issue_comments
5 rows where author_association = "OWNER" and issue = 631300342 sorted by updated_at descending
This data as json, CSV (advanced)
Suggested facets: created_at (date), updated_at (date)
issue 1
- CSRF protection · 5 ✖
id | html_url | issue_url | node_id | user | created_at | updated_at ▲ | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
639712835 | https://github.com/simonw/datasette/pull/798#issuecomment-639712835 | https://api.github.com/repos/simonw/datasette/issues/798 | MDEyOklzc3VlQ29tbWVudDYzOTcxMjgzNQ== | simonw 9599 | 2020-06-05T18:53:32Z | 2020-06-05T18:53:32Z | OWNER | Add unit tests illustrating the |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
CSRF protection 631300342 | |
639685550 | https://github.com/simonw/datasette/pull/798#issuecomment-639685550 | https://api.github.com/repos/simonw/datasette/issues/798 | MDEyOklzc3VlQ29tbWVudDYzOTY4NTU1MA== | simonw 9599 | 2020-06-05T18:20:34Z | 2020-06-05T18:20:34Z | OWNER | I'm solving the compatibility with caching problem in this ticket: https://github.com/simonw/asgi-csrf/issues/7 |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
CSRF protection 631300342 | |
639269994 | https://github.com/simonw/datasette/pull/798#issuecomment-639269994 | https://api.github.com/repos/simonw/datasette/issues/798 | MDEyOklzc3VlQ29tbWVudDYzOTI2OTk5NA== | simonw 9599 | 2020-06-05T05:36:35Z | 2020-06-05T05:38:25Z | OWNER | Django docs on CSRF and caching: https://docs.djangoproject.com/en/3.0/ref/csrf/#caching
So the cookie is only set for pages that included a hidden csrftoken form field! This could work. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
CSRF protection 631300342 | |
639269559 | https://github.com/simonw/datasette/pull/798#issuecomment-639269559 | https://api.github.com/repos/simonw/datasette/issues/798 | MDEyOklzc3VlQ29tbWVudDYzOTI2OTU1OQ== | simonw 9599 | 2020-06-05T05:34:56Z | 2020-06-05T05:35:23Z | OWNER | I don't want to set a cookie on a page response that is being cached. Right now the ASGI middleware will be doing exactly that, which is bad. But how do I get certainty that when you load a page with a form that will be CSRF protected you have been served the cookie? Maybe those pages should do something explicit to the request object indicating that the cookie is needed? That works for Datasette (since it has mutable request objects) but I'm not sure how it would work in the asgi-csrf pure ASGI middleware context. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
CSRF protection 631300342 | |
639249743 | https://github.com/simonw/datasette/pull/798#issuecomment-639249743 | https://api.github.com/repos/simonw/datasette/issues/798 | MDEyOklzc3VlQ29tbWVudDYzOTI0OTc0Mw== | simonw 9599 | 2020-06-05T04:23:01Z | 2020-06-05T04:23:01Z | OWNER | Needs unit tests. More importantly: needs very, very careful consideration of how this plays with HTTP caching. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
CSRF protection 631300342 |
Advanced export
JSON shape: default, array, newline-delimited, object
CREATE TABLE [issue_comments] ( [html_url] TEXT, [issue_url] TEXT, [id] INTEGER PRIMARY KEY, [node_id] TEXT, [user] INTEGER REFERENCES [users]([id]), [created_at] TEXT, [updated_at] TEXT, [author_association] TEXT, [body] TEXT, [reactions] TEXT, [issue] INTEGER REFERENCES [issues]([id]) , [performed_via_github_app] TEXT); CREATE INDEX [idx_issue_comments_issue] ON [issue_comments] ([issue]); CREATE INDEX [idx_issue_comments_user] ON [issue_comments] ([user]);
user 1