- 03 2月, 2017 2 次提交
-
-
由 Bryce Johnson 提交于
-
由 Bryce Johnson 提交于
-
- 31 12月, 2016 1 次提交
-
-
由 Kushal Pandya 提交于
-
- 25 11月, 2016 1 次提交
-
-
由 Yorick Peterse 提交于
With events no longer being cached this is no longer needed.
-
- 27 6月, 2016 1 次提交
-
-
由 Connor Shea 提交于
-
- 24 6月, 2016 2 次提交
-
-
由 Connor Shea 提交于
-
由 Connor Shea 提交于
This makes larger libraries more cacheable and will allow us to use SRI with the dynamically included libraries.
-
- 23 6月, 2016 2 次提交
-
-
由 Connor Shea 提交于
-
由 Connor Shea 提交于
This prevents compromised or malicious CDNs from modifying assets. The hash provided by Rails is compared to the hash of the asset the browser has downloaded. The browser will refuse to execute/parse the assets if the hashes don't match. SRI is currently implemented in Firefox, Chrome, and Opera. More information is available in #18230 and on MDN: https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity This doesn't apply to the dynamically-generated per-page JavaScript due to a bug in sprockets-rails (https://github.com/rails/sprockets-rails/issues/359).
-
- 06 6月, 2016 1 次提交
-
-
由 Timothy Andrew 提交于
- Turbolinks caches the `head`, so `gon` updates don't show up unless the user navigates to page directly (by URL) or performs a refresh. - The solution is to render `gon` in the body instead. - Also update the syntax to the new Rails 4 (according to the gon README) syntax.
-
- 03 6月, 2016 2 次提交
-
-
由 James Lopez 提交于
This reverts commit 3e991230.
-
由 James Lopez 提交于
# Conflicts: # app/models/project.rb
-
- 02 6月, 2016 1 次提交
-
-
由 Connor Shea 提交于
-
- 19 2月, 2016 1 次提交
-
-
由 Robert Speicher 提交于
See http://apple.co/1SCRzrw Closes #13540 [ci skip]
-
- 06 1月, 2016 1 次提交
-
-
由 Douwe Maan 提交于
-
- 01 1月, 2016 1 次提交
-
-
由 Robert Speicher 提交于
While Safari supports the policy, it does not (currently, as of 9.x) recognize `origin-when-cross-origin` as a valid value, so we omit the policy entirely under Safari. Closes #5609
-
- 25 12月, 2015 6 次提交
-
-
由 Douwe Maan 提交于
-
由 Douwe Maan 提交于
-
由 Douwe Maan 提交于
-
由 Douwe Maan 提交于
-
由 Robert Speicher 提交于
-
由 Robert Speicher 提交于
-
- 24 12月, 2015 2 次提交
-
-
由 Robert Speicher 提交于
A limited number of pages have defined their own descriptions, but otherwise we default to the Project's description (if `@project` is set), or the old `brand_title` fallback. The image will either be the uploaded project icon (never a generated one), the user's uploaded icon or Gravatar, or, finally, the GitLab logo.
-
由 Robert Speicher 提交于
-
- 03 10月, 2015 1 次提交
-
-
由 Geoffrey Challen 提交于
-
- 09 9月, 2015 1 次提交
-
-
由 Patricio Cano 提交于
Added meta tag for referrer, so that only the origin is sent to third party sites, instead of the entire URL, thus avoiding the leak of sensitive information like password reset tokens.
-
- 06 8月, 2015 1 次提交
-
-
由 Douwe Maan 提交于
-
- 11 7月, 2015 1 次提交
-
-
由 Robert Speicher 提交于
-
- 09 7月, 2015 2 次提交
-
-
由 Robert Speicher 提交于
-
由 Robert Speicher 提交于
-
- 09 6月, 2015 1 次提交
-
-
由 Douwe Maan 提交于
-
- 05 6月, 2015 1 次提交
-
-
由 Douwe Maan 提交于
-
- 01 5月, 2015 1 次提交
-
-
由 Douwe Maan 提交于
-
- 27 4月, 2015 1 次提交
-
-
由 Sullivan SENECHAL 提交于
-
- 23 4月, 2015 1 次提交
-
-
由 Douwe Maan 提交于
-
- 21 4月, 2015 1 次提交
-
-
由 Robert Speicher 提交于
-
- 02 4月, 2015 1 次提交
-
-
由 Sullivan SENECHAL 提交于
-
- 03 3月, 2015 2 次提交
-
-
由 Douwe Maan 提交于
-
由 Douwe Maan 提交于
Revert "Merge branch 'go-get-workaround-nginx' of https://github.com/mattes/gitlabhq into mattes-go-get-workaround-nginx" This reverts commit 51349ca3, reversing changes made to b180476b.
-
- 15 2月, 2015 1 次提交
-
-
由 Vinnie Okada 提交于
Make the following changes to deal with new behavior in Rails 4.1.2: * Use nested resources to avoid slashes in arguments to path helpers.
-