Sam
3937ff0425
FIX: don't preload json on static routes
2017-12-27 14:33:36 +11:00
Guo Xiang Tan
7b8699f3be
FIX: Can't load service-worker.js
in production.
2017-11-28 15:40:57 +08:00
Jeff Wong
b094894c94
Feature: Add service worker registration method to plugin API
2017-11-28 14:01:41 +08:00
Sam
d5e7691ae9
favicon proxy now uses hijack
2017-11-27 14:51:14 +11:00
Guo Xiang Tan
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Neil Lalonde
0b41046238
don't force SiteSetting.title into meta title tag
2017-06-12 13:50:50 -04:00
Robin Ward
cdbe027c1c
Refactor FileHelper
to use keyword arguments.
2017-05-24 13:54:26 -04:00
Sam Saffron
0013a23dc1
SECURITY: prefer render plain/html to render text where possible
2017-04-10 08:01:42 -04:00
Sam Saffron
b94c7b4902
missing disposition
2017-03-20 17:07:32 -04:00
Sam
652b2d7199
remove redundent header setting
2017-03-20 16:08:18 -04:00
Sam
c106ca6778
FEATURE: fallback asset path for multi host setups
2017-03-20 15:59:17 -04:00
Arpit Jalan
801b5838e1
FIX: do not show faq/guidelines page to anonymous users for private forums
2017-03-08 16:00:49 +05:30
Sam Saffron
3754b038e8
fix brotli origin
2017-02-23 18:26:40 -05:00
Sam
f15f61da0a
FEATURE: add immutable caching to rails site of things
2017-02-23 13:05:00 -05:00
Sam
98f4a2adcb
FIX: on 404 from brotli asset path return a correctly encoded doc
...
old implementation would cache the 404 for 1 year with incorrect encoding
hilarity would ensue
2016-12-15 16:05:20 +11:00
Sam
dc66f6681a
add spec for brotli controller, ensure cached correctly
2016-12-05 16:08:36 +11:00
Sam
8a98d617df
correct headers and add better caching
2016-12-05 15:11:07 +11:00
Sam
39a524aac8
FEATURE: brotli cdn bypass for assets
...
Allow CDNS that strip out brotli encoding to use brotli regardless
2016-12-05 13:57:09 +11:00
Sam
b7cea24d76
FEATURE: more user API flow, support key creation
2016-08-16 17:06:52 +10:00
Neil Lalonde
56e47c8d7e
FEATURE: report on admin dashboard when favicon is failing to load
2016-04-05 14:42:32 -04:00
Guo Xiang Tan
62011a252f
FIX: Follow redirects when downloading favicons.
2016-02-25 11:50:34 +08:00
Neil Lalonde
9ad226aaa8
FEATURE: add email query param to login, signup, and password-reset URLs to prefill form
2016-01-19 16:53:46 -05:00
Sam Saffron
00342faff9
FIX: use default favicon if a bad favicon is specified
2015-12-22 18:08:27 +11:00
Arpit Jalan
362c515f33
FEATURE: compose a new pre-filled message via URL
2015-11-24 18:55:45 +05:30
Sam
c70bb0c032
we got to clean up js debugging, its busting caching.
2015-11-22 01:20:39 +11:00
Sam
4e37bcc3e2
Add extra safety
2015-08-25 12:05:15 +10:00
Sam
2c59ad3dd3
FIX: favicon update broken when favicon lived on a CDN
2015-08-25 11:54:23 +10:00
Arpit Jalan
d1632c1dbd
FIX: new-topic URL should survive login redirection
2015-06-14 20:24:47 +05:30
Sam Saffron
9787cb07aa
FIX: when missing a static topic we were returning an error
2015-06-01 11:40:52 +10:00
Sam
f5af4768eb
FEATURE: add clean support for running Discourse in a subfolder
...
To setup set DISCOURSE_RELATIVE_URL_ROOT to the folder you wish
2015-03-09 13:14:29 +11:00
Sam
6c09b6739d
BUG: minor, do not send access origin if not set
2015-02-17 09:58:43 +11:00
Robin Ward
572842721d
FIX: Better page titles for SEO
2014-10-30 14:26:56 -04:00
Robin Ward
316f1bea04
SECURITY: Don't allow redirects with periods in case you don't control
...
other tlds on the same domain.
