mirror of
https://github.com/discourse/discourse.git
synced 2024-11-23 12:40:40 +08:00
ecf7a4f0c6
We add `Access-Control-Allow-Origin: *` to all asset requests which are requested via a configured CDN. This is particularly important now that we're using browser-native `import()` to load the highlightjs bundle. Unfortunately, user-configurable 'cors_origins' site setting was overriding the wldcard value on CDN assets and causing CORS errors. This commit updates the logic to give the `*` value precedence, and adds a spec for the situation. It also invalidates the cache of hljs assets (because CDNs will have cached the bad Access-Control-Allow-Origin header). The rack-cors middleware is also slightly tweaked so that it is always inserted. This makes things easier to test and more consistent. |
||
|---|---|---|
| .. | ||
| cloud/cloud66 | ||
| environments | ||
| initializers | ||
| locales | ||
| application.rb | ||
| boot.rb | ||
| cdn.yml.sample | ||
| database.yml | ||
| deploy.rb.sample | ||
| dev_defaults.yml | ||
| discourse_defaults.conf | ||
| discourse.config.sample | ||
| discourse.pill.sample | ||
| environment.rb | ||
| logrotate.conf | ||
| multisite.yml.production-sample | ||
| nginx.global.conf | ||
| nginx.sample.conf | ||
| projections.json | ||
| puma.rb | ||
| routes.rb | ||
| sidekiq.yml | ||
| site_settings.yml | ||
| spring.rb | ||
| thin.yml.sample | ||
| unicorn_launcher | ||
| unicorn_upstart.conf | ||
| unicorn.conf.rb | ||