github: issue_comments: 5 rows where issue = 631300342

5 rows where issue = 631300342

Search:

descending

id ▼	html_url	issue_url	node_id	user	created_at	updated_at	author_association	body	reactions	issue
639249743	https://github.com/simonw/datasette/pull/798#issuecomment-639249743	https://api.github.com/repos/simonw/datasette/issues/798	MDEyOklzc3VlQ29tbWVudDYzOTI0OTc0Mw==	simonw 9599	2020-06-05T04:23:01Z	2020-06-05T04:23:01Z	OWNER	Needs unit tests. More importantly: needs very, very careful consideration of how this plays with HTTP caching.	{"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0}	CSRF protection 631300342
639269559	https://github.com/simonw/datasette/pull/798#issuecomment-639269559	https://api.github.com/repos/simonw/datasette/issues/798	MDEyOklzc3VlQ29tbWVudDYzOTI2OTU1OQ==	simonw 9599	2020-06-05T05:34:56Z	2020-06-05T05:35:23Z	OWNER	I don't want to set a cookie on a page response that is being cached. Right now the ASGI middleware will be doing exactly that, which is bad. But how do I get certainty that when you load a page with a form that will be CSRF protected you have been served the cookie? Maybe those pages should do something explicit to the request object indicating that the cookie is needed? That works for Datasette (since it has mutable request objects) but I'm not sure how it would work in the asgi-csrf pure ASGI middleware context.	{"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0}	CSRF protection 631300342
639269994	https://github.com/simonw/datasette/pull/798#issuecomment-639269994	https://api.github.com/repos/simonw/datasette/issues/798	MDEyOklzc3VlQ29tbWVudDYzOTI2OTk5NA==	simonw 9599	2020-06-05T05:36:35Z	2020-06-05T05:38:25Z	OWNER	Django docs on CSRF and caching: https://docs.djangoproject.com/en/3.0/ref/csrf/#caching > If the csrf_token template tag is used by a template (or the get_token function is called some other way), CsrfViewMiddleware will add a cookie and a Vary: Cookie header to the response. This means that the middleware will play well with the cache middleware if it is used as instructed So the cookie is only set for pages that included a hidden csrftoken form field! This could work.	{"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0}	CSRF protection 631300342
639685550	https://github.com/simonw/datasette/pull/798#issuecomment-639685550	https://api.github.com/repos/simonw/datasette/issues/798	MDEyOklzc3VlQ29tbWVudDYzOTY4NTU1MA==	simonw 9599	2020-06-05T18:20:34Z	2020-06-05T18:20:34Z	OWNER	I'm solving the compatibility with caching problem in this ticket: https://github.com/simonw/asgi-csrf/issues/7	{"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0}	CSRF protection 631300342
639712835	https://github.com/simonw/datasette/pull/798#issuecomment-639712835	https://api.github.com/repos/simonw/datasette/issues/798	MDEyOklzc3VlQ29tbWVudDYzOTcxMjgzNQ==	simonw 9599	2020-06-05T18:53:32Z	2020-06-05T18:53:32Z	OWNER	Add unit tests illustrating the `Vary: Cookie` header and I'm done here.	{"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0}	CSRF protection 631300342

Advanced export

JSON shape: default, array, newline-delimited, object

CREATE TABLE [issue_comments] (
   [html_url] TEXT,
   [issue_url] TEXT,
   [id] INTEGER PRIMARY KEY,
   [node_id] TEXT,
   [user] INTEGER REFERENCES [users]([id]),
   [created_at] TEXT,
   [updated_at] TEXT,
   [author_association] TEXT,
   [body] TEXT,
   [reactions] TEXT,
   [issue] INTEGER REFERENCES [issues]([id])
, [performed_via_github_app] TEXT);
CREATE INDEX [idx_issue_comments_issue]
                ON [issue_comments] ([issue]);
CREATE INDEX [idx_issue_comments_user]
                ON [issue_comments] ([user]);