Commit Graph

651 Commits

Author SHA1 Message Date
Jeff Atwood
18215f90d0 more flexible regex to block empty JS Logster errors 2015-01-16 17:36:18 -08:00
Jeff Atwood
77ae0b4f7f block empty JS errors from Logster 2015-01-16 17:28:50 -08:00
Sam
ef62933034 Ruby 2.2 fixes 2014-12-29 13:31:15 +11:00
Sam
2535e22151 stop logging csrf errors for API 2014-12-12 08:00:22 +11:00
Sam
23ad68678e rails master fixes 2014-11-11 12:58:56 +11:00
Godfrey Chan
b1a0cd417d Avoid a deprecation warning by poly-filling #deliver_now and #deliver_now 2014-11-10 01:05:46 -08:00
Sam
aa9b3bb35a FEATURE: allow long polling to go to a different url
Added the site setting long_polling_base_url , this allows you
to farm long polling to a different server.

This setting is very important if a CDN is serving dynamic content.
2014-10-24 13:38:38 +11:00
Neil Lalonde
f88075cbba FEATURE: CORS settings per-site in a multisite env 2014-10-15 15:20:39 -04:00
Sam
5e0623d1e5 FEATURE: airbrake dependency removed, can be added via a plugin if needed 2014-09-25 10:30:29 +10:00
Sam
492aca05c2 FIX: authorized callback deprecated 2014-08-22 11:05:20 +10:00
Sam
e291138cf1 Unknown format is not interesting 2014-08-18 13:10:22 +10:00
Sam
f897c89d48 FIX: run reaper after fork 2014-08-11 17:51:55 +10:00
Sam
9ceb0556bc PERF: add connection pool drainer to keep connection counts down 2014-08-11 16:48:10 +10:00
Sam
44d45c6eda FIX: logster update, enable ignore patterns 2014-08-07 10:30:12 +10:00
Régis Hanol
562d2e0c86 TEMP: comment out logster ignore patterns 2014-08-06 14:50:48 +02:00
Sam
3cab3acd60 FIX: stop logging way too much information 2014-08-05 16:14:28 +10:00
Vikhyat Korrapati
2f30ce79c8 Add Access-Control-Allow-Credentials to the CORS headers. 2014-07-30 02:36:30 +05:30
Sam
1c25f00615 Fix build 2014-07-29 12:47:26 +10:00
riking
400bbb57fe Suppress trackback CSRF errors from Logster 2014-07-25 12:43:57 -07:00
Sam
46c406360d FIX: cors setting was broken
Some days I wonder why we bother taking a whole gem
dependency when 10 lines of code does the job right
2014-07-23 17:04:09 +10:00
riking
d90404e830 Change 'code' to 'message' 2014-07-17 15:19:58 -07:00
riking
12cb682548 Start passing more context to Discourse.handle_exception 2014-07-17 14:11:56 -07:00
riking
2b5a955c18 Pass more context from Sidekiq jobs to Logster 2014-07-17 11:19:59 -07:00
Sam
9468ebeb2e CHANGE: Mini Profiler only enabled for developers in prd 2014-07-17 08:34:41 +10:00
Sam
efd6bf1490 FIX: set last modified date on CDN assets 2014-07-08 14:48:20 +10:00
Neil Lalonde
10f0ddbbdd Make it possible to add multiple CORS origins in discourse.conf and docker yml files 2014-06-13 14:47:19 -04:00
Robin Ward
1af2ff6201 ES6: More components moved over. 2014-05-30 12:28:05 -04:00
Sam
fa6f22dd39 Move letter avatars out of upload system
FIX: S3 issues around system avatars
FIX: reduced backup file size
2014-05-30 14:45:55 +10:00
Robin Ward
20c640355d Silence avatar logger for sanity 2014-05-27 10:27:49 -04:00
Sam Saffron
7c3d72f77a BUGFIX: exclude avatars from mini profiler 2014-05-27 12:38:42 +10:00
Sam
6c1c8be794 Work in progress, keeping avatars locally
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)

