Commit Graph

25 Commits

Author SHA1 Message Date
7c77cc6a58 DEV: Apply syntax_tree formatting to config/* 2023-01-09 11:13:29 +00:00
b301a6b3db FEATURE: Cache CORS preflight requests for 2h (#14614)
* FEATURE: Cache CORS preflight requests for 2h

Browsers will cache this for 5 seconds by default. If using MessageBus
in a different domain, Discourse will issue a new long polling, by
default, every 30s or so. This means we would be issuing a new preflight
request **every time**. This can be incredibly wasteful, so let's cache
the authorization in the client for 2h, which is the maximum Chromium
allows us as of today.

* fix tests
2021-10-14 22:37:53 -03:00
a6e3877b8a DEV: use request_path instead of script_name to find static file requests. (#11986)
`script_name` env variable would be empty for public static assets.
2021-02-05 09:09:55 +05:30
024f2720f3 DEV: apply cdn headers to public javascripts endpoint too. (#11942)
It will add CORS header `Access-Control-Allow-Origin: '*'` to the files inside `public/javascripts` folder.
2021-02-03 20:15:52 +05:30
a5923ad603 DEV: apply allow origin response header for CDN requests. (#11893)
Currently, it creates a CORS error while accessing those static files.
2021-01-29 07:44:49 +05:30
af4938baf1 Revert "DEV: enable cors to all cdn get requests from workbox. (#10684)" (#11076)
This reverts commit e3de45359f9bc7a71d9b8045a7e369fd0cf8f433.

We need to improve out strategy by adding a cache breaker with this change ... some assets on CDNs and clients may have incorrect CORS headers which can cause stuff to break.
2020-10-30 16:05:35 +11:00
72810853ea FIX: strip the trailing slash (/) of cors origins. (#10996)
Strips trailing `/` from global settings
Provides a validation for site settings to ensure a trailing `/` is not added
2020-10-29 13:01:06 +11:00
e3de45359f DEV: enable cors to all cdn get requests from workbox. (#10685)
Now all external requests from the service worker will be in CORS mode without credentials.
2020-10-28 23:36:19 +05:30
25f1f23288 FEATURE: Stricter rules for user presence
Previously we would consider a user "present" and "last seen" if the
browser window was visible.

This has many edge cases, you could be considered present and around for
days just by having a window open and no screensaver on.

Instead we now also check that you either clicked, transitioned around app
or scrolled the page in the last minute in combination with window
visibility

This will lead to more reliable notifications via email and reduce load of
message bus for cases where a user walks away from the terminal
2020-03-26 17:36:52 +11:00
30bba6252d Allow CORS combined with HTTP Auth 2019-09-09 15:02:20 -04:00
005e1f5373 Add Cache-Control header to CORS (#6490) 2018-10-16 10:46:55 +11:00
f3214889dc FEATURE: Updated CORS config to explicitly specifyhttp methods
See: https://stackoverflow.com/questions/20478312/default-value-for-access-control-allow-methods 

In particular we now explicitly allow DELETE and PUT which is inconsistently allowed depending on browser
2018-09-17 11:01:08 +10:00
1826626272 FEATURE: Add Content-Type header to CORS
- add Content-Type to Access-Control-Allow-Headers
- update test accordingly
2018-08-28 11:19:38 +10:00
dd9d815178 FIX: Add User Api Key headers to CORS
- add User-Api-Key and User-Api-Client-Id to Access-Control-Allow-Headers
- update test
2018-07-24 10:28:23 +10:00
Sam
90a55d6f7c FIX: handle CORS in hijacked requests 2017-12-07 10:31:04 +11:00
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
f9aae7af6a FIX: add Discourse-Visible to CORS allowed headers for sites that use a proxy 2017-03-06 14:41:57 -05:00
954d75f81c FIX: CORS middleware needs to happen earlier than AnonymousCache middleware 2017-03-06 12:25:12 -05:00
Sam
65edbb609c Revert "Revert message bus upgrade"
This reverts commit 47e718f5b24cb2d8b991f5b1a51efe3f79f5f934.
2015-12-09 11:48:41 +11:00
Sam
47e718f5b2 Revert message bus upgrade 2015-12-09 11:45:11 +11:00
Sam
2cc95af69b Revert "REVERT: message bus changes"
This reverts commit 4820d5c7b0259d3b49ff4bbc916e08fa44633e9c.
2015-12-09 07:36:36 +11:00
4820d5c7b0 REVERT: message bus changes 2015-12-08 15:32:31 -05:00
Sam
c866d5b42d Revert "Revert "PERF: move message bus to the front of the middleware stack""
This reverts commit cd1dd18f0188689c98fbba0a746f54ae749cbdeb.
2015-12-08 07:11:28 +11:00
cd1dd18f01 Revert "PERF: move message bus to the front of the middleware stack"
I suspect this commit is preventing Sidekiq from running inprocess.
2015-12-07 14:57:23 -05:00
Sam
c04bcf8655 PERF: move message bus to the front of the middleware stack
Organise all initializers so they are properly ordered and use the same naming scheme
2015-12-07 14:51:24 +11:00