issue_comments
13 rows where issue = 1469973742
This data as json, CSV (advanced)
Suggested facets: created_at (date), updated_at (date)
| id ▼ | html_url | issue_url | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1332492092 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332492092 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PbDc8 | simonw 9599 | 2022-11-30T17:17:21Z | 2022-11-30T17:17:21Z | OWNER | I tried running `fetch()` with a POST from a separate domain and got a browser error because it did a GET against the `/db/-/create` endpoint and the 405 method not supported response did not include the CORS headers. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332493004 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332493004 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PbDrM | simonw 9599 | 2022-11-30T17:18:10Z | 2022-11-30T17:18:10Z | OWNER | Here's why: https://github.com/simonw/datasette/blob/4ddd77e51254bda3bac990ea662bac2e6b29c5e0/datasette/views/base.py#L71-L79 That's code in `BaseView` - but it turns out the code that adds CORS headers is in the `DataView` subclass of that (which the various write API endpoints do not use). https://github.com/simonw/datasette/blob/4ddd77e51254bda3bac990ea662bac2e6b29c5e0/datasette/views/base.py#L158-L162 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332504654 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332504654 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PbGhO | simonw 9599 | 2022-11-30T17:27:39Z | 2022-11-30T17:27:39Z | OWNER | I'll test this once it's deployed to https://latest.datasette.io/ | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332561059 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332561059 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PbUSj | simonw 9599 | 2022-11-30T18:19:20Z | 2022-11-30T18:19:20Z | OWNER | Two test failures: ``` ____________________________ test_homepage_options _____________________________ [gw0] linux -- Python 3.11.0 /opt/hostedtoolcache/Python/3.11.0/x64/bin/python app_client = <datasette.utils.testing.TestClient object at 0x7f4c489269d0> def test_homepage_options(app_client): response = app_client.get("/", method="OPTIONS") > assert response.status == 405 E assert 200 == 405 E + where 200 = <datasette.utils.testing.TestResponse object at 0x7f4c4892f4d0>.status /home/runner/work/datasette/datasette/tests/test_html.py:58: AssertionError ______________________ test_client_methods[options-/-405] ______________________ [gw1] linux -- Python 3.11.0 /opt/hostedtoolcache/Python/3.11.0/x64/bin/python datasette = <datasette.app.Datasette object at 0x7fc33c227550> method = 'options', path = '/', expected_status = 405 @pytest.mark.asyncio @pytest.mark.parametrize( "method,path,expected_status", [ ("get", "/", 200), ("options", "/", 405), ("head", "/", 200), ("put", "/", 405), ("patch", "/", 405), ("delete", "/", 405), ], ) async def test_client_methods(datasette, method, path, expected_status): client_method = getattr(datasette.client, method) response = await client_method(path) assert isinstance(response, httpx.Response) > assert response.status_code == expected_status E assert 200 == 405 E + where 200 = <Response [200 OK]>.status_code /home/runner/work/datasette/datasette/tests/test_internals_datasette_client.py:29: AssertionError =============================== warnings summary =============================== tests/test_cli.py::test_inspect_cli_writes_to_file tests/test_cli.py::test_inspect_cli /home/runner/work/datasette/datasette/datasette/cli.py:163: DeprecationWarning: There is no current event loop loop = asyncio.get_event_loop() tests/test_cli_serve_ge… | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332561813 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332561813 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PbUeV | simonw 9599 | 2022-11-30T18:20:05Z | 2022-11-30T18:20:05Z | OWNER | Weird, GitHub reply with a 404! ``` ~ % curl -X OPTIONS https://github.com/ -i HTTP/2 404 server: GitHub.com date: Wed, 30 Nov 2022 18:19:39 GMT content-type: text/html; charset=utf-8 content-length: 0 strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com objects-origin.githubusercontent.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com objects-origin.githubusercontent.com secured-user-images.githubusercontent.com/ opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/ vary: Accept-Encoding, Accept, X-Requested-With x-github-request-id: DD6B:5ACA:102E8A6:1164A99:6387… | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332572453 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332572453 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PbXEl | simonw 9599 | 2022-11-30T18:30:38Z | 2022-11-30T18:30:54Z | OWNER | Started a conversation about how OPTIONS should work on Mastodon: https://fedi.simonwillison.net/@simon/109434148676475291 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332580395 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332580395 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PbZAr | simonw 9599 | 2022-11-30T18:38:22Z | 2022-11-30T18:38:22Z | OWNER | > [@simon](https://fedi.simonwillison.net/@simon) IMO, it