user can then pick which they want.
2014-05-27 10:08:03 +10:00
Sam
7fbf162666 Logster update
cleans up a bunch of messed up context stuff with multisite
improves backtraces
adds request params
2014-05-25 13:54:52 +10:00
Neil Lalonde
c4d3aa3d47 Theming: a UI to choose some base colors that are applied to all the site css. CSS compiled outside of asset pipeline. 2014-05-14 10:18:12 -04:00
Sam
31c575687b memory_profiler should be shipped with mini profiler 2014-05-08 14:47:54 +10:00
Sam
c25cd4e78d A new logster, that gets rid of a pile of 404s being logged as fatal errors. 2014-05-07 17:01:19 +10:00
Sam
19dec8c87c mini profiler too chatty 2014-05-07 08:33:07 +10:00
Sam
4af0aa9cbc logster integration (in production as well) 2014-05-07 08:24:15 +10:00
Sam
c6f9cc0787 UPGRADE: sidekiq to sidekiq 3.0 2014-04-23 11:01:17 +10:00
Jeff Atwood
fa4c21c28f better first boot register admin account help 2014-04-21 11:36:35 -07:00
Robin Ward
caa2564b83 Start up the Job scheduler after all the other initializers have loaded.
We do this so that plugins can register scheduled jobs.
2014-04-10 12:41:13 -04:00
Vikhyat Korrapati
8c129e480a Always use DiscourseSassImporter, add optional sprockets deps tracking. 2014-04-09 19:17:19 +05:30
Sam
d064dd241f BUGFIX: reload site settings on rails reload in dev 2014-04-03 10:39:30 +11:00
Sam
f3cc7360e0 BUGFIX: Correct after_fork semantics
After fork SiteSettings was not getting a new process id,
causing site settings not to refresh properly in unicorn

This code also centralizes the logic
2014-03-31 12:34:13 +11:00
Sam
14f7551f2b Fix visual bug 2014-03-25 09:45:21 +11:00
Jeff Atwood
6715786630 minor login install hint copyedit 2014-03-24 00:33:02 -07:00
Sam
039e65c3eb improve copy 2014-03-24 18:11:12 +11:00
Sam
7e7c4efcc0 FEATURE: on initial boot hint users on how to get admin 2014-03-24 18:03:39 +11:00
Sam Saffron
2ab76f60d1 FEATURE: Discoruse.handle_exception
to report exception via sidekiq helper, adds extra context
2014-02-21 14:30:25 +11:00
Sam
c0d947aa98 allow bench to run with unicorn optionally
memstats can output yaml now
2014-02-16 16:44:51 +11:00
Régis Hanol
0e686aca95 update sidekiq initializer to use the pausable middleware 2014-02-13 13:31:13 -08:00
slainer68
a89018db87 Use GlobalSetting to enable CORS at application level 2014-02-09 23:11:52 -08:00
Sam
212ece3e80 Remove memory profiler at least until I push a new docker image 2014-02-10 15:40:32 +11:00
Sam
ca170e4636 Add memory profiler gem for ruby 2.1 2014-02-10 15:27:46 +11:00
Sam
87a07e2355 attempt to work around concurrency issue with active record 2014-02-08 15:19:10 +11:00
Sam
e1f293ad66 FEATURE: new scheduler
Removed sidetiq, introduced new scheduler

