{"html_url": "https://github.com/simonw/datasette/issues/1377#issuecomment-867209791", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/1377", "id": 867209791, "node_id": "MDEyOklzc3VlQ29tbWVudDg2NzIwOTc5MQ==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2021-06-23T22:51:32Z", "updated_at": "2021-06-23T22:51:32Z", "author_association": "OWNER", "body": "Documentation: https://docs.datasette.io/en/latest/plugin_hooks.html#skip-csrf-datasette-scope", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 920884085, "label": "Mechanism for plugins to exclude certain paths from CSRF checks"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/1377#issuecomment-861089794", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/1377", "id": 861089794, "node_id": "MDEyOklzc3VlQ29tbWVudDg2MTA4OTc5NA==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2021-06-15T00:53:29Z", "updated_at": "2021-06-15T00:53:29Z", "author_association": "OWNER", "body": "Potential hook names:\r\n\r\n- `skip_csrf(scope, datasette)`\r\n- ... I can't think of any other ones I would tolerate to be honest", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 920884085, "label": "Mechanism for plugins to exclude certain paths from CSRF checks"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/1377#issuecomment-861087949", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/1377", "id": 861087949, "node_id": "MDEyOklzc3VlQ29tbWVudDg2MTA4Nzk0OQ==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2021-06-15T00:49:19Z", "updated_at": "2021-06-15T00:49:19Z", "author_association": "OWNER", "body": "The new `skip_if_scope` mechanism in `asgi-csrf` https://github.com/simonw/asgi-csrf/issues/20 is designed to help here.\r\n\r\nNow I need to design a plugin hook that allows plugins to have an opinion on whether a specific `scope` should have CSRF skipped.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 920884085, "label": "Mechanism for plugins to exclude certain paths from CSRF checks"}, "performed_via_github_app": null}