Sam
08b790b3c2
improve metrics gathered using in our traffic section
...
this also pulls out the middleware into its own home and inserts in front
2015-02-05 16:08:52 +11:00
Jeff Atwood
dae39b5b71
missed closing paren
2015-01-19 01:29:02 -08:00
Jeff Atwood
4cb6606e8c
block some more dumb trackback spam from logging
2015-01-19 01:19:34 -08:00
Jeff Atwood
a2e77d8bf4
better regex JS err suppression for Logster
2015-01-16 23:30:06 -08:00
Jeff Atwood
18215f90d0
more flexible regex to block empty JS Logster errors
2015-01-16 17:36:18 -08:00
Jeff Atwood
77ae0b4f7f
block empty JS errors from Logster
2015-01-16 17:28:50 -08:00
Sam
ef62933034
Ruby 2.2 fixes
2014-12-29 13:31:15 +11:00
Sam
2535e22151
stop logging csrf errors for API
2014-12-12 08:00:22 +11:00
Sam
23ad68678e
rails master fixes
2014-11-11 12:58:56 +11:00
Godfrey Chan
b1a0cd417d
Avoid a deprecation warning by poly-filling #deliver_now and #deliver_now
2014-11-10 01:05:46 -08:00
Sam
aa9b3bb35a
FEATURE: allow long polling to go to a different url
...
Added the site setting long_polling_base_url , this allows you
to farm long polling to a different server.
This setting is very important if a CDN is serving dynamic content.
2014-10-24 13:38:38 +11:00
Neil Lalonde
f88075cbba
FEATURE: CORS settings per-site in a multisite env
2014-10-15 15:20:39 -04:00
Sam
5e0623d1e5
FEATURE: airbrake dependency removed, can be added via a plugin if needed
2014-09-25 10:30:29 +10:00
Sam
492aca05c2
FIX: authorized callback deprecated
2014-08-22 11:05:20 +10:00
Sam
e291138cf1
Unknown format is not interesting
2014-08-18 13:10:22 +10:00
Sam
f897c89d48
FIX: run reaper after fork
2014-08-11 17:51:55 +10:00
Sam
9ceb0556bc
PERF: add connection pool drainer to keep connection counts down
2014-08-11 16:48:10 +10:00
Sam
44d45c6eda
FIX: logster update, enable ignore patterns
2014-08-07 10:30:12 +10:00
Régis Hanol
562d2e0c86
TEMP: comment out logster ignore patterns
2014-08-06 14:50:48 +02:00
Sam
3cab3acd60
FIX: stop logging way too much information
2014-08-05 16:14:28 +10:00
Vikhyat Korrapati
2f30ce79c8
Add Access-Control-Allow-Credentials to the CORS headers.
2014-07-30 02:36:30 +05:30
Sam
1c25f00615
Fix build
2014-07-29 12:47:26 +10:00
riking
400bbb57fe
Suppress trackback CSRF errors from Logster
2014-07-25 12:43:57 -07:00
Sam
46c406360d
FIX: cors setting was broken
...
Some days I wonder why we bother taking a whole gem
dependency when 10 lines of code does the job right
2014-07-23 17:04:09 +10:00
riking
d90404e830
Change 'code' to 'message'
2014-07-17 15:19:58 -07:00
riking
12cb682548
Start passing more context to Discourse.handle_exception
2014-07-17 14:11:56 -07:00
riking
2b5a955c18
Pass more context from Sidekiq jobs to Logster
2014-07-17 11:19:59 -07:00
Sam
9468ebeb2e
CHANGE: Mini Profiler only enabled for developers in prd
2014-07-17 08:34:41 +10:00
Sam
efd6bf1490
FIX: set last modified date on CDN assets
2014-07-08 14:48:20 +10:00
Neil Lalonde
10f0ddbbdd
Make it possible to add multiple CORS origins in discourse.conf and docker yml files
2014-06-13 14:47:19 -04:00
Robin Ward
1af2ff6201
ES6: More components moved over.
2014-05-30 12:28:05 -04:00
Sam
fa6f22dd39
Move letter avatars out of upload system
...
FIX: S3 issues around system avatars
FIX: reduced backup file size
2014-05-30 14:45:55 +10:00
Robin Ward
20c640355d
Silence avatar logger for sanity
2014-05-27 10:27:49 -04:00
Sam Saffron
7c3d72f77a
BUGFIX: exclude avatars from mini profiler
2014-05-27 12:38:42 +10:00
Sam
6c1c8be794
Work in progress, keeping avatars locally
...
