they might at best cause some annoyance once but then they'd be gone.
i don't think that we'll have problems with ppl who actively try to break anidb, at least not many of them.fingon wrote:And as deterrence method, even with current client authentication scheme I could spam requests easily enough with unauthenticated code, how to do it as left as exercise to the reader.
but if the API specs were open and everyone could write his own little client at least 2/3 of them would be broken in some way (from the API point).
I am glad to hear that :o)fingon wrote:..., but I don't personally care for fork in the project anyway so it's academic point only.
so?fingon wrote:That's the major problem, most people in world (from my experience with few projects, both CSS and OSS) are not _seriously_ interested, they usually care only about some changes to the existing status quo within projects and the more they need to work to get changes done, the less likely they're to do anything useful.
BYe!
EXP