mirror of
https://github.com/discourse/discourse.git
synced 2024-12-18 16:13:45 +08:00
8e3691d537
Before this change, calling `StyleSheet::Manager.stylesheet_details` for the first time resulted in multiple queries to the database. This is because the code was modelled in a way where each `Theme` was loaded from the database one at a time. This PR restructures the code such that it allows us to load all the theme records in a single query. It also allows us to eager load the required associations upfront. In order to achieve this, I removed the support of loading multiple themes per request. It was initially added to support user selectable theme components but the feature was never completed and abandoned because it wasn't a feature that we thought was worth building.
25 lines
740 B
Ruby
25 lines
740 B
Ruby
# frozen_string_literal: true
|
|
require 'content_security_policy/builder'
|
|
require 'content_security_policy/extension'
|
|
|
|
class ContentSecurityPolicy
|
|
class << self
|
|
def policy(theme_id = nil, base_url: Discourse.base_url, path_info: "/")
|
|
new.build(theme_id, base_url: base_url, path_info: path_info)
|
|
end
|
|
end
|
|
|
|
def build(theme_id, base_url:, path_info: "/")
|
|
builder = Builder.new(base_url: base_url)
|
|
|
|
Extension.theme_extensions(theme_id).each { |extension| builder << extension }
|
|
Extension.plugin_extensions.each { |extension| builder << extension }
|
|
builder << Extension.site_setting_extension
|
|
builder << Extension.path_specific_extension(path_info)
|
|
|
|
builder.build
|
|
end
|
|
end
|
|
|
|
CSP = ContentSecurityPolicy
|