Commit Graph

43 Commits

Author SHA1 Message Date
David Taylor
dcd994a9f1
DEV: Drop workbox dependency (#26735)
This service-worker caching functionality was disabled by default in 1c58395bca, and the setting to re-enable was marked as experimental. Now we are dropping all the related logic.
2024-04-24 10:19:12 +01:00
David Taylor
234795c70e
FIX: Service worker push notifications when cache disabled (#25610) 2024-02-08 11:55:32 +00:00
David Taylor
225db41bfc
DEV: Remove service-worker fetch handler entirely when cache disabled (#25591)
Followup to c4559ae575
2024-02-07 14:57:40 +00:00
David Taylor
c4559ae575
DEV: Add disable_service_worker_cache global setting (#25589)
When enabled, the workbox caching logic in the service worker will be replaced with a very simple offline error page. We plan to use this as an experiment to see how it affects performance and stability of Discourse.
2024-02-07 10:44:12 +00:00
Natalie Tay
dc263b5189
FIX: Syntax error (#25101) 2024-01-03 11:01:42 +08:00
Sam
7b12be866d
FIX: never skip push notifications (#25099)
* FIX: never skip push notifications

According to Apple, silent push notifications are automatically punished per:

https://developer.apple.com/videos/play/wwdc2022/10098/?time=814

> As mentioned when I showed you the code on how to request a push
> subscription, you must promise that pushes will be user visible.
> Handling a push event is not an invitation for your JavaScript to
> get silent background runtime. Doing so would violate both a user’s
> trust and a user’s battery life. When handling a push event, you are
> in fact required to post a notification to Notification Center.
> Other browsers all have countermeasures against violating the promise
> to make pushes user visible, and so does Safari.
> In the beta build of macOS Ventura, after three push events where you
> fail to post a notification in a timely manner, your site’s push
> subscription will be revoked. You will need to go through the permission
> workflow again.

The isIdle check was causing certain push notifications to be silent

Additionally, the auto dismissal logic was causing delays which may cause
the device to think the push was a silent one.

By removing this we hope to ensure push notification delivery is more robust
and consistent on iOS.
2024-01-03 12:23:04 +11:00
Blake Erickson
7a7c53894d
FIX: Excessive video data downloading from service worker (#24924)
This bug appears to only be on Chrome due to the service worker fetching
the video content on page load instead of on play. For some reason
though the service worker would fetch around 4x more than the size of
the video resulting in excessive data being downloaded especially for
larger videos.

meta https://meta.discourse.org/t/287817
internal /t/111387/52
2023-12-15 13:29:50 -07:00
David Taylor
61527f5eaf
FIX: Ensure service-worker cache is cleaned correctly (#23204)
By default, the workbox-expiration plugin will not expire cache entries which include a `Vary` header in the response. This means that cached entries can build up until the browser storage quota is hit.

This commit introduces the `ignoreVary: true` option, so that deletion is performed correctly. This will only apply going forward, so this commit also bumps the cache version and deletes the old caches.

Ref https://github.com/GoogleChrome/workbox/issues/2206
2023-08-23 13:58:32 +01:00
Mark VanLandingham
36b9572bb1
FIX: Attempt to reconnect to server when browser visibilty changes (#22259) 2023-06-23 11:32:34 -05:00
David Taylor
a49b45dc14
FIX: Update workbox class references following version bump (#22108)
Followup to cc2f18121d
2023-06-14 14:39:04 +01:00
David Taylor
9c926ce645
PERF: Improve workbox loading strategy (#22019)
Previously workbox JS was vendored into our git repository, and would be loaded from the `public/javascripts` directory with a 1 day cache lifetime. The main aim of this commit is to add 'cachebuster' to the workbox URL so that the cache lifetime can be increased.

- Remove vendored copies of workbox.
- Use ember-cli/broccoli to collect workbox files from node_modules into assets/workbox-{digest}
- Add assets to sprockets manifest so that they're collected from the ember-cli output directory (and uploaded to s3 when configured)

Some of the sprockets-related changes in this commit are not ideal, but we hope to remove sprockets in the not-too-distant future.
2023-06-09 11:14:11 +01:00
Bianca Nenciu
9ae5ddb330
FIX: Service worker for Safari (#21435)
The first rule in the service worker is bypassed for Safari, but the
previous detection method was matching any browser running on macOS.
2023-05-09 18:36:20 +03:00
Bianca Nenciu
37cacf72ae
FIX: Service worker should cache only 200 requests (#21409)
This can cause CORB issues when combining S3, secure uploads and
service workers.
2023-05-05 11:33:47 -04:00
Rafael dos Santos Silva
587e9ed9ba
FEATURE: Enable service worker for Apple devices (#19643)
This is necessary so MacOS Ventura (and in 2023 iOS) can use our new
default push notifications.

