Rafael dos Santos Silva
b301a6b3db
FEATURE: Cache CORS preflight requests for 2h ( #14614 )
...
* FEATURE: Cache CORS preflight requests for 2h
Browsers will cache this for 5 seconds by default. If using MessageBus
in a different domain, Discourse will issue a new long polling, by
default, every 30s or so. This means we would be issuing a new preflight
request **every time**. This can be incredibly wasteful, so let's cache
the authorization in the client for 2h, which is the maximum Chromium
allows us as of today.
* fix tests
2021-10-14 22:37:53 -03:00
Vinoth Kannan
a6e3877b8a
DEV: use `request_path` instead of `script_name` to find static file requests. ( #11986 )
...
`script_name` env variable would be empty for public static assets.
2021-02-05 09:09:55 +05:30
Vinoth Kannan
024f2720f3
DEV: apply cdn headers to public javascripts endpoint too. ( #11942 )
...
It will add CORS header `Access-Control-Allow-Origin: '*'` to the files inside `public/javascripts` folder.
2021-02-03 20:15:52 +05:30
Vinoth Kannan
a5923ad603
DEV: apply allow origin response header for CDN requests. ( #11893 )
...
Currently, it creates a CORS error while accessing those static files.
2021-01-29 07:44:49 +05:30
Vinoth Kannan
af4938baf1
Revert "DEV: enable cors to all cdn get requests from workbox. ( #10684 )" ( #11076 )
...
This reverts commit e3de45359f
.
We need to improve out strategy by adding a cache breaker with this change ... some assets on CDNs and clients may have incorrect CORS headers which can cause stuff to break.
2020-10-30 16:05:35 +11:00
Vinoth Kannan
72810853ea
FIX: strip the trailing slash (/) of cors origins. ( #10996 )
...
Strips trailing `/` from global settings
Provides a validation for site settings to ensure a trailing `/` is not added
2020-10-29 13:01:06 +11:00
Vinoth Kannan
e3de45359f
DEV: enable cors to all cdn get requests from workbox. ( #10685 )
...
Now all external requests from the service worker will be in CORS mode without credentials.
2020-10-28 23:36:19 +05:30
Sam Saffron
25f1f23288
FEATURE: Stricter rules for user presence
...
Previously we would consider a user "present" and "last seen" if the
browser window was visible.
This has many edge cases, you could be considered present and around for
days just by having a window open and no screensaver on.
Instead we now also check that you either clicked, transitioned around app
or scrolled the page in the last minute in combination with window
visibility
This will lead to more reliable notifications via email and reduce load of
message bus for cases where a user walks away from the terminal
2020-03-26 17:36:52 +11:00
Robin Ward
30bba6252d
Allow CORS combined with HTTP Auth
2019-09-09 15:02:20 -04:00
Davide Porrovecchio
005e1f5373
Add Cache-Control header to CORS ( #6490 )
2018-10-16 10:46:55 +11:00
CheshireVillageSoftware
f3214889dc
FEATURE: Updated CORS config to explicitly specifyhttp methods
...
See: https://stackoverflow.com/questions/20478312/default-value-for-access-control-allow-methods
In particular we now explicitly allow DELETE and PUT which is inconsistently allowed depending on browser
2018-09-17 11:01:08 +10:00
Davide Porrovecchio
1826626272
FEATURE: Add Content-Type header to CORS
...
- add Content-Type to Access-Control-Allow-Headers
- update test accordingly
2018-08-28 11:19:38 +10:00
Davide Porrovecchio
dd9d815178
FIX: Add User Api Key headers to CORS
...
- add User-Api-Key and User-Api-Client-Id to Access-Control-Allow-Headers
- update test
2018-07-24 10:28:23 +10:00
Sam
90a55d6f7c
FIX: handle CORS in hijacked requests
2017-12-07 10:31:04 +11:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Neil Lalonde
f9aae7af6a
FIX: add Discourse-Visible to CORS allowed headers for sites that use a proxy
2017-03-06 14:41:57 -05:00
Neil Lalonde
954d75f81c
FIX: CORS middleware needs to happen earlier than AnonymousCache middleware
2017-03-06 12:25:12 -05:00
Sam
65edbb609c
Revert "Revert message bus upgrade"
...
This reverts commit 47e718f5b2
.
2015-12-09 11:48:41 +11:00
Sam
47e718f5b2
Revert message bus upgrade
2015-12-09 11:45:11 +11:00
Sam
2cc95af69b
Revert "REVERT: message bus changes"
...
This reverts commit 4820d5c7b0
.
2015-12-09 07:36:36 +11:00
Robin Ward
4820d5c7b0
REVERT: message bus changes
2015-12-08 15:32:31 -05:00
Sam
c866d5b42d
Revert "Revert "PERF: move message bus to the front of the middleware stack""
...
This reverts commit cd1dd18f01
.
2015-12-08 07:11:28 +11:00
Robin Ward
cd1dd18f01
Revert "PERF: move message bus to the front of the middleware stack"
...
I suspect this commit is preventing Sidekiq from running inprocess.
2015-12-07 14:57:23 -05:00
Sam
c04bcf8655
PERF: move message bus to the front of the middleware stack
...
Organise all initializers so they are properly ordered and use the same naming scheme
2015-12-07 14:51:24 +11:00