From 5032c96486a69fa94728073fa06ae5963b21f2ca Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Thu, 10 Jul 2014 16:32:06 +1000
Subject: [PATCH] FIX: disable x accl redirect for CDN assets

We need to keep headers in tact
---
 app/controllers/static_controller.rb   |  4 ++++
 app/helpers/application_helper.rb      |  2 +-
 app/views/layouts/application.html.erb |  2 +-
 config/application.rb                  |  7 +++++++
 lib/middleware/optional_sendfile.rb    | 11 +++++++++++
 5 files changed, 24 insertions(+), 2 deletions(-)
 create mode 100644 lib/middleware/optional_sendfile.rb

diff --git a/app/controllers/static_controller.rb b/app/controllers/static_controller.rb
index b62fd03b781..12be4fd0308 100644
--- a/app/controllers/static_controller.rb
+++ b/app/controllers/static_controller.rb
@@ -73,6 +73,10 @@ class StaticController < ApplicationController
       disposition: nil
     }
     opts[:type] = "application/x-javascript" if path =~ /\.js$/
+
+    # we must disable acceleration otherwise NGINX strips
+    # access control headers
+    request.env['_disable_accl'] = true
     send_file(path, opts)
   end
 end
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index fabe1f77af2..130b9d4b866 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -15,7 +15,7 @@ module ApplicationHelper
     if SiteSetting.enable_cdn_js_debugging && GlobalSetting.cdn_url
       tags = javascript_include_tag(*args, "crossorigin" => "anonymous")
       tags.gsub!("/assets/", "/cdn_asset/#{Discourse.current_hostname.gsub(".","_")}/")
-      tags.gsub!(".js\"", ".js?origin=#{CGI.escape request.base_url}\"")
+      tags.gsub!(".js\"", ".js?v=1&origin=#{CGI.escape request.base_url}\"")
       tags.html_safe
     else
       javascript_include_tag(*args)
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index e4f7e6536cd..2cb15528353 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -11,7 +11,7 @@
     <%- end %>
 
     <%= script "preload_store" %>
-    <%= javascript_include_tag "locales/#{I18n.locale}" %>
+    <%= script "locales/#{I18n.locale}" %>
     <%= script "vendor" %>
     <%= script "application" %>
     <%- if staff? %>
diff --git a/config/application.rb b/config/application.rb
index 1922a73d5a5..674a240be17 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -122,6 +122,13 @@ module Discourse
     # supports etags (post 1.7)
     config.middleware.delete Rack::ETag
 
+    # We need to be able to disable for cdn assets
+    # x-accl-redirect strips headers we need to forward
+    # issue open since 2008
+    require 'middleware/optional_sendfile'
+    config.middleware.insert_after Rack::Sendfile, Middleware::OptionalSendfile, config.action_dispatch.x_sendfile_header
+    config.middleware.delete Rack::Sendfile
+
     # route all exceptions via our router
     config.exceptions_app = self.routes
 
diff --git a/lib/middleware/optional_sendfile.rb b/lib/middleware/optional_sendfile.rb
new file mode 100644
index 00000000000..9eb21c56f61
--- /dev/null
+++ b/lib/middleware/optional_sendfile.rb
@@ -0,0 +1,11 @@
+module Middleware
+  class OptionalSendfile < Rack::Sendfile
+    def call(env)
+      if env["_disable_accl"] == true
+        @app.call(env)
+      else
+        super(env)
+      end
+    end
+  end
+end