IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-25 02:11:08 -06:00
Code Issues Packages Projects Releases Wiki Activity
5724b7bccd
discourse/spec
History
Alan Guo Xiang Tan 5724b7bccd
DEV: Add hidden cross_origin_opener_policy_header site setting (#23346) 
Why this change?

As part of our ongoing efforts to security harden the Discourse
application, we are adding the `cross_origin_opener_policy_header` site setting
which allows the `Cross-Origin-Opener-Policy` response header to be set on requests
that preloads the Discourse application. In more technical terms, only
GET requests that are not json or xhr will have the response header set.

The `cross_origin_opener_policy_header` site setting is hidden for now
for testing purposes and will either be released as a public site
setting or be remove if we decide to be opinionated and ship a default
for the `Cross-Origin-Opener-Policy` response header.
2023-08-31 08:50:06 -04:00
..
fabricators FEATURE: support to initial values for form templates through /new-topic (#23313) 2023-08-29 18:41:33 -03:00
fixtures FIX: ensures generic onebox has width/height for thumbnail (#23040) 2023-08-09 20:31:11 +02:00
helpers FIX: Add site name to sitelinks structured data (#23151) 2023-08-24 10:07:45 -04:00
import_export DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00
initializers DEV: Fix test (#22018) 2023-06-08 16:12:13 -05:00
integration DEV: Update the rubocop-discourse gem 2023-06-26 11:41:52 +02:00
integrity DEV: Remove enable_experimental_hashtag_autocomplete logic (#22820) 2023-08-08 11:18:55 +10:00
jobs FIX: correct bulk invite expire time for DST (#23073) 2023-08-18 12:33:40 -04:00
lib DEV: Add auto _map extensions for list site settings with no type (#23331) 2023-08-30 16:14:06 +10:00
mailers FIX: Order tags shown in email subject by topics count and name (#22586) 2023-07-13 15:39:58 +08:00
models FEATURE: support to initial values for form templates through /new-topic (#23313) 2023-08-29 18:41:33 -03:00
multisite DEV: Add S3 upload system specs using minio (#22975) 2023-08-23 11:18:33 +10:00
requests DEV: Add hidden cross_origin_opener_policy_header site setting (#23346) 2023-08-31 08:50:06 -04:00
script/import_scripts DEV: Fix flaky core backend spec (#22650) 2023-07-18 07:01:19 +08:00
serializers FIX: Missing pending queued posts from topic view (#22838) 2023-07-28 16:16:23 +00:00
services FIX: Delete fast typer reviewable when deleting user (#23162) 2023-08-21 18:03:03 +08:00
support DEV: Add S3 upload system specs using minio (#22975) 2023-08-23 11:18:33 +10:00
system FEATURE: support to initial values for form templates through /new-topic (#23313) 2023-08-29 18:41:33 -03:00
tasks DEV: Add a spec for assets:precompile:js_processor (#23220) 2023-08-25 11:44:30 +02:00
views DEV: Fix random typos (#22078) 2023-06-13 22:02:21 +02:00
rails_helper.rb DEV: Add S3 upload system specs using minio (#22975) 2023-08-23 11:18:33 +10:00
regenerate_swagger_docs DEV: Add API docs for uploads and API doc watcher (#15387) 2021-12-23 08:40:15 +10:00
swagger_helper.rb DEV: Apply syntax_tree formatting to spec/* 2023-01-09 11:49:28 +00:00