- add basic UI
- add schedule discover
- add scheduling in initializer
2014-02-06 10:26:16 +11:00
Neil Lalonde
e6096b4524 Revert "Try secure: true again" It's definitely broken 2014-01-31 15:02:57 -05:00
Neil Lalonde
ad34a297fd Try secure: true again 2014-01-31 14:17:14 -05:00
Neil Lalonde
f71c8bb533 Revert "Add secure flag to cookie" 2014-01-30 18:53:48 -05:00
Neil Lalonde
4e158b2316 Add secure flag to cookie 2014-01-30 17:07:08 -05:00
Neil Lalonde
946e837542 Add twitter to Onebox.options 2014-01-29 14:14:07 -05:00
Sam
a247389d4e FEATURE: automatically update site to latest version of assets
if a user neglects to move around the site it will prompt to do so 2 hours in
2014-01-15 12:08:35 +11:00
Sam
fd95dbe75a FEATURE: Automatically force a full refresh between pages if assets change 2014-01-15 12:08:35 +11:00
Sam
166a8d2932 don't insert middleware its a problem 2014-01-10 13:51:02 +11:00
Sam
5242a49c02 BUGFIX: in some proxy scenarios https was not propergated properly 2014-01-10 12:21:09 +11:00
Sam
adc9a58f4a BUGFIX: anon cache was mucking with params 2014-01-09 16:49:12 +11:00
Sam
d4cc367a6f Disable cache for a bit to see if its killing the build 2014-01-09 16:08:59 +11:00
Sam
177983afe6 BUGFIX: mobile ui was being cached for anon views 2014-01-09 14:08:42 +11:00
Régis Hanol
06dd7ffe3c better revision history 2013-12-12 03:41:34 +01:00
Sam
461972844e unicorn out of band GC 2013-11-15 12:15:49 +11:00
Sam
0e8914cee6 add unicorn launcher to support live reloads
add oobgc rudimentary support
2013-11-13 15:29:36 +11:00
Sam
11428ef9d6 filter out android from mini profiler 2013-11-12 16:47:01 +11:00
Neil Lalonde
18bc6ecd08 Sidetiq::Clock#start is deprecated. Remove it. 2013-11-05 15:43:48 -05:00
Raul Murciano
bd5fe86c87 require X-Frame-Options: SAMEORIGIN for clickjack prevention 2013-10-28 15:14:08 -07:00
Sam
3d647a4b41 remove rack cache, it has been causing trouble
instead implement an aggressive anonymous cache that is stored in redis
this cache is sitting in the front of the middleware stack enabled only in production
TODO: expire it more intelligently when stuff is created
2013-10-16 16:39:18 +11:00
Sam
c4bab8915c fix initialization issues with unicorn
amend unicorn script to demonize sidekiq
create a sidekiq demon that unicorn consumes
correct bug in exec_sql with empty params
2013-10-10 14:23:24 +11:00
Sam
f0a122a66c move job files so they live underneath app/ and not in lib/
introduce new setting email_always, that will force emails to send to users regardless of presence on site
2013-10-01 17:04:02 +10:00
Sam
98267d439a fixed ruby 2.0 p0 bug in fast_stack so re-pushing 2013-09-09 21:19:23 +10:00
Sam
3fb0f52574 disable flamegraph while I figure out why fast stack is not working for some people on x32 2013-09-07 08:50:16 +10:00
Sam
51eb764345 mini profiler update to use latest flame graph engine 2013-09-03 17:58:56 +10:00