2014-10-30 11:31:44 -04:00
Régis Hanol
de415b804c
FIX: add 'Content-Length' header for avatars
2014-10-22 15:39:51 +02:00
Sam
832655df14
attempt to get content length through
2014-10-21 16:17:13 +11:00
Sam
4e7057efb1
Clean up content type and add Expires header when serving CDN assets
2014-10-21 15:59:34 +11:00
Sam
8efee0d03d
don't use Markdown
2014-10-18 17:17:38 +11:00
Sam
742c5e29c9
FEATURE: advanced search help
2014-10-18 14:27:33 +11:00
Robin Ward
85c6eb9b08
SECURITY: Only redirect to our host by path on the login action
2014-08-28 17:45:13 -04:00
Sam
03c8f09be8
PERF: finalize porting to new incoming links structure
2014-08-04 16:43:57 +10:00
Régis Hanol
3d6e2713d1
BUGFIX: login was broken when login was required
2014-07-26 23:16:08 +02:00
Neil Lalonde
5a33e6f00c
Move FAQ, Terms of Service, and Privacy Policy into topics in the Staff category. First post of those topics will be rendered on their respective pages. Site settings and content are not used for these documents anymore. Translations of the default text is moved into the standard YML files.
2014-07-25 14:41:20 -04:00
Sam
40af9ce612
FIX: do not store incoming links on avatars or uploads
2014-07-25 15:10:06 +10:00
Neil Lalonde
e565ae2528
FEATURE: /guidelines route will always show our FAQ, ignoring the faq_url site setting
2014-07-10 12:58:41 -04:00
Sam
27f85e5451
FIX: allow for subdirectorys for cdn assets
2014-07-10 17:29:38 +10:00
Sam
6019e3f257
FIX: remove hardcoding from middleware stack so we can control it
2014-07-10 17:01:21 +10:00
Sam
5032c96486
FIX: disable x accl redirect for CDN assets
...
We need to keep headers in tact
2014-07-10 16:32:46 +10:00
Sam
efd6bf1490
FIX: set last modified date on CDN assets
2014-07-08 14:48:20 +10:00
Sam
832a730e36
BUGFIX: re-enable CDN js debugging in a robust way
...
May be disabled if needed via site setting
2014-05-19 08:46:28 +10:00
Neil Lalonde
ce5ebc3eb5
On sites with login_required enabled, after signup, don't show the /login page again
2013-10-30 16:37:36 -04:00
Neil Lalonde
89265c3a8b
FIX: BAD CSRF on login. Don't check csrf in the fake login form since it doesn't actually do anything.
2013-08-27 11:31:14 -04:00
Sam
06bd9e3234
allow login required screen to be customized
2013-07-16 20:49:04 +10:00
Stephan Kaag
e39cc464b1
Refactor routes in order to be compatible with Rails 4
2013-07-01 20:00:06 +02:00
Sam
9fd00cac65
work in progress, add custom faq link, ember router needs to know about this or the redirect trick will not work
2013-06-27 17:15:59 +10:00
Neil Lalonde
eea00afb80
tos and privacy urls redirect based on site settings
2013-06-18 10:52:04 -04:00
Chris Hunt
978785720a
Redirect to root after login if no path provided
...
If we do not do this, then people that login from /login will just be
redirected back to the login page. We'd rather have them see the root
path.
2013-06-04 16:10:10 -07:00
Chris Hunt
92a4828f72
Redirect all controllers to login if required
...
We want to skip the filter for sessions controller so that we can login
and we want to skip the filter for static pages because those should be
visible to visitors.
2013-06-04 16:10:10 -07:00
Sam
80fb20816c
get rid of nonsense 404.html
...
correct 404 handling for invalid pages
2013-05-20 10:29:49 +10:00
Neil Lalonde
58004d44cd
Support for browser password managers, but doesn't quite work in IE
2013-03-13 13:55:33 -04:00
Kuba Brecka
778cad5d2f
implement translations into static pages (FAQ, TOS) + an example of CZ translation
2013-03-03 16:27:32 +01:00
Neil Lalonde
cd6c1de5b0
Add site settings for company name and domain, and use them in the Terms of Service
2013-02-26 15:50:42 -05:00
Robin Ward
546016bfd2
Remove unused controllers, apply substitutions to TOS.
2013-02-13 11:50:27 -05:00
Jakub Arnold
61654ab8f0
Fix all the trailing whitespace
2013-02-07 16:45:24 +01:00
Robin Ward
21b5628528
Initial release of Discourse
2013-02-05 14:16:51 -05:00