We still disable caching of dynamic routes on Apple devices due to it's
always being buggy there.
2023-01-30 13:23:19 -03:00
Rafael dos Santos Silva
99e5fbe303
FEATURE: Replyable chat push notifications (#18973)
Allows quick inline replies in chat push notifications. This will allow users
in compatible platforms (Windows 10+ / Chrome OS / Android N+) to reply
directly from the notification UI.

Probable follow ups include:

  - inline replies for posts

  - handling failure of reply
    - fallback to draft creation if business logic error
    - store and try again later if connectivity error

  - sent inline replies lack the in_reply_to param

  - i18n of inline reply action text and placeholder
2022-11-11 12:30:21 -03:00
Martin Brennan
8ebd5edd1e
DEV: Rename secure_media to secure_uploads (#18376)
This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality.

This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site.

Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing.

This also keeps compatibility with the `secure-media-uploads` path, and changes new
secure URLs to be `secure-uploads`.

Deprecated settings:

* secure_media -> secure_uploads
* secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails
* secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
2022-09-29 09:24:33 +10:00
David Taylor
2d67315c32
FIX: Disable service worker proxying in chrome 97-97.0.4692 (#15638)
https://bugs.chromium.org/p/chromium/issues/detail?id=1286367
2022-01-18 19:41:25 +00:00
David Taylor
235de5dd90
FIX: Add /session/sso service-worker workaround for chrome 97 (#15630)
Followup to 2278c7f82d. Depending on the site's SSO implementation, this route is also used as part of a redirect sequence and needs to be able to set cookies.

Chrome bug reference: https://bugs.chromium.org/p/chromium/issues/detail?id=1286367
2022-01-18 11:27:01 +00:00
Rafael dos Santos Silva
2278c7f82d
FIX: Bypass service worker on the SSO path (#15558)
This is a workaround a behavior change in Chromium v97.
The following text was sent to the blink-dev mailing list:

> This change broke a SingleSignOn login on the FOSS software Discourse. We have a flow like:
>
> 1. User visits forum.siteA.com, click login
> 2. Gets redirected to idp.siteB.com
> 3. Fills login details
> 4. Gets redirected to forum.siteA.com/session/sso_login?parameters
> 5. Gets redirected to forum.siteA.com/homepage
>
> On step 4, the response includes a `set-cookie` header, with proper `HttpOnly; SameSite=Lax; Secure `and set. But if there is an active service worker, the login will fail as that cookie will be rejected by Chromium due to SameSite rules now.
>
> t=2971 [st=258]        COOKIE_INCLUSION_STATUS
>                        --> domain = "forum.siteA.com"
>                        --> name = "_t"
>                        --> operation = "store"
>                        --> path = "/"
>                        --> status = "EXCLUDE_SAMESITE_LAX, DO_NOT_WARN"
>
> The service worker is a vanilla WorkboxJS service worker that intercepts all GETs with the "Network First" strategy.
>
> Disabling the service worker or using Firefox results in a successful login. There is no warning in either DevTools network tab nor the console that the cookie was rejected.
>
> Chrome 96: login works
> Chrome 97: login does not work
> Chrome 98: login does not work
>
> Is this expected behavior? Even if the request `GET forum.siteA.com` was initiated because of a redirect from a different domain, is it expected that Chrome will silently drop same site cookies from forum.siteA.com?
2022-01-12 20:01:53 -03:00
Martin Brennan
0cba1fafe4
DEV: debug: false for service workers to stop log spam via workbox (#12093) 2021-02-16 14:01:19 +10:00
Rafael dos Santos Silva
ceab1c9fdf
FEATURE: Handle user agent push subscription change events (#11994)
A user browser may rotate a user subscription endpoint/keys
anytime.

Currently, Discourse will receive a 4XX response while trying to
deliver a push notification and silently unsubscribe the device.

With this change, we will gracefully handle desativating the old
subscription and the replacement creation with the need for the user
to resubscribe manually every time it breaks.

https://meta.discourse.org/t/-/125179?u=falco
2021-02-08 12:09:52 -03:00
Vinoth Kannan
e6a02469ad
DEV: refresh all CDN endpoint URLs except the S3 uploads & assets. (#11937)
Using this added a temporary query param to force browsers to redownload all CDN endpoints.
2021-02-03 02:22:01 +05:30
Vinoth Kannan
9d2eaec88f
DEV: enable CORS to all CDN get requests from workbox. (#11896)
To prevent opaque cache files, now all the CDN files will be requested in 'cors' mode if the cdn_cors_enabled global setting is enabled. Before enabling the setting, should enable the cors in the CDN server by adding the response header `access-control-allow-origin: *` or `access-control-allow-origin: https://discourse.example.com.`

And other external file requests other than CDN will not be cached if the response type is opaque.
2021-02-02 11:38:29 +05:30
Vinoth Kannan
af4938baf1
Revert "DEV: enable cors to all cdn get requests from workbox. (#10684)" (#11076)
This reverts commit e3de45359f.

