AJAX interactive nterface to OSM - and a security question
Now I've got Freemap-OSM up and running (see previous posts) I would like
to implement an interactive web-based interface similar to that I've
already implemented on Freemap (www.free-map.org.uk)
This would include the following features to start with:
* logged-in users can add new points of interest to OSM, edit points of
interest, or delete points of interest, by clicking on the map;
* when a user hovers the mouse over a point of interest, a description of
it comes up.
However there are a couple of issues with this, relating to the fact that
Freemap-OSM and OpenStreetMap itself are on different servers (AJAX scripts
cannot communicate with servers other than the originating server).
I would need to write a "proxy" script on the Freemap server which relays
the new point of interest that a user has added on to OpenStreetMap. To do
that, the Freemap server would need to be aware of a user's OpenStreetMap
username and password. This would mean I would need to get existing OSM
users to signup for a Freemap-OSM account too, using their OSM username and
password. In other words, the Freemap server would store a user's OSM
username and password in the database. The OSM password would be
md5-encrypted. Would anyone have any concerns over this?
The alternative would be for me to put Freemap-OSM on the actual
OpenStreetMap server - then maybe (as Tom suggested in trac) a user could
choose between the existing viewer and the Freemap-OSM viewer.
Re: AJAX interactive nterface to OSM - and a security question
> The alternative would be for me to put Freemap-OSM on the actual
> OpenStreetMap server - then maybe (as Tom suggested in trac) a user could
> choose between the existing viewer and the Freemap-OSM viewer.
I would prefer this solution, to avoid sending passwords between the
servers, and also to gather OSM stuff in one location.