Simon Li
Simon Li
Any there any potential security issues with passing through arbitrary parameters unchecked to the oauth provider?
@kreuzert I think it's fine to force push to this branch.
Is this still an issue for you?
https://tools.ietf.org/html/rfc6749#section-2.3.1 > Clients in possession of a client password MAY use the HTTP Basic authentication scheme as defined in [RFC2617] to authenticate with the authorization server. The client identifier is...
Have you tried setting `c.GlobusOAuthenticator.username_from_email = True`? https://oauthenticator.readthedocs.io/en/latest/api/gen/oauthenticator.globus.html#oauthenticator.globus.GlobusOAuthenticator.username_from_email
Is this something you're interested in working on? Could it be done at a more generic level?
Another idea: use a browser's [`LocalStorage`](https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API/Using_the_Web_Storage_API). One downside is that it's at the domain scope not the notebook / URL scope, so need to be careful about automatically restoring state....
Maybe this should be split into two topics: - what should be stored e.g. all of home, just the state of all notebooks, only files which are managed by the...
Quick proof-of-concept (tested on Firefox): 1. Load a repository in binder, open a notebook, make some changes, save it. 2. Open your browser's JavaScript console for that page 3. Paste...
> Is this the moment where we make a new issue for "Browser based storage of notebooks Sounds good to me! > In order to offer the user a "want...