diff options
author | Torsten Grote <t@grobox.de> | 2020-05-22 08:31:06 -0300 |
---|---|---|
committer | Torsten Grote <t@grobox.de> | 2020-05-22 08:31:06 -0300 |
commit | 875a6a5bd3ba991050e459aa79f1bde808a1618a (patch) | |
tree | f9e1c7cfab10aea1c6f0ab56d2c2737c8138d224 | |
parent | ce1034a12e0e1857a13c696384fc5dd41c3e3b4d (diff) | |
download | docs-875a6a5bd3ba991050e459aa79f1bde808a1618a.tar.gz docs-875a6a5bd3ba991050e459aa79f1bde808a1618a.tar.bz2 docs-875a6a5bd3ba991050e459aa79f1bde808a1618a.zip |
Fix taler://sync Uri in sync core API section
-rw-r--r-- | core/api-sync.rst | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/core/api-sync.rst b/core/api-sync.rst index 0b692b2d..2add73ef 100644 --- a/core/api-sync.rst +++ b/core/api-sync.rst @@ -374,11 +374,11 @@ Synchronization user experience The menu should include three entries for synchronization: * "synchronize" to manually trigger synchronization, - insensitive if no synchronization provider is available + insensitive if no synchronization provider is available * "export backup configuration" to re-display (and possibly - print) the synchronization and backup parameters (URL and - private key), insensitive if no synchronization - provider is available, and + print) the synchronization and backup parameters (URL and + private key), insensitive if no synchronization + provider is available, and * "import backup configuration" to: * import another devices' synchronization options @@ -397,10 +397,10 @@ private key. It is likely better to map private keys to trustwords (PEP-style). Also, when putting private keys into a QR code, there is the danger of the QR code being scanned and interpreted as a "public" URL. Thus, the QR code should use the schema -"taler-sync://$SYNC-DOMAIN/$SYNC-PATH#private-key" where -"$SYNC-DOMAIN" is the domainname of the synchronization service and -$SYNC-PATH the (usually empty) path. By putting the private key after -"#", we may succeed in disclosing the value even to eager Web-ish +``taler://sync/$SYNC-DOMAIN/$SYNC-PATH#private-key`` where +``$SYNC-DOMAIN`` is the domainname of the synchronization service and +``$SYNC-PATH`` the (usually empty) path. By putting the private key after +``#``, we may succeed in disclosing the value even to eager Web-ish interpreters of URLs. Note that the actual synchronization service must use the HTTPS protocol, which means we can leave out this prefix. |