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)
user can then pick which they want.
2014-05-27 10:08:03 +10:00
Sam
7fbf162666
Logster update
...
cleans up a bunch of messed up context stuff with multisite
improves backtraces
adds request params
2014-05-25 13:54:52 +10:00
Neil Lalonde
c4d3aa3d47
Theming: a UI to choose some base colors that are applied to all the site css. CSS compiled outside of asset pipeline.
2014-05-14 10:18:12 -04:00
Sam
31c575687b
memory_profiler should be shipped with mini profiler
2014-05-08 14:47:54 +10:00
Sam
c25cd4e78d
A new logster, that gets rid of a pile of 404s being logged as fatal errors.
2014-05-07 17:01:19 +10:00
Sam
19dec8c87c
mini profiler too chatty
2014-05-07 08:33:07 +10:00
Sam
4af0aa9cbc
logster integration (in production as well)
2014-05-07 08:24:15 +10:00
Sam
c6f9cc0787
UPGRADE: sidekiq to sidekiq 3.0
2014-04-23 11:01:17 +10:00
Jeff Atwood
fa4c21c28f
better first boot register admin account help
2014-04-21 11:36:35 -07:00
Robin Ward
caa2564b83
Start up the Job scheduler after all the other initializers have loaded.
...
We do this so that plugins can register scheduled jobs.
2014-04-10 12:41:13 -04:00
Vikhyat Korrapati
8c129e480a
Always use DiscourseSassImporter, add optional sprockets deps tracking.
2014-04-09 19:17:19 +05:30
Sam
d064dd241f
BUGFIX: reload site settings on rails reload in dev
2014-04-03 10:39:30 +11:00
Sam
f3cc7360e0
BUGFIX: Correct after_fork semantics
...
After fork SiteSettings was not getting a new process id,
causing site settings not to refresh properly in unicorn
This code also centralizes the logic
2014-03-31 12:34:13 +11:00
Sam
14f7551f2b
Fix visual bug
2014-03-25 09:45:21 +11:00
Jeff Atwood
6715786630
minor login install hint copyedit
2014-03-24 00:33:02 -07:00
Sam
039e65c3eb
improve copy
2014-03-24 18:11:12 +11:00
Sam
7e7c4efcc0
FEATURE: on initial boot hint users on how to get admin
2014-03-24 18:03:39 +11:00
Sam Saffron
2ab76f60d1
FEATURE: Discoruse.handle_exception
...
to report exception via sidekiq helper, adds extra context
2014-02-21 14:30:25 +11:00
Sam
c0d947aa98
allow bench to run with unicorn optionally
...
memstats can output yaml now
2014-02-16 16:44:51 +11:00
Régis Hanol
0e686aca95
update sidekiq initializer to use the pausable middleware
2014-02-13 13:31:13 -08:00
slainer68
a89018db87
Use GlobalSetting to enable CORS at application level
2014-02-09 23:11:52 -08:00
Sam
212ece3e80
Remove memory profiler at least until I push a new docker image
2014-02-10 15:40:32 +11:00
Sam
ca170e4636
Add memory profiler gem for ruby 2.1
2014-02-10 15:27:46 +11:00
Sam
87a07e2355
attempt to work around concurrency issue with active record
2014-02-08 15:19:10 +11:00
Sam
e1f293ad66
FEATURE: new scheduler
...
Removed sidetiq, introduced new scheduler
- add basic UI
- add schedule discover
- add scheduling in initializer
2014-02-06 10:26:16 +11:00
Neil Lalonde
e6096b4524
Revert "Try secure: true again" It's definitely broken
2014-01-31 15:02:57 -05:00
Neil Lalonde
ad34a297fd
Try secure: true again
2014-01-31 14:17:14 -05:00
Neil Lalonde
f71c8bb533
Revert "Add secure flag to cookie"
2014-01-30 18:53:48 -05:00
Neil Lalonde
4e158b2316
Add secure flag to cookie
2014-01-30 17:07:08 -05:00
Neil Lalonde
946e837542
Add twitter to Onebox.options
2014-01-29 14:14:07 -05:00
Sam
a247389d4e
FEATURE: automatically update site to latest version of assets
...