Sam
d3c5afbb80 reduce sidetiq frequency
remove minutely() schedule that was very inefficient
2013-09-02 17:14:41 +10:00
Sam
b730b27c4f some soample counter methods 2013-08-30 16:44:34 +10:00
Sam
aaf41d227f fix secret_token init to always allow an override even if its too short 2013-08-29 15:27:59 +10:00
Sam
213ce33af2 Fixed all broken specs
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
Sam
912d4b853b slowly going about ordering our middleware 2013-08-26 12:59:17 +10:00
Sam
075002a6d5 refactoring the plugin interfaces to allow for better extensible 2013-08-26 12:59:17 +10:00
Sam
b5b22f0f36 move secret token into redis to ease install 2013-08-20 17:17:19 +10:00
Michael Kirk
4af8a9102e Authenticate with Discourse via OAuth2
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Stephan Kaag
a6b4b5dbf2 Replace Clockwork with Sidetiq 2013-08-14 21:39:40 +02:00
Régis Hanol
92b0cfe3d3 cleaned up non-used code 2013-08-13 22:09:10 +02:00
Sam
857e2e6a19 correct scope, it should user:email to get read access to email 2013-08-02 10:03:29 +10:00
Sam
2162e3bbb5 we need email scope (also as I edit files I like to keep quoting consistent) 2013-08-02 09:59:25 +10:00
Sam
160107a712 working plugin interface for custom openid auth, custom css and custom js 2013-08-01 16:02:43 +10:00
Robin Ward
8c4aac7f94 Migrate all jasmine specs to Qunit. Removed Jasmine. 2013-06-19 18:18:35 -04:00
Sam
11afa0c11b work in progress migrate to moment 2013-06-07 08:49:22 +10:00
Ian Christian Myers
0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam
8b69ee26ff forking in passenger was bust, message bus subscriptions would stop working after fork 2013-06-03 16:50:30 +10:00
Chris Hunt
dbf4d9b0dc Set Sidekiq log level to WARN 2013-05-29 09:36:15 -07:00
Erik Ordway
1575ce7b10 add cas support with a few tests 2013-05-23 13:40:50 -07:00
Sam
e9ebadb414 Nuke message_bus_observer move to service class and classes
Secure all messages triggered by post creation and all user actions so they don't leak
(meaning, if you have a browser open and secure topics are created you will only get them if you are allowed to see them)
2013-05-16 15:03:16 +10:00
Sam
68e6405aca redis rack cache was crazy, it was just storing stuff in redis FOREVER, added a PR to fix, forked to my repo, sourcing a sane version 2013-05-07 17:33:04 +10:00
Sam
4d2c28e8b2 added setting to flush redis if you feel like doing so in dev 2013-05-03 09:56:10 +10:00
slainer68
467c76b2c0 Implements support for rack-cors for API JavaScript access in end-user browser 2013-04-22 11:16:58 +02:00
Sam
8014d7fd25 correct rack::cache so it always punches through users with auth cookies 2013-04-12 21:59:52 +10:00
Sam
850b042cab introduce rack:cache as a default, so users don't need to configure apache or nginx
under rack cache we are able to serve 620reqs a second per thin (on my machine) before it 12 (on my machine)

