Custom Query (2152 matches)

Reported by dread, 3 years ago.

$ curl "http://127.0.0.1:5000/api/rest/package/annakarenina?callback=<script>jsoncallback"

gives:

<script>jsoncallback({"id": "c10ebd31-5b45-4f6f-885d-dca9b18caec4", "name": "annakarenina", "title": "A Novel By Tolstoy",

which could run script code in the client who made the call.

One idea for filtering: ​http://tav.espians.com/sanitising-jsonp-callback-identifiers-for-security.html Maybe just better to have a restricted whitelist of characters to be even more sure.

Same as: ​https://trac.dataco.coi.gov.uk/projects/datagov/ticket/906

Reported by shevski, 22 months ago.

1. file uploads on dataset creation
2. create dataset validation
3. create dataset slugs
4. Add dataset to group process: pop-up allowing you to quickly search for a pick a dataset to add to group. Must check you have necc auth over dataset to be added validation of user name
5. Language box
6. toggling activity stream
7. Search sorting
8. autocomplete on tags
9. add and remove custom fields on forms
10. the rest: tooltip on popular datasets with number of views

facets to update automatically

creating a dataset without reloading page between steps

hover on licences information

autocomplete on search terms

group filtering

add comment to datasets

social share buttons in lightboxes

dataset counts on homepage?