if a user neglects to move around the site it will prompt to do so 2 hours in
2014-01-15 12:08:35 +11:00
Sam
fd95dbe75a
FEATURE: Automatically force a full refresh between pages if assets change
2014-01-15 12:08:35 +11:00
Sam
166a8d2932
don't insert middleware its a problem
2014-01-10 13:51:02 +11:00
Sam
5242a49c02
BUGFIX: in some proxy scenarios https was not propergated properly
2014-01-10 12:21:09 +11:00
Sam
adc9a58f4a
BUGFIX: anon cache was mucking with params
2014-01-09 16:49:12 +11:00
Sam
d4cc367a6f
Disable cache for a bit to see if its killing the build
2014-01-09 16:08:59 +11:00
Sam
177983afe6
BUGFIX: mobile ui was being cached for anon views
2014-01-09 14:08:42 +11:00
Régis Hanol
06dd7ffe3c
better revision history
2013-12-12 03:41:34 +01:00
Sam
461972844e
unicorn out of band GC
2013-11-15 12:15:49 +11:00
Sam
0e8914cee6
add unicorn launcher to support live reloads
...
add oobgc rudimentary support
2013-11-13 15:29:36 +11:00
Sam
11428ef9d6
filter out android from mini profiler
2013-11-12 16:47:01 +11:00
Neil Lalonde
18bc6ecd08
Sidetiq::Clock#start is deprecated. Remove it.
2013-11-05 15:43:48 -05:00
Raul Murciano
bd5fe86c87
require X-Frame-Options: SAMEORIGIN
for clickjack prevention
2013-10-28 15:14:08 -07:00
Sam
3d647a4b41
remove rack cache, it has been causing trouble
...
instead implement an aggressive anonymous cache that is stored in redis
this cache is sitting in the front of the middleware stack enabled only in production
TODO: expire it more intelligently when stuff is created
2013-10-16 16:39:18 +11:00
Sam
c4bab8915c
fix initialization issues with unicorn
...
amend unicorn script to demonize sidekiq
create a sidekiq demon that unicorn consumes
correct bug in exec_sql with empty params
2013-10-10 14:23:24 +11:00
Sam
f0a122a66c
move job files so they live underneath app/ and not in lib/
...
introduce new setting email_always, that will force emails to send to users regardless of presence on site
2013-10-01 17:04:02 +10:00
Sam
98267d439a
fixed ruby 2.0 p0 bug in fast_stack so re-pushing
2013-09-09 21:19:23 +10:00
Sam
3fb0f52574
disable flamegraph while I figure out why fast stack is not working for some people on x32
2013-09-07 08:50:16 +10:00
Sam
51eb764345
mini profiler update to use latest flame graph engine
2013-09-03 17:58:56 +10:00
Sam
d3c5afbb80
reduce sidetiq frequency
...
remove minutely() schedule that was very inefficient
2013-09-02 17:14:41 +10:00
Sam
b730b27c4f
some soample counter methods
2013-08-30 16:44:34 +10:00
Sam
aaf41d227f
fix secret_token init to always allow an override even if its too short
2013-08-29 15:27:59 +10:00
Sam
213ce33af2
Fixed all broken specs
...
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
Sam
912d4b853b
slowly going about ordering our middleware
2013-08-26 12:59:17 +10:00
Sam
075002a6d5
refactoring the plugin interfaces to allow for better extensible
2013-08-26 12:59:17 +10:00
Sam
b5b22f0f36
move secret token into redis to ease install
2013-08-20 17:17:19 +10:00
Michael Kirk
4af8a9102e
Authenticate with Discourse via OAuth2
...
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Stephan Kaag
a6b4b5dbf2
Replace Clockwork with Sidetiq
2013-08-14 21:39:40 +02:00
Régis Hanol
92b0cfe3d3
cleaned up non-used code
2013-08-13 22:09:10 +02:00
Sam
857e2e6a19
correct scope, it should user:email to get read access to email
2013-08-02 10:03:29 +10:00
Sam
2162e3bbb5
we need email scope (also as I edit files I like to keep quoting consistent)
2013-08-02 09:59:25 +10:00
Sam
160107a712
working plugin interface for custom openid auth, custom css and custom js
2013-08-01 16:02:43 +10:00
Robin Ward
8c4aac7f94
Migrate all jasmine specs to Qunit. Removed Jasmine.
2013-06-19 18:18:35 -04:00
Sam
11afa0c11b
work in progress migrate to moment
2013-06-07 08:49:22 +10:00
Ian Christian Myers
0d01c33482
Enabled strong_parameters across all models/controllers.
...
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.
The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.
It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam
8b69ee26ff
forking in passenger was bust, message bus subscriptions would stop working after fork
2013-06-03 16:50:30 +10:00