reorganised so mini profilers can be cleanly disabled from config file

added caching for categories index

move production.rb to production.sample.rb
2013-04-11 16:24:21 +10:00
Kuba Brecka
af0a772629 implement pluralization for server-side and js 2013-03-31 19:55:02 +02:00
Sam
36d60befbd mini profiler fix for multisite 2013-03-25 18:04:46 -07:00
Neil Lalonde
ba315c6610 If assets haven't been precompiled, fail to start server in production mode with a message 2013-03-25 13:33:58 -04:00
Robin Ward
7c505df6d4 Merge branch 'update-sidekiq' of git://github.com/nverba/discourse
Conflicts:
	config/initializers/sidekiq.rb
2013-03-25 10:26:13 -04:00
Sam
622568fd57 fix mp in prd 2013-03-24 20:36:55 -07:00
Sam
f921d1c547 comment out dead code
add some explanations
2013-03-24 20:09:28 -07:00
Sam
67c438434b wow, this has been broken for OH so long, we need to segragate users correctly so MP results work as expected 2013-03-24 19:52:03 -07:00
Sam
988a712c77 correct multisite functionality for omniauth 2013-03-24 17:21:18 -07:00
Karan Misra
5dfb04e4b3 Convert a lot of :a => b to a: b and bring peace to the world 2013-03-25 05:07:36 +05:30
nverba
0c7579ec9f Update Sidekiq and config 2013-03-23 14:49:50 +00:00
Sam
e3d30f1366 turns out that instansiating a storage provider and assigning it nowhere, just don't work 2013-03-20 23:54:28 -07:00
nverba
9a1fb90b91 Update mini_profiler.rb
Passing a pre-defined Redis connection to MiniProfiler stops connection leakage. Should limit MiniProfiler connections to one per running process.
2013-03-20 03:29:07 +00:00
nverba
68e3f5228f Basic Heroku integration 2013-03-13 19:07:49 +00:00
nverba
3c0274a00b init message_bus before site_settings 2013-03-13 15:15:22 +00:00
Sam
3a58e7aac2 amend airbrake location 2013-03-11 17:16:54 -07:00
Sam
a0bdbe046a don't try to load airbrake if there is no config for it 2013-03-11 16:59:21 -07:00
Sam
1c8eef7dbd added basic passenger support, no long polling but functions
clean up initializers so they are ordered properly
2013-03-11 05:33:20 -07:00
Sam
22a4580df5 added profile environment for perftools profiling (1.9.3 only) 2013-03-10 17:21:56 -07:00
Neil Lalonde
fab04dbb58 Add github commits widget 2013-03-06 14:39:01 -05:00
Neil Lalonde
739d6391a9 Fix error during db:migrate on a new database 2013-03-05 13:02:16 -05:00
Régis Hanol
239cbd2d58 enforce coding convention
replaced every `and` by `&&` and every `or` by `||`
2013-03-05 01:42:44 +01:00
Neil Lalonde
3fdc59b1d9 Raise an error in production env if host_names is using production.localhost 2013-03-04 16:07:02 -05:00
Robin Ward
f7c9efb101 Merge branch 'persona-integration' of git://github.com/callahad/discourse 2013-03-04 11:51:26 -05:00
Michael Berg
5e95dfb1c9 Removing unnecessary Rails.env check 2013-03-02 05:58:05 +01:00
Michael Berg
de154f3ef1 Get secret_token from ENV['SECRET_TOKEN'] (e.g. for Heroku) 2013-03-01 23:55:49 +01:00
Dan Callahan
fd4d384dc1 Add Mozilla Persona Omniauth Gem and initializer 2013-03-01 13:29:47 -06:00
Robin Ward
007118b00c Merge branch 'github-auth' of git://github.com/nverba/discourse
Conflicts:
	config/locales/server.en.yml
	db/structure.sql
	spec/views/omniauth_callbacks/complete.html.erb_spec.rb
2013-02-27 12:09:22 -05:00
nverba
b45f872c04 Added Github authentication option, disabled by default with enable options in settings. 2013-02-26 05:00:21 +00:00
Gosha Arinich
cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Robin Ward
e461c84253 Clean up JS, add YUIDoc support, automatically create IIFE via asset pipeline 2013-02-25 17:16:57 -05:00
Neil Lalonde
1e794f98a7 Add an option to not flush redis every time sidekiq.rb is loaded in development 2013-02-21 13:45:16 -05:00
Neil Lalonde
803a86a21d Add more documentation to secret_token.rb 2013-02-20 20:32:40 -05:00
Sam Saffron
87b929eac6 added secret token warning in prd
added task to stamp builds
2013-02-18 17:34:43 +11:00
Sam Saffron
1228e351a8 a much more basic but robust restart watcher,
removed the pid stuff cause it needs to be a lot more careful not to think
pids from other machines restarted. robust working code is better than
complex graceful broken code.
2013-02-16 13:54:23 +11:00
Sam Saffron
ff0d58e4ee message bus work in progress 2013-02-16 12:14:52 +11:00
Robin Ward
3cdf89d052 Merge pull request #162 from jessepollak/omniauth-failure
Adds failure callback for omniauth
2013-02-15 07:13:17 -08:00
Sam Saffron
eb188c57e8 started work on message bus diags 2013-02-15 19:23:40 +11:00
Jesse Pollak
ad5a5b4866 This commit adds a callback route to handle omniauth failure and removes a few unneccessary entries in en.yml 2013-02-14 18:08:40 -08:00
Sam Saffron
4ccb7354d1 nuking SSL = bad 2013-02-14 09:12:20 +11:00
xdite
67cc766f0c using redis as backend store 2013-02-13 16:48:44 +08:00
xdite
9189d937f7 move all logic to omniauth
implement omniauth-facebook / omniauth-twitter
2013-02-13 15:08:38 +08:00
xdite
be3d036084 use omniauth-openid to replace google id 2013-02-13 15:08:32 +08:00
Sam Saffron
af810f38dd UserSearch refactor
Added .sql_builder to all AR models
2013-02-10 23:37:24 +11:00
Sam Saffron
457229b133 Revert "Revert "structure.db to my structure""
This reverts commit 7c61c3d699.
2013-02-08 22:03:25 +11:00
Sam Saffron
7c61c3d699 Revert "structure.db to my structure"
This reverts commit 616a1f4906.
2013-02-08 21:57:16 +11:00
Sam Saffron
616a1f4906 structure.db to my structure
tone down watch for restart
2013-02-08 21:09:46 +11:00
Robin Ward
21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00