Commit Graph

80 Commits

Author SHA1 Message Date
Sam 6019e3f257 FIX: remove hardcoding from middleware stack so we can control it 2014-07-10 17:01:21 +10:00
Sam 5032c96486 FIX: disable x accl redirect for CDN assets
We need to keep headers in tact
2014-07-10 16:32:46 +10:00
Sam 103e2ebba9 FIX: properly support sendfile on all routes
FIX: disable unused etags
2014-07-10 15:18:51 +10:00
Régis Hanol 6b45b635f8 FIX: properly whitelist <code> classes needed for syntax highlighting 2014-07-09 16:27:47 +02:00
Sam 724b36fe0d We need pry in development 2014-05-27 10:08:03 +10:00
Sam 1aa200788c Monkey patching, not required. 2014-05-14 10:20:23 +10:00
Robin Ward c3ccc3e309 Transpile ES6 even without node, just using rubyracer 2014-05-08 11:35:33 -04:00
Sam 0334179c6e give logster its own redis connection 2014-05-08 06:52:59 +10:00
Sam 4af0aa9cbc logster integration (in production as well) 2014-05-07 08:24:15 +10:00
Sam 692f099807 Remove uneeded hack 2014-05-07 08:24:15 +10:00
Vikhyat Korrapati 33307a50b3 Get rid of plugins.css, inject it using DiscourseSassImporter. 2014-04-09 19:42:43 +05:30
Benjamin Kampmann d22df7731d Allow plugins to ship custom styles only for mobile
- adds another :mobile-flag to register_assets
- adds test for plugin registering of assets
- load plugins when on desktop and plugins_mobile when on mobile
2014-04-07 16:33:35 +02:00
Sam bd7d1e62f6 BUGFIX: we need to precompile plugins.css ... otherwise there be dragons 2014-04-02 11:58:02 +11:00
Robin Ward b0a130db86 Precompile break_string 2014-03-20 14:50:34 -04:00
Stephan Kaag f12925887c Drop Rails3 support 2014-02-17 19:42:08 +01:00
Vikhyat Korrapati 6acc5c19e7 Use LOAD_PLUGINS=1 instead of LOAD_PLUGINS=true for consistency. 2014-02-05 10:50:28 +05:30
Vikhyat Korrapati 102352e205 Add rake task for running plugin tests. 2014-02-02 01:52:53 +05:30
Sam abe814412e Source DB config more cleanly, fixes issues with socket in prd 2014-01-15 12:08:35 +11:00
Régis Hanol 8d73b7f94d BUGFIX: hide sensitive site settings 2014-01-06 13:03:53 +01:00
Sam b703d8c77a BUGFIX: redis-rails has always been a problem child
implemented an ActiveSupport::Cache::Store for our internal use.
* allows for expire by family
* works correctly in multisite
* namespaced correctly

Removed redis-rails from the project, no longer needed
2014-01-06 16:50:04 +11:00
Robin Ward cab6a3f339 Don't forget to precompile the embed css 2013-12-31 18:12:07 -05:00
Sam d150bc20cf no need to remove what is not there 2013-12-31 15:12:07 +11:00
Sam b67a3a85dd split js with vendor/application
avoid one huge js bundle and instead break it down
to application and vendor (3rd party) our app changes
a lot, vendor changes a lot less
2013-12-23 10:32:07 +11:00
Sam 7b8d2547d0 globals now implemented and documented 2013-12-20 16:17:21 +11:00
Neil Lalonde c91d1624cf Oops, add browser-update to config.assets.precompile 2013-11-27 14:41:35 -05:00
Sam 7603faa20d add rbtrace for production tracing 2013-11-20 10:10:12 +11:00
Régis Hanol 291acca4fa autoload server/client locales in plugins 2013-11-19 16:42:28 +01:00
Régis Hanol a01b423263 remove empty plugin.rb file 2013-11-13 16:14:22 +01:00
Sam e5202b19c0 fix for emoji precompile 2013-11-06 22:39:28 +11:00
Neil Lalonde adba0c2996 Avoid deprecation warning about whitelist_attributes in rails 4 2013-11-05 15:47:43 -05:00
Sam da62a10b77 work around regression in ruby head 2013-10-28 15:13:10 +11:00
Sam 28a0cb494a rails 4 upgrade
rack lock is trouble, nuke it out of orbit
more aggressive suicide for forked sidekiq
2013-10-10 14:23:24 +11:00
Robin Ward be0ce08cc2 Ember Upgrade: 1.0 2013-10-01 11:16:27 -04:00
Sam f0a122a66c move job files so they live underneath app/ and not in lib/
introduce new setting email_always, that will force emails to send to users regardless of presence on site
2013-10-01 17:04:02 +10:00
Sam 6af1e12cc1 after_initialize callback for plugins 2013-09-17 10:24:15 +10:00
Sam 6ca6853392 disable XML params, they are just used by malicious bots to determine if we have XML vuls. 2013-09-16 12:58:26 +10:00
Neil Lalonde eb0442159c Precompile the new css files 2013-09-05 17:31:19 -04:00
Sam 818bf1355d PluginStore for plugin specific bits of storage
Amended plugin interfaces so they work with the vk sample
2013-08-26 12:59:17 +10:00
Sam 213ce33af2 Fixed all broken specs
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
Stephan Kaag a6b4b5dbf2 Replace Clockwork with Sidetiq 2013-08-14 21:39:40 +02:00
Robin Ward 4a0ea7f776 Upgrade jQuery to 2.0.3 2013-08-01 11:58:22 -04:00
Sam 160107a712 working plugin interface for custom openid auth, custom css and custom js 2013-08-01 16:02:43 +10:00
Doug Alcorn 35a2bb7919 Parameterize the PBKDF2 algorithm in application config
http://meta.discourse.org/t/sso-between-discourse-and-xmpp/8567/5
2013-07-22 21:36:01 -04:00
Sam 9e4b0df7ff 69 specs fail in rails 4 now ...not too bad 2013-07-22 15:07:20 +10:00
Robin Ward d466d11e71 Ember RC6 update 2013-07-16 10:35:18 -04:00
Sam 21bfb64a28 added EMBED_CLOCKWORK so users can embed clockwork scheduling inside another process 2013-07-09 11:01:51 +10:00
Robin Ward ad6705cca7 Update Ember to latest master (RC5) 2013-06-10 10:14:42 -04:00
Ian Christian Myers 0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Robin Ward a3d62fdf69 Temporarily roll back ember rc5. We identified some things we need to fix. 2013-06-06 01:25:43 -04:00
Robin Ward a0bd51862e Upgrade Ember to RC5. Disabled a deprecation warning that I believe is in error. 2013-06-05 12:07:18 -04:00