We Keep Coding

How to get github edit history of issue and issue comments via api?

I only found api to get issue list, issue content, issue comments list and content, no issue content edit history, no issue comments edit history.

No, this cannot currently be done purely from the API.
However, if we reverse engineer the way GitHub loads past edits in the web interface, and do a bit of scraping, we can accomplish the same thing without the API. Unfortunately, this means that we don't have the reliability of an API - GitHub's web interface is liable to change at any time, breaking our code. But it's better than nothing!
So, first we need a log of all the edits for a comment. Let's do this with the comment https://github.com/seisvelas/crypsee/issues/1#issue-874033952 (from a test repo provided by the gentleman who set the bounty on this question). On order to get a log of this issue's comments, we will need to base64 encode the issue number with '05:' then the word 'Issue' at the beginning. Why '05:'? I have no idea. But it's always there and it won't work with out it. So we'll be base64 encoding the string "05:Issue874033952", which gives us MDU6SXNzdWU4NzQwMzM5NTI=
Great, now we insert MDU6SXNzdWU4NzQwMzM5NTI= into this URL scheme: https://github.com/_render_node/{BASE64 ENCODING HERE}/comments/comment_edit_history_log, resulting in a link to https://github.com/_render_node/MDU6SXNzdWU4NzQwMzM5NTI=/comments/comment_edit_history_log
Following that link, we see an edit history, but not the contents of the edits themselves:
However, this gives us the information we need! If we look at the HTML, we see that all edits prior to the current edit are defined as buttons with a link to that edit:
<button
type="button"
class="btn-link dropdown-item p-2"
role="menuitem"
data-edit-history-url="/user_content_edits/MDE1OlVzZXJDb250ZW50RWRpdElzc3VlRWRpdDo1MzIxODcxNzE="
>
The URL pointed to by the data-edit-history-url is the same URL loaded via the browser's networking tab when clicking to view a past edit in the web interface!
Unfortunately, if you attempt to view that page on it's own, you get a 404. It is intended to be viewed only from the web interface. But that's no problem, just go to the web interface, view one of the edits, and copy the headers it sends along. In my case I'm using Chromium, so I just find the request to the edit in my networking tab, right click and hit 'copy as Fetch request (nodejs)' and viola, with those headers I'm good to go!
For example, for the comment we've been using this whole time, I make that request and get back a bunch of HTML. The content of the original edit is near the end:
<ins><p class="rich-diff-level-zero">before edit</p></ins>
There it is! I could write a script to automate this, but then I'd be doing everything for you :3 Suffice it to say that with a day's work of cleverly organized scraping, this is roughly what you must to in order to view these revisions. If someone does make such a tool, the OSINT community will surely be immensely grateful!

To see the features of github api, it is better to read the following link
The best source to get the answer:
https://docs.github.com/en/rest/reference/issues
Check the issues you mentioned, ie issue comments, edit history issue, etc. in the link above
As far as I saw it is possible to receive issue comments but I did not see a section for edit history issue
I also suggest you see the following links for the edit history issue:
https://github.com/isaacs/github/issues/954

Rally : document.referrer is not returning complete URL

We have created a custom App using Rally SDK. We are providing link to this app in a custom field in USER story. Once we click on this link, it gets redirected to the App. Within this app, we want know from which User story it has redirected from.
For the same purpose we are making use of document.referrer. However, it only returns 'https://rally1.rallydev.com' and not the complete URL.
Based on our research, we come to know that meta tag for refferer with appropriate value has to be mentioned in the web page to get the complete URL. Which we think is not mentioned in this case.
Please correct if our understanding is wrong.
It will be very helpful if you could suggest any alternatives to achieve this.

What should be located at the homepage of a REST API?

I'm currently in the process of writing a REST API and this question always seems to popup.
I've always just added a description, quick links to docs, server time etc, but see now (after looking around a bit) that a simple redirect to the API docs would be even better.
My question is what would be the accepted norm to have as the root - '/' - "homepage" of your API?
I've been looking at a few implementations:
Facebook: Just gives a error of "Unsupported get request.";
Twitter: Shows an actual 404 page;
StackOverflow: Redirect to quick "usage" page.
After looking at those it's clear everyone is doing it differently.
In the bigger picture this is of little significance but would be interesting to see what the "RESTfull" way of doing it (if there is one) might be.

Others have had the same question and as you discovered yourself everyone is doing it their own way. There is a move in this direction to somehow standardize it, so see if you find this draft useful:
Home Documents for HTTP APIs aka JSON Home.

I've give this much thought and right now I either return a 404 page, a health status page, a dummy page or redirect to another page, mostly likely on within the organization.
An API homepage isn't something everyone should be looking at and believe me, it can be found. There are more people like me that love to inspect the browser and see how a website is performing.

