Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
An additional contributed module, Services Log, provides extensive logging and an administrative interface to easily analyze logged activity: Find Services events by API endpoint, values sent or receive, or partial string match on the json/xml as raw text.
This page is used as documentation for Services Security. It is unfortunate that issues come up that affect Services, but running the latest version of Services should help mitigate any issues.
If you see an issue and think it is security related, please follow the instructions here
The services module limits the amount of taxonomy vocabularies and taxonomy terms it shows to 20 by default.
This is how you can configure it to serve more vocabularies/terms:
For Drupal 6 add this to the database:
for terms:
insert into variable VALUES ('services_taxonomy_term_index_page_size', 'i:200;');
for vocabularies:
insert into variable VALUES ('services_taxonomy_vocabulary_index_page_size', 'i:100;');
services_content_lock adds Services support to the community module called content_lock that will prevent two users from editing the same node concurrently. This module exposes the main operations of content_lock through Services as a resource, so that content locking can be done over a web service API such as REST. The main operations it currently implements are retrieve, create, and delete. This page will document how to use the operations in this resource.
Operations
The operations this resource implements for content_lock are:
retrieve - Find out if a node is locked and get info about a lock e.g. who owns the lock and when it was created.
create - Create a new content lock on a node. Locks a node preventing other users from editing it.
delete - Deletes an existing lock on a node. Only the lock owner may delete the lock.
Below each operation is documented in detail, including example CURL commands.