issue_comments: 650593122

This data as json

html_url issue_url id node_id user created_at updated_at author_association body reactions issue
https://github.com/simonw/datasette/issues/842#issuecomment-650593122 https://api.github.com/repos/simonw/datasette/issues/842 650593122 MDEyOklzc3VlQ29tbWVudDY1MDU5MzEyMg== 9599 2020-06-27T18:03:02Z 2020-06-27T18:03:10Z OWNER

Security thought: make sure it's not possible to accidentally open up a security hole where an attacker can send a GET request that causes the magic parameter _cookie_ds_actor to be resolved and returned as JSON data that the attacker can see.

This is an open security hole in https://github.com/simonw/datasette/commit/94c1315f0030fd58ce46a9294052c5c9d9d181c7 - it's useful for testing, but I need to remove it before I land that branch.

https://github.com/simonw/datasette/blob/94c1315f0030fd58ce46a9294052c5c9d9d181c7/datasette/views/database.py#L231-L237

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
638212085
Powered by Datasette · Query took 1.471ms · About: github-to-sqlite