osr-plastic/osr-discourse-src
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.
7a52ce0d6d
osr-discourse-src/spec
History
David Taylor 7a52ce0d6d
FIX: Strip discourse-logged-in header during force_anonymous! (#14533) 
When the anonymous cache forces users into anonymous mode, it strips the cookies from their request. However, the discourse-logged-in header from the JS client remained.

When the discourse-logged-in header is present without any valid auth_token, the current_user_provider [marks the request as ['logged out'](dbbfad7ed0/lib/auth/default_current_user_provider.rb (L125-L125)), and a [discourse-logged-out header is returned to the client](dbbfad7ed0/lib/middleware/request_tracker.rb (L209-L211)). This causes the JS app to [popup a "you were logged out" modal](dbbfad7ed0/app/assets/javascripts/discourse/app/components/d-document.js (L29-L29)), which is very disruptive.

This commit strips the discourse-logged-in header from the request at the same time as the auth cookie.
2021-10-07 12:31:42 +01:00
..
components FIX: Strip discourse-logged-in header during force_anonymous! (#14533) 2021-10-07 12:31:42 +01:00
fabricators DEV: Ignore reminder_type for bookmarks (#14349) 2021-09-16 09:56:54 +10:00
fixtures FIX: Parse address lists in embedded emails (#14514) 2021-10-06 15:07:29 +03:00
helpers FIX: Offer site_logo_dark_url as an option for dark mode themes (#14361) 2021-09-16 17:47:51 -04:00
import_export FEATURE: Rake task to export groups (#9450) 2020-04-17 14:59:54 -07:00
initializers FEATURE: A low priority filter for the review queue. (#12822) 2021-04-23 15:34:24 -03:00
integration SECURITY: Escape watched word in error message (#14434) 2021-09-24 11:55:15 +03:00
integrity DEV: Fix a flaky Onceoff spec (#13314) 2021-06-07 20:38:31 +02:00
jobs DEV: use upload id to save in theme setting instead of URL. (#14341) 2021-09-16 07:58:53 +05:30
lib FIX: Exclude PMs that user sent to themselves. (#14496) 2021-10-04 11:55:35 +08:00
mailers FIX: add locales for group mention PM variants (#14358) 2021-09-16 23:07:45 +05:30
models FIX: Topic.similar_to results in invalid query for certain locales. (#14497) 2021-10-04 11:40:22 +08:00
multisite FIX: Use random file name for temporary uploads (#14250) 2021-09-06 10:21:20 +10:00
requests DEV: Fix api docs for default calendar (#14539) 2021-10-06 13:36:11 -06:00
script/import_scripts DEV: If disabled do not change setting after import (#12142) 2021-02-19 09:33:35 -07:00
serializers FIX: Make score's reason link building more explicit (#14475) 2021-10-04 16:55:09 -03:00
services FIX: Support Ruby 3 keyword arguments 2021-10-05 11:25:00 -04:00
support FIX: Make sure reset-new for tracked is not limited by per_page count (#13395) 2021-06-17 08:20:09 +10:00
tasks FIX: remove migrate_from_s3 task that silently corrupts data (#11703) 2021-01-17 22:33:29 +01:00
views/omniauth_callbacks FEATURE: Use full page redirection for all external auth methods (#8092) 2019-10-08 12:10:43 +01:00
rails_helper.rb Revert "DEV: Move rate limiter disable to after :each for tests (#13986)" (#13987) 2021-08-10 14:12:36 +10:00
swagger_helper.rb DEV: Refactor the api docs for the user endpoint (#14377) 2021-09-20 10:04:57 -06:00