Facebook App in Page Tab receiving signed_request but missing page data

I have a page tab app that I am hosting. I have both http and https supported. While I receive a signed_request package as expected, after I decode it does not contain page information. That data is simply missing.
I verified that like schemes are being used (https) among facebook, my hosted site and even the 'go between'-- facebook's static page handler.
Also created a new application with page tab support but got the same results-- simply no page information in the signed_request.
Any other causes people can think of?
I add the app to the page tab using this link:
https://www.facebook.com/dialog/pagetab?app_id=176236832519816&next=https://www.intelligantt.com/Facebook/application.html
Here is the page tab I am using (Note: requires permissions):
https://www.facebook.com/pages/School-Auction-Test-2/154869721351873?id=154869721351873&sk=app_176236832519816
Here is the decoded signed_request I am receiving:
{"algorithm":"HMAC-SHA256","code":!REMOVED!,"issued_at":1369384264,"user_id":"1218470256"}
5/25 Update - I thought maybe the canvas app urls didn't match the page tab urls so I spent several hours going through scenarios where they both had a trailing slash or not. Where they both had a trailing ? or not, with query parameters or not.
I also tried changing the 'next' value when creating the page tab to the canvas app url and the page tab url.
No success on either count.
I did read where because I'm seeing the 'code' value in the signed_request it means Facebook either couldn't match my urls or that I'm capturing the second request. However, I given all the URL permutations I went through I believe the urls match. I also subscribed to the 'auth.authResponseChange' which should give me the very first authResponse that should contain the signed_request with page.id in it (but doesn't).
If I had any reputation, I'd add a bounty to this.
Thanks.

I've just spent ~5 hours on this exact same problem and posted a prior answer that was incorrect. Here's the deal:
As you pointed out, signed_request appears to be missing the page data if your tab is implemented in pure javascript as a static html page (with *.htm extension).
I repeated the exact same test, on the exact same page, but wrapped my html page (including js) within a Perl script (with *.cgi extension)... and voila, signed_request has the page info.
Although confusing (and should be better documented as a design choice by Facebook), this may make some sense because it would be impossible to validate the signed_request wholly within Javascript without placing your secretkey within the scope (and therefore revealing it to a potential hacker).

It would be much easier with the PHP SDK, but if you just want to use JavaScript, maybe this will help:
Facebook Registration - Reading the data/signed request with Javascript
Also, you may want to check out this: https://github.com/diulama/js-facebook-signed-request

simply you can't get the full params with the javascript signed_request, use the php sdk to get the full signed_request . and record the values you need into javascript variabls ...
with the php sdk after instanciation ... use the facebook object as following.
$signed_request = $facebook->getSignedRequest();
var_dump($signed_request) ;
this is just to debug but u'll see that the printed array will contain many values that u won't get with js sdk for security reasons.
hope that helped better anyone who would need it, cz it seems this issue takes at the min 3 hours for everyone who runs into.

How to make a custom LinkedIn share button

I need to be able to add sharing functionality to my custom button. I'm not interested with their generator, as I can't change LinkedIn image there. I want to use my own image for the LinkedIn share button.

Official LinkedIn API for sharing:
https://developer.linkedin.com/docs/share-on-linkedin
Read Terms of Use!
Example link using "Customized URL" method: http://www.linkedin.com/shareArticle?mini=true&url=https://stackoverflow.com/questions/10713542/how-to-make-custom-linkedin-share-button/10737122&title=How%20to%20make%20custom%20linkedin%20share%20button&summary=some%20summary%20if%20you%20want&source=stackoverflow.com
You just need to open it in popup using JavaScript or load it to iframe. Simple and works - that's what I was looking for!
EDIT: Video attached to a post:
I checked that you can't really embed any video to LinkedIn post, the only option is to add the link to the page with video itself.
You can achieve it by putting YT link into url param:
https://www.linkedin.com/shareArticle?mini=true&url=https://www.youtube.com/watch?v=SBi92AOSW2E
If you specify summary and title then LinkedIn will stop pulling it from the video, e.g.:
https://www.linkedin.com/shareArticle?mini=true&summary=youtube&title=f1&url=https://www.youtube.com/watch?v=SBi92AOSW2E
It does work exactly the same with Vimeo, and probably will work for any website. Hope it will help.
EDIT 2: Pulling images to the post:
When you open above links you will see that LinkedIn loads some images along with the passed URL (and optionally title and summary).
LinkedIn does it automatically, and you can read about it here: https://developer.linkedin.com/docs/share-on-linkedin#opengraph
It's interesting though as it says:
If Open Graph tags are present, LinkedIn's crawler will not have to
rely on it's own analysis to determine what content will be shared,
which improves the likelihood that the information that is shared is
exactly what you intended.
It tells me that even if Open Graph information is not attached, LinkedIn can pull this data based on its own analysis. And in case of YouTube it seems to be the case, as I couldn't find any Open Graph tags added to YouTube pages.

