Commit Graph

100 Commits

Author SHA1 Message Date
Sam 98f4a2adcb FIX: on 404 from brotli asset path return a correctly encoded doc
old implementation would cache the 404 for 1 year with incorrect encoding

hilarity would ensue
2016-12-15 16:05:20 +11:00
Sam dc66f6681a add spec for brotli controller, ensure cached correctly 2016-12-05 16:08:36 +11:00
Sam 8a98d617df correct headers and add better caching 2016-12-05 15:11:07 +11:00
Sam 39a524aac8 FEATURE: brotli cdn bypass for assets
Allow CDNS that strip out brotli encoding to use brotli regardless
2016-12-05 13:57:09 +11:00
Sam b7cea24d76 FEATURE: more user API flow, support key creation 2016-08-16 17:06:52 +10:00
Neil Lalonde 56e47c8d7e FEATURE: report on admin dashboard when favicon is failing to load 2016-04-05 14:42:32 -04:00
Guo Xiang Tan 62011a252f FIX: Follow redirects when downloading favicons. 2016-02-25 11:50:34 +08:00
Neil Lalonde 9ad226aaa8 FEATURE: add email query param to login, signup, and password-reset URLs to prefill form 2016-01-19 16:53:46 -05:00
Sam Saffron 00342faff9 FIX: use default favicon if a bad favicon is specified 2015-12-22 18:08:27 +11:00
Arpit Jalan 362c515f33 FEATURE: compose a new pre-filled message via URL 2015-11-24 18:55:45 +05:30
Sam c70bb0c032 we got to clean up js debugging, its busting caching. 2015-11-22 01:20:39 +11:00
Sam 4e37bcc3e2 Add extra safety 2015-08-25 12:05:15 +10:00
Sam 2c59ad3dd3 FIX: favicon update broken when favicon lived on a CDN 2015-08-25 11:54:23 +10:00
Arpit Jalan d1632c1dbd FIX: new-topic URL should survive login redirection 2015-06-14 20:24:47 +05:30
Sam Saffron 9787cb07aa FIX: when missing a static topic we were returning an error 2015-06-01 11:40:52 +10:00
Sam f5af4768eb FEATURE: add clean support for running Discourse in a subfolder
To setup set DISCOURSE_RELATIVE_URL_ROOT to the folder you wish
2015-03-09 13:14:29 +11:00
Sam 6c09b6739d BUG: minor, do not send access origin if not set 2015-02-17 09:58:43 +11:00
Robin Ward 572842721d FIX: Better page titles for SEO 2014-10-30 14:26:56 -04:00
Robin Ward 316f1bea04 SECURITY: Don't allow redirects with periods in case you don't control
other tlds on the same domain.
2014-10-30 11:31:44 -04:00
Régis Hanol de415b804c FIX: add 'Content-Length' header for avatars 2014-10-22 15:39:51 +02:00
Sam 832655df14 attempt to get content length through 2014-10-21 16:17:13 +11:00
Sam 4e7057efb1 Clean up content type and add Expires header when serving CDN assets 2014-10-21 15:59:34 +11:00
Sam 8efee0d03d don't use Markdown 2014-10-18 17:17:38 +11:00
Sam 742c5e29c9 FEATURE: advanced search help 2014-10-18 14:27:33 +11:00
Robin Ward 85c6eb9b08 SECURITY: Only redirect to our host by path on the login action 2014-08-28 17:45:13 -04:00
Sam 03c8f09be8 PERF: finalize porting to new incoming links structure 2014-08-04 16:43:57 +10:00
Régis Hanol 3d6e2713d1 BUGFIX: login was broken when login was required 2014-07-26 23:16:08 +02:00
Neil Lalonde 5a33e6f00c Move FAQ, Terms of Service, and Privacy Policy into topics in the Staff category. First post of those topics will be rendered on their respective pages. Site settings and content are not used for these documents anymore. Translations of the default text is moved into the standard YML files. 2014-07-25 14:41:20 -04:00
Sam 40af9ce612 FIX: do not store incoming links on avatars or uploads 2014-07-25 15:10:06 +10:00
Neil Lalonde e565ae2528 FEATURE: /guidelines route will always show our FAQ, ignoring the faq_url site setting 2014-07-10 12:58:41 -04:00
Sam 27f85e5451 FIX: allow for subdirectorys for cdn assets 2014-07-10 17:29:38 +10:00
Sam 6019e3f257 FIX: remove hardcoding from middleware stack so we can control it 2014-07-10 17:01:21 +10:00
Sam 5032c96486 FIX: disable x accl redirect for CDN assets
We need to keep headers in tact
2014-07-10 16:32:46 +10:00
Sam efd6bf1490 FIX: set last modified date on CDN assets 2014-07-08 14:48:20 +10:00
Sam 832a730e36 BUGFIX: re-enable CDN js debugging in a robust way
May be disabled if needed via site setting
2014-05-19 08:46:28 +10:00
Neil Lalonde ce5ebc3eb5 On sites with login_required enabled, after signup, don't show the /login page again 2013-10-30 16:37:36 -04:00
Neil Lalonde 89265c3a8b FIX: BAD CSRF on login. Don't check csrf in the fake login form since it doesn't actually do anything. 2013-08-27 11:31:14 -04:00
Sam 06bd9e3234 allow login required screen to be customized 2013-07-16 20:49:04 +10:00
Stephan Kaag e39cc464b1 Refactor routes in order to be compatible with Rails 4 2013-07-01 20:00:06 +02:00
Sam 9fd00cac65 work in progress, add custom faq link, ember router needs to know about this or the redirect trick will not work 2013-06-27 17:15:59 +10:00
Neil Lalonde eea00afb80 tos and privacy urls redirect based on site settings 2013-06-18 10:52:04 -04:00
Chris Hunt 978785720a Redirect to root after login if no path provided
If we do not do this, then people that login from /login will just be
redirected back to the login page. We'd rather have them see the root
path.
2013-06-04 16:10:10 -07:00
Chris Hunt 92a4828f72 Redirect all controllers to login if required
We want to skip the filter for sessions controller so that we can login
and we want to skip the filter for static pages because those should be
visible to visitors.
2013-06-04 16:10:10 -07:00
Sam 80fb20816c get rid of nonsense 404.html
correct 404 handling for invalid pages
2013-05-20 10:29:49 +10:00
Neil Lalonde 58004d44cd Support for browser password managers, but doesn't quite work in IE 2013-03-13 13:55:33 -04:00
Kuba Brecka 778cad5d2f implement translations into static pages (FAQ, TOS) + an example of CZ translation 2013-03-03 16:27:32 +01:00
Neil Lalonde cd6c1de5b0 Add site settings for company name and domain, and use them in the Terms of Service 2013-02-26 15:50:42 -05:00
Robin Ward 546016bfd2 Remove unused controllers, apply substitutions to TOS. 2013-02-13 11:50:27 -05:00
Jakub Arnold 61654ab8f0 Fix all the trailing whitespace 2013-02-07 16:45:24 +01:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00