github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-15 12:11:24 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
51,497 Commits 322 Branches 516 Tags
input-text-field-component
Commit Graph

25 Commits

Author SHA1 Message Date
David Taylor
7c77cc6a58 DEV: Apply syntax_tree formatting to config/* 2023-01-09 11:13:29 +00:00
Rafael dos Santos Silva
b301a6b3db FEATURE: Cache CORS preflight requests for 2h (#14614) 
* FEATURE: Cache CORS preflight requests for 2h

Browsers will cache this for 5 seconds by default. If using MessageBus
in a different domain, Discourse will issue a new long polling, by
default, every 30s or so. This means we would be issuing a new preflight
request **every time**. This can be incredibly wasteful, so let's cache
the authorization in the client for 2h, which is the maximum Chromium
allows us as of today.

* fix tests
 2021-10-14 22:37:53 -03:00
Vinoth Kannan
a6e3877b8a DEV: use request_path instead of script_name to find static file requests. (#11986) 
`script_name` env variable would be empty for public static assets.
 2021-02-05 09:09:55 +05:30
Vinoth Kannan
024f2720f3 DEV: apply cdn headers to public javascripts endpoint too. (#11942) 
It will add CORS header `Access-Control-Allow-Origin: '*'` to the files inside `public/javascripts` folder.
 2021-02-03 20:15:52 +05:30
Vinoth Kannan
a5923ad603 DEV: apply allow origin response header for CDN requests. (#11893) 
Currently, it creates a CORS error while accessing those static files.
 2021-01-29 07:44:49 +05:30
Vinoth Kannan
af4938baf1 Revert "DEV: enable cors to all cdn get requests from workbox. (#10684)" (#11076) 
This reverts commit e3de45359f9bc7a71d9b8045a7e369fd0cf8f433.

We need to improve out strategy by adding a cache breaker with this change ... some assets on CDNs and clients may have incorrect CORS headers which can cause stuff to break.
 2020-10-30 16:05:35 +11:00
Vinoth Kannan
72810853ea FIX: strip the trailing slash (/) of cors origins. (#10996) 
Strips trailing `/` from global settings
Provides a validation for site settings to ensure a trailing `/` is not added
 2020-10-29 13:01:06 +11:00
Vinoth Kannan
e3de45359f DEV: enable cors to all cdn get requests from workbox. (#10685) 
Now all external requests from the service worker will be in CORS mode without credentials.
 2020-10-28 23:36:19 +05:30
Sam Saffron
25f1f23288 FEATURE: Stricter rules for user presence 
Previously we would consider a user "present" and "last seen" if the
browser window was visible.

This has many edge cases, you could be considered present and around for
days just by having a window open and no screensaver on.

Instead we now also check that you either clicked, transitioned around app
or scrolled the page in the last minute in combination with window
visibility

This will lead to more reliable notifications via email and reduce load of
message bus for cases where a user walks away from the terminal
 2020-03-26 17:36:52 +11:00
Robin Ward
30bba6252d Allow CORS combined with HTTP Auth 2019-09-09 15:02:20 -04:00
Davide Porrovecchio
005e1f5373 Add Cache-Control header to CORS (#6490) 2018-10-16 10:46:55 +11:00
CheshireVillageSoftware
f3214889dc FEATURE: Updated CORS config to explicitly specifyhttp methods 
See: https://stackoverflow.com/questions/20478312/default-value-for-access-control-allow-methods 

In particular we now explicitly allow DELETE and PUT which is inconsistently allowed depending on browser
 2018-09-17 11:01:08 +10:00
Davide Porrovecchio
1826626272 FEATURE: Add Content-Type header to CORS 
- add Content-Type to Access-Control-Allow-Headers
- update test accordingly
 2018-08-28 11:19:38 +10:00
Davide Porrovecchio
dd9d815178 FIX: Add User Api Key headers to CORS 
- add User-Api-Key and User-Api-Client-Id to Access-Control-Allow-Headers
- update test
 2018-07-24 10:28:23 +10:00
Sam
90a55d6f7c FIX: handle CORS in hijacked requests 2017-12-07 10:31:04 +11:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Neil Lalonde
f9aae7af6a FIX: add Discourse-Visible to CORS allowed headers for sites that use a proxy 2017-03-06 14:41:57 -05:00
Neil Lalonde
954d75f81c FIX: CORS middleware needs to happen earlier than AnonymousCache middleware 2017-03-06 12:25:12 -05:00
Sam
65edbb609c Revert "Revert message bus upgrade" 
This reverts commit 47e718f5b24cb2d8b991f5b1a51efe3f79f5f934.
 2015-12-09 11:48:41 +11:00
Sam
47e718f5b2 Revert message bus upgrade 2015-12-09 11:45:11 +11:00
Sam
2cc95af69b Revert "REVERT: message bus changes" 
This reverts commit 4820d5c7b0259d3b49ff4bbc916e08fa44633e9c.
 2015-12-09 07:36:36 +11:00
Robin Ward
4820d5c7b0 REVERT: message bus changes 2015-12-08 15:32:31 -05:00
Sam
c866d5b42d Revert "Revert "PERF: move message bus to the front of the middleware stack"" 
This reverts commit cd1dd18f0188689c98fbba0a746f54ae749cbdeb.
 2015-12-08 07:11:28 +11:00
Robin Ward
cd1dd18f01 Revert "PERF: move message bus to the front of the middleware stack" 
I suspect this commit is preventing Sidekiq from running inprocess.
 2015-12-07 14:57:23 -05:00
Sam
c04bcf8655 PERF: move message bus to the front of the middleware stack 
Organise all initializers so they are properly ordered and use the same naming scheme
 2015-12-07 14:51:24 +11:00