Commit Graph

60 Commits

Author SHA1 Message Date
Guo Xiang Tan 5012d46cbd Add rubocop to our build. () 2017-07-28 10:20:09 +09:00
Neil Lalonde 0b41046238 don't force SiteSetting.title into meta title tag 2017-06-12 13:50:50 -04:00
Robin Ward cdbe027c1c Refactor `FileHelper` to use keyword arguments. 2017-05-24 13:54:26 -04:00
Sam Saffron 0013a23dc1 SECURITY: prefer render plain/html to render text where possible 2017-04-10 08:01:42 -04:00
Sam Saffron b94c7b4902 missing disposition 2017-03-20 17:07:32 -04:00
Sam 652b2d7199 remove redundent header setting 2017-03-20 16:08:18 -04:00
Sam c106ca6778 FEATURE: fallback asset path for multi host setups 2017-03-20 15:59:17 -04:00
Arpit Jalan 801b5838e1 FIX: do not show faq/guidelines page to anonymous users for private forums 2017-03-08 16:00:49 +05:30
Sam Saffron 3754b038e8 fix brotli origin 2017-02-23 18:26:40 -05:00
Sam f15f61da0a FEATURE: add immutable caching to rails site of things 2017-02-23 13:05:00 -05:00
Sam 98f4a2adcb FIX: on 404 from brotli asset path return a correctly encoded doc
old implementation would cache the 404 for 1 year with incorrect encoding

hilarity would ensue
2016-12-15 16:05:20 +11:00
Sam dc66f6681a add spec for brotli controller, ensure cached correctly 2016-12-05 16:08:36 +11:00
Sam 8a98d617df correct headers and add better caching 2016-12-05 15:11:07 +11:00
Sam 39a524aac8 FEATURE: brotli cdn bypass for assets
Allow CDNS that strip out brotli encoding to use brotli regardless
2016-12-05 13:57:09 +11:00
Sam b7cea24d76 FEATURE: more user API flow, support key creation 2016-08-16 17:06:52 +10:00
Neil Lalonde 56e47c8d7e FEATURE: report on admin dashboard when favicon is failing to load 2016-04-05 14:42:32 -04:00
Guo Xiang Tan 62011a252f FIX: Follow redirects when downloading favicons. 2016-02-25 11:50:34 +08:00
Neil Lalonde 9ad226aaa8 FEATURE: add email query param to login, signup, and password-reset URLs to prefill form 2016-01-19 16:53:46 -05:00
Sam Saffron 00342faff9 FIX: use default favicon if a bad favicon is specified 2015-12-22 18:08:27 +11:00
Arpit Jalan 362c515f33 FEATURE: compose a new pre-filled message via URL 2015-11-24 18:55:45 +05:30
Sam c70bb0c032 we got to clean up js debugging, its busting caching. 2015-11-22 01:20:39 +11:00
Sam 4e37bcc3e2 Add extra safety 2015-08-25 12:05:15 +10:00
Sam 2c59ad3dd3 FIX: favicon update broken when favicon lived on a CDN 2015-08-25 11:54:23 +10:00
Arpit Jalan d1632c1dbd FIX: new-topic URL should survive login redirection 2015-06-14 20:24:47 +05:30
Sam Saffron 9787cb07aa FIX: when missing a static topic we were returning an error 2015-06-01 11:40:52 +10:00
Sam f5af4768eb FEATURE: add clean support for running Discourse in a subfolder
To setup set DISCOURSE_RELATIVE_URL_ROOT to the folder you wish
2015-03-09 13:14:29 +11:00
Sam 6c09b6739d BUG: minor, do not send access origin if not set 2015-02-17 09:58:43 +11:00
Robin Ward 572842721d FIX: Better page titles for SEO 2014-10-30 14:26:56 -04:00
Robin Ward 316f1bea04 SECURITY: Don't allow redirects with periods in case you don't control
other tlds on the same domain.
2014-10-30 11:31:44 -04:00
Régis Hanol de415b804c FIX: add 'Content-Length' header for avatars 2014-10-22 15:39:51 +02:00
Sam 832655df14 attempt to get content length through 2014-10-21 16:17:13 +11:00
Sam 4e7057efb1 Clean up content type and add Expires header when serving CDN assets 2014-10-21 15:59:34 +11:00
Sam 8efee0d03d don't use Markdown 2014-10-18 17:17:38 +11:00
Sam 742c5e29c9 FEATURE: advanced search help 2014-10-18 14:27:33 +11:00
Robin Ward 85c6eb9b08 SECURITY: Only redirect to our host by path on the login action 2014-08-28 17:45:13 -04:00
Sam 03c8f09be8 PERF: finalize porting to new incoming links structure 2014-08-04 16:43:57 +10:00
Régis Hanol 3d6e2713d1 BUGFIX: login was broken when login was required 2014-07-26 23:16:08 +02:00
Neil Lalonde 5a33e6f00c Move FAQ, Terms of Service, and Privacy Policy into topics in the Staff category. First post of those topics will be rendered on their respective pages. Site settings and content are not used for these documents anymore. Translations of the default text is moved into the standard YML files. 2014-07-25 14:41:20 -04:00
Sam 40af9ce612 FIX: do not store incoming links on avatars or uploads 2014-07-25 15:10:06 +10:00
Neil Lalonde e565ae2528 FEATURE: /guidelines route will always show our FAQ, ignoring the faq_url site setting 2014-07-10 12:58:41 -04:00
Sam 27f85e5451 FIX: allow for subdirectorys for cdn assets 2014-07-10 17:29:38 +10:00
Sam 6019e3f257 FIX: remove hardcoding from middleware stack so we can control it 2014-07-10 17:01:21 +10:00
Sam 5032c96486 FIX: disable x accl redirect for CDN assets
We need to keep headers in tact
2014-07-10 16:32:46 +10:00
Sam efd6bf1490 FIX: set last modified date on CDN assets 2014-07-08 14:48:20 +10:00
Sam 832a730e36 BUGFIX: re-enable CDN js debugging in a robust way
May be disabled if needed via site setting
2014-05-19 08:46:28 +10:00
Neil Lalonde ce5ebc3eb5 On sites with login_required enabled, after signup, don't show the /login page again 2013-10-30 16:37:36 -04:00
Neil Lalonde 89265c3a8b FIX: BAD CSRF on login. Don't check csrf in the fake login form since it doesn't actually do anything. 2013-08-27 11:31:14 -04:00
Sam 06bd9e3234 allow login required screen to be customized 2013-07-16 20:49:04 +10:00
Stephan Kaag e39cc464b1 Refactor routes in order to be compatible with Rails 4 2013-07-01 20:00:06 +02:00
Sam 9fd00cac65 work in progress, add custom faq link, ember router needs to know about this or the redirect trick will not work 2013-06-27 17:15:59 +10:00