Skip to content
This repository has been archived by the owner on May 9, 2022. It is now read-only.

add twitch#channel URI #11

Merged
merged 2 commits into from
Feb 13, 2018
Merged

add twitch#channel URI #11

merged 2 commits into from
Feb 13, 2018

Conversation

mrose17
Copy link
Contributor

@mrose17 mrose17 commented Feb 9, 2018
edited
Loading

res ipsa loquitur

@mrose17 mrose17 self-assigned this Feb 9, 2018
@mrose17 mrose17 requested a review from NejcZdovc February 9, 2018 01:47
NejcZdovc
NejcZdovc reviewed Feb 12, 2018
View reviewed changes
getMedia.js
resolvers._channel(providers, mediaURL, options, underscore.extend({
_channel: {
providerName: 'twitch',
param1: 2,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are we using this one?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes. that's the point of the PR. i refactored so the twitch and youtube code could maximally reuse code.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

where do we use it? in other library? I can't find it in this PR

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

take a look at media/provider.json!

NejcZdovc
NejcZdovc reviewed Feb 12, 2018
View reviewed changes
package.json
@@ -47,6 +47,7 @@
"level": "1.7.0",
"npm-check-updates": "^2.12.1",
"nsp": "^2.8.0",
"oembed-parser": "^1.0.8",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need security review for this one. I see that there is no new usage, where we just missing it from the dependencies?

cc @diracdeltas

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/brave/internal/issues/203

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should not use ombed-parser in general since it uses Node's networking stack (https://github.com/ndaidong/oembed-parser/blob/master/src/utils/fetchEmbed.js), but this usage is ok for now since it only uses the provider.json rules file

diracdeltas
diracdeltas reviewed Feb 12, 2018
View reviewed changes
getMedia.js Outdated
@@ -107,12 +121,12 @@ const resolvers = {
if (err) return next(providers, mediaURL, options, firstErr || err, callback)

metascraper.scrapeHtml(body).then((result) => {
console.log('result: ' + JSON.stringify(result, null, 2))
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this contains potentially sensitive information about the page and should not be logged by default

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oops! debug thing not removed. fixed.

diracdeltas
diracdeltas previously requested changes Feb 12, 2018
View reviewed changes
Copy link

@diracdeltas diracdeltas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This does not pass security review because it adds new remote connections in the main process (to twitch.tv). Please see https://bravesoftware.slack.com/archives/C0NPFB6H5/p1517516188000009 for details.

diracdeltas added a commit to brave/browser-laptop that referenced this pull request Feb 13, 2018
@diracdeltas
Add publishers media info request API
e324721 
Needed for
brave-intl/bat-publisher#11 (review)
and #13114
@diracdeltas diracdeltas mentioned this pull request Feb 13, 2018
Merged
10 tasks
NejcZdovc
NejcZdovc approved these changes Feb 13, 2018
View reviewed changes
Copy link
Contributor

@NejcZdovc NejcZdovc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

as discussed with @diracdeltas we will address security problem in another PR, so we can merge this one

@mrose17 mrose17 dismissed diracdeltas’s stale review February 13, 2018 11:21

as discussed with @diracdeltas we will address security problem in another PR, so we can merge this one

@mrose17 mrose17 merged commit 5eb7d94 into master Feb 13, 2018
@mrose17 mrose17 deleted the add-twitch-support branch February 13, 2018 11:21
@diracdeltas
Copy link

Is this all still needed for brave/browser-laptop#13142 ? If not let's revert.

@mrose17
Copy link
Contributor Author

mrose17 commented Feb 23, 2018

yes, it is essential for twitch support in the browser; accordingly, reversion would be most unfortunate.

NejcZdovc pushed a commit to brave/browser-laptop that referenced this pull request Feb 26, 2018
@diracdeltas @NejcZdovc
Add publishers media info request API
36173db 
Needed for
brave-intl/bat-publisher#11 (review)
and #13114
NejcZdovc pushed a commit to brave/browser-laptop that referenced this pull request Mar 2, 2018
@diracdeltas @NejcZdovc
Add publishers media info request API
79dfa09 
Needed for
brave-intl/bat-publisher#11 (review)
and #13114
NejcZdovc pushed a commit to brave/browser-laptop that referenced this pull request Mar 14, 2018
@diracdeltas @NejcZdovc
Add publishers media info request API
8bb9c4d 
Needed for
brave-intl/bat-publisher#11 (review)
and #13114
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@diracdeltas diracdeltas diracdeltas left review comments

@NejcZdovc NejcZdovc NejcZdovc approved these changes

Assignees

@mrose17 mrose17

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mrose17 @diracdeltas @NejcZdovc