Phoenix Eliot
c24e81aebb
Redirect with same protocol as request
...
Try using // instead of explicit protocol
2016-09-09 14:59:41 -07:00
Rob Blanckaert
af3e069828
Merge pull request #3872 from codecombat/filter-domains
...
Code Review: Filter domains for webdev iFrame
2016-09-08 17:46:00 -04:00
Rob Blanckaert
9619ff5a0a
Try harder to find the ip address, and dont split the ipaddress if we didnt find it.
2016-09-07 13:46:45 -07:00
Phoenix Eliot
6cbc6452fc
Actually do filter safe paths, but allow any other domain
2016-09-06 17:10:58 -07:00
Phoenix Eliot
b08c1af038
Simplify logic now that we're not redirecting safe paths
2016-09-06 16:24:40 -07:00
Phoenix Eliot
bdabee865c
Filter domains for webdev iFrame
...
This serves the web-dev surface iFrame from another domain, such that user-created levels can't sniff cookies from a visitor to their page. It forces a redirect if a path is accesses through the wrong domain.
Use ENV variables for hostnames
Allow messages from all relevant domains
Use the right iFrame URL for different domains
Let the load balancer check /healthcheck
Add special handling for china server
Generalize subdomain handling
2016-09-06 16:17:38 -07:00
Scott Erickson
af9f7201d0
Finish new CreateAccountModal
2016-07-07 15:56:41 -07:00
Scott Erickson
0581ffde82
Clean server test logging
2016-06-17 10:35:22 -07:00
Scott Erickson
464c432ca6
Handle ua.Version not having a split function, log it
2016-05-16 10:42:13 -07:00
Scott Erickson
1489df3f23
Show messages that IE9 and IE10 are deprecated, fix and clean existing systems
...
* Trim index_old_browser.html (shown on /play/) to simple page
* Fix useragent middleware to attach where needed
* Show IE alert on all pages on application init
2016-05-04 15:05:55 -07:00
Rob Blanckaert
d56be14dbb
Merge pull request #3550 from codecombat/region-refactor
...
Use host header to let any server serve any region
2016-04-13 15:17:47 -07:00
Rob
e635396b8a
Use host header to let any server serve any region
2016-04-13 15:12:11 -07:00
Scott Erickson
f1f1c23fd4
Refactor /auth endpoints for #3469
...
* Take `/server/routes/auth` and move most of the logic to `/server/middleware/auth`, refactoring to use generators.
* List all `/auth/*` endpoints in `/server/routes/index.coffee`.
* Fill in testing gaps for `/auth/unsubscribe`.
* Add debug log when `sendwithus` is not operational, so it 'works' in development and testing.
* Use passport properly!
* Track Facebook and G+ logins in user activity as well as passport logins.
2016-04-12 12:07:11 -07:00
Scott Erickson
c20ed58f9f
Have dev proxy return 502 when proxy fails, rather than calling next
2016-04-08 10:14:47 -07:00
Scott Erickson
8ff80fc92d
Add npm 'proxy' script for developing client on prod server
2016-04-07 13:59:38 -07:00
Scott Erickson
29cd880480
Refactor handlers to /server/handlers
2016-04-07 09:40:53 -07:00
Matt Lott
3dd322986a
Update Slack message destinations
...
Using ops and dev-feed more, reducing noise on general.
2016-03-21 05:36:44 -07:00
Matt