should always be a 2XX series response, typically with no content & an extra `Allow` header with a list of HTTP verbs it responds to. https://mastodon.social/@daniellindsley/109434186252099323 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332585861 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332585861 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PbaWF | simonw 9599 | 2022-11-30T18:43:46Z | 2022-11-30T18:43:46Z | OWNER | Here's what Django Rest Framework does: https://github.com/encode/django-rest-framework/blob/1ae812ea209392ad76cc5d2f35f9f7fb337f63e4/rest_framework/views.py#L514-L521 ```python def options(self, request, *args, **kwargs): """ Handler method for HTTP 'OPTIONS' request. """ if self.metadata_class is None: return self.http_method_not_allowed(request, *args, **kwargs) data = self.metadata_class().determine_metadata(request, self) return Response(data, status=status.HTTP_200_OK) ``` That default `determine_metadata` method looks like this: https://github.com/encode/django-rest-framework/blob/1ae812ea209392ad76cc5d2f35f9f7fb337f63e4/rest_framework/metadata.py#L61-L71 ```python def determine_metadata(self, request, view): metadata = OrderedDict() metadata['name'] = view.get_view_name() metadata['description'] = view.get_view_description() metadata['renders'] = [renderer.media_type for renderer in view.renderer_classes] metadata['parses'] = [parser.media_type for parser in view.parser_classes] if hasattr(view, 'get_serializer'): actions = self.determine_actions(request, view) if actions: metadata['actions'] = actions return metadata ``` | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332688245 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332688245 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PbzV1 | simonw 9599 | 2022-11-30T20:15:08Z | 2022-11-30T20:15:08Z | OWNER | Still getting a CORS error: <img width="1367" alt="image" src="https://user-images.githubusercontent.com/9599/204898990-b1370950-8ae5-4c95-8f7f-42b4a7a717e7.png"> My hunch is this is because I'm not sending `Access-Control-Allow-Methods: GET,HEAD,POST`. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332689547 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332689547 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PbzqL | simonw 9599 | 2022-11-30T20:16:21Z | 2022-11-30T20:16:46Z | OWNER | That notebook: ```javascript viewof token = Inputs.text({ label: "Your API token" }) ``` ```javascript viewof createResponse = Inputs.button("Create table", { value: null, reduce: async () => { const response = await fetch( "https://latest.datasette.io/ephemeral/-/create", { method: "POST", mode: "cors", headers: { Authorization: `Bearer {$token}`, "Content-Type": "application/json" }, body: JSON.stringify({ table: "my_new_table", row: { task: "Demonstrate a JSON creation from another domain" } }) } ); return await response.json(); } }) ``` Based on this tip: https://talk.observablehq.com/t/best-pattern-for-click-here-to-submit-your-results-to-an-api-backend/7353/3 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332698636 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332698636 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5Pb14M | simonw 9599 | 2022-11-30T20:25:50Z | 2022-11-30T20:25:50Z | OWNER | I just shipped this: Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS I'll try this out on `latest.datasette.io` - but I need to research more to check if this is a safe thing to do or not. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332855687 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332855687 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5PccOH | simonw 9599 | 2022-11-30T23:09:31Z | 2022-11-30T23:09:31Z | OWNER | Still getting a CORS header. I tried it in Chrome, which outputs helpful messages to the console: <img width="671" alt="image" src="https://user-images.githubusercontent.com/9599/204927523-4b9860f5-4400-4dd5-a036-de9f07f31c5f.png"> | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 | |
| 1332903011 | https://github.com/simonw/datasette/issues/1922#issuecomment-1332903011 | https://api.github.com/repos/simonw/datasette/issues/1922 | IC_kwDOBm6k_c5Pcnxj | simonw 9599 | 2022-11-30T23:45:29Z | 2022-11-30T23:45:29Z | OWNER | That worked for the preflight request - got this now: <img width="1377" alt="image" src="https://user-images.githubusercontent.com/9599/204931998-d70df6c0-723b-4543-b8c4-601c00fe4b10.png"> So it looks like error responses (in this case for permission denied) are missing CORS headers. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Make sure CORS works for write APIs 1469973742 |
Advanced export
JSON shape: default, array, newline-delimited, object
CREATE TABLE [issue_comments] (
[html_url] TEXT,
[issue_url] TEXT,
[id] INTEGER PRIMARY KEY,
[node_id] TEXT,
[user] INTEGER REFERENCES [users]([id]),
[created_at] TEXT,
[updated_at] TEXT,
[author_association] TEXT,
[body] TEXT,
[reactions] TEXT,
[issue] INTEGER REFERENCES [issues]([id])
, [performed_via_github_app] TEXT);
CREATE INDEX [idx_issue_comments_issue]
ON [issue_comments] ([issue]);
CREATE INDEX [idx_issue_comments_user]
ON [issue_comments] ([user]);