search

nteract / bookstore

📚 Notebook storage and publishing workflows for the masses
https://bookstore.readthedocs.io
BSD 3-Clause "New" or "Revised" License
202 stars 23 forks source link

Review misc files from PR #75 #89

Closed willingc closed 5 years ago

willingc commented 5 years ago
todo[bot] commented 5 years ago

review security https://github.com/nteract/bookstore/pull/75#discussion_r280782423

https://github.com/nteract/bookstore/blob/e1f8f5b3be85b22ca1bf38b9e301d6e133f5dc39/bookstore/clone.html#L29-L32

This comment was generated by todo based on a TODO comment in e1f8f5b3be85b22ca1bf38b9e301d6e133f5dc39 in #89. cc @willingc.
mpacer commented 5 years ago

@captainsafia did I not address your concern by creating a getCookieByName function as you had requested? I'm a little confused as to what needs to be addressed here…

captainsafia commented 5 years ago

Catching up with this conversation.

I was referring to creating a getCookieByName function that did not use regex. The getCookie method used in the notebook code base is copied from the Tornado docs. While it suffices, I think an alternate approach (like splitting on semi-colons and parsing the key values) is easier to read. It's also the approach taken by the js-cookie package that we use rx-jupyter.

willingc commented 5 years ago

Opened #104 and closing this PR in preparation for release.