We need to improve out strategy by adding a cache breaker with this change ... some assets on CDNs and clients may have incorrect CORS headers which can cause stuff to break.
2020-10-30 16:05:35 +11:00
Vinoth Kannan
e3de45359f
DEV: enable cors to all cdn get requests from workbox. (#10685)
Now all external requests from the service worker will be in CORS mode without credentials.
2020-10-28 23:36:19 +05:30
David Taylor
0e3fa4072f FIX: Bypass serviceworker cache for auth routes
This avoids samesite cookie-related issues in iOS PWAs during the authentication flow
2020-03-31 14:24:02 -03:00
Roman Rizzi
10478cb395
DEV: Bump uglifyjs (#7834)
* Rewrite uglifyjs command to work with 3.x

* Use ES5 syntax in plain JS files

* Use the older command if uglifyJS V2.x is installed
2019-10-09 10:02:49 -03:00
Rafael dos Santos Silva
6dfb2165ae FIX: Syntax error in b1f5949 2019-08-05 16:07:49 -03:00
Rafael dos Santos Silva
b1f5949868 FIX: Make the workbox path compatible with multisite
Closes
https://meta.discourse.org/t/full-url-in-assets-erb-file-multisite-issues/124393?u=falco
2019-08-05 15:00:41 -03:00
Rafael dos Santos Silva
1922d4bf78 PERF: Add more constraint on the Cache Storage usage
Only restricting cache per age wasn't enough for instances with lots of
multimedia usage and high number of posts.

MaxEntries is also more effective on cleanup, and purgeOnQuotaError
advertise that Discourse cache can be purged if necessary.

https://developers.google.com/web/tools/workbox/guides/storage-quota
2019-07-27 11:52:21 -03:00
Rafael dos Santos Silva
b505d1d700 DEV: Force workboxjs debug to false on dev env too 2019-07-15 16:07:49 -03:00
Rafael dos Santos Silva
1221d34284
FEATURE: Make Discourse work offline with WorkboxJS (#7870) 2019-07-15 13:05:55 -03:00
Sam
f8305f53c7 FEATURE: special offline support restricted to Android only
The special offline page with fetch interception in service worker
is only strongly required on Android ad a pre-req for PWAs

This is now strongly restricted only to Android while iOS PWA support
gets better

Long term if we build offline support we can unlock it more globally
2018-10-29 16:29:19 +11:00
kleinfreund
4ce1d230c7 Prefer throwing a new Error object instead of just a string expression 2018-06-12 12:56:22 +10:00
Guo Xiang Tan
569f63b8a2
Merge pull request #5825 from featheredtoast/extend-service-worker-cache
FIX: update cache times for service workers
2018-05-25 09:28:17 +08:00
Jeff Wong
82a95164e9 Fix: Safari failing to download backups from email links
disable service workers on safari

bypass serviceworker network if this is a URL with a token param
2018-05-15 14:38:31 -07:00
Jeff Wong
e4a33cbc0a FIX: update cache times for service workers
Add a last modified time.

Register newer service workers and claim clients more quickly.
2018-05-14 12:29:24 -07:00
Jeff Wong
c450b70bcc fix: revert to es5 function syntax 2018-05-04 15:42:48 -07:00
Jeff Wong
91b31860a1
Feature: Push notifications for Android (#5792)
* Feature: Push notifications for Android

Notification config for desktop and mobile are merged.

Desktop notifications stay as they are for desktop views.

If mobile mode, push notifications are enabled.

Added push notification subscriptions in their own table, rather than through
custom fields.

Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Guo Xiang Tan
d2d3c7d24e FIX: Only show offline page when user is offline.
https://meta.discourse.org/t/cannot-load-app-in-firefox-sometimes-refresh-fixes-it/85258
2018-04-23 10:22:20 +08:00
Sam
074d590abd FIX: stop counting offline page as a page view 2018-02-13 16:19:43 +11:00
Guo Xiang Tan
110dfbf42f Uglify doesn't support ES6 yet. 2017-11-28 16:07:27 +08:00
Jeff Wong
b094894c94 Feature: Add service worker registration method to plugin API 2017-11-28 14:01:41 +08:00