Commit 058fd28d authored by Committed by GraceDBBrowse files
Prevent certificate or basic auth on AJAX requests to the API
Discovered that AJAX requests to the API from the web view were using certificates in people's browsers even if they were logged out of the Django session. So when they wanted to view the page as a public user they still saw some extra information. No security risk since they needed to have a valid certificate anyway, but a bit annoying.