You can make your own sharing button using the LinkedIn ShareArticle URL, which can have the following parameters:
https://www.linkedin.com/shareArticle?mini=true&url={articleUrl}&title={articleTitle}&summary={articleSummary}&source={articleSource}
You can find the documentation here, just choose "Customized URL" to see the details.

Step 1 - Getting the URL Right
Many of the answers here were valid until recently. For now, the ONLY supported param is url, and the new share link is as follows...
https://www.linkedin.com/sharing/share-offsite/?url={url}
Make sure url is encoded, using something like fixedEncodeURIComponent().
Source: Official Microsoft.com Linkedin Share Plugin Documentation. All LinkedIn.com links for developer documentation appear to be blank pages now -- perhaps related to the acquisition of LinkedIn by Microsoft.
Step 2 - Setting Custom Parameters (Title, Image, Summary, etc.)
Once upon a time, you could use these params: title, summary, source. But if you look closely at all of the documentation, there is actually still a way to still set summary, title, etc.! Put these in the <head> block of the page you want to share...
<meta property='og:title' content='Title of the article"/>
<meta property='og:image' content='//media.example.com/ 1234567.jpg"/>
<meta property='og:description' content='Description that will show in the preview"/>
<meta property='og:url' content='//www.example.com/URL of the article" />
Then LinkedIn will use these! Source: LinkedIn Developer Docs: Making Your Website Shareable on LinkedIn.
Step 3 - Verifying LinkedIn Share Results
Not sure you did everything right? Take the URL of the page you are sharing (i.e., example.com, not linkedin.com/share?url=example.com), and input that URL into the following: LinkedIn Post Inspector. This will tell you everything about how your URL is being shared!
This also pulls/invalidates the current cache of your page, and then refreshes it (in case you have a stuck, cached version of your page in LinkedIn's database). Because it pulls the cache, then refreshes it, sometimes it's best to use the LinkedIn Post Inspector twice, and use the second result as the expected output.
Still not sure? Here's an online demo I built with 20+ social share services. Inspect the source code and find out for yourself how exactly the LinkedIn sharing is working.
Step 4 - Finding More Social Sharing Services and Their Share URLs
I have been maintaining a Github Repo that's been tracking social-share URL formats since 2012, check it out: Github: Social Share URLs.
Why not join in on all the social share url's?

Its best to use customize url approach. And its the easiest. Found this one. It will open a popup window and you dont need any bs authentication issues because of w_share and all.
<a href="https://www.linkedin.com/shareArticle?mini=true&url=http://chillyfacts.com/create-linkedin-share-button-on-website-webpages&title=Create LinkedIn Share button on Website Webpages&summary=chillyfacts.com&source=Chillyfacts" onclick="window.open(this.href, 'mywin', 'left=20,top=20,width=500,height=500,toolbar=1,resizable=0'); return false;">
<img src="http://chillyfacts.com/wp-content/uploads/2017/06/LinkedIN.gif" alt="" width="54" height="20" />
</a>
Just change the url with your own url. Here is the link http://chillyfacts.com/create-linkedin-share-button-on-website-webpages/

The API is updated now and the previous API will be deprecated on 1st March, 2019.
To create a custom Share button for LinkedIn, you need to make POST calls now. You can read the updated documentation here for doing so.

LinkedIn revised their site recently, so there are a ton of old links just redirecting to the developer support homepage. Here is an updated link to the relevant page on LinkedIn's support site (as of Feb 16, 2015): https://developer.linkedin.com/docs/share-on-linkedin

LinkedIn has updated their api and the sharing url's no longer works. Now you can only use the url query parameter. Any other parameter is going to be removed from the url by LinkedIn.
Now you're forced to use oAuth and interact with the linkedin API to share content on behalf of a user.

This works for me:
https://www.linkedin.com/shareArticle?mini=true&url=articleUrl&title=YourarticleTitle&summary=YourarticleSummary&source=YourarticleSource
You can use this link by replacing it with your content. It works 100%.

You can customize the standard Linkedin button like this, after the page load:
$(".IN-widget span:first-of-type").css({
'border': '2px solid #DCDCDC',
'-webkit-border-radius': '3px',
'-moz-border-radius': '3px',
'border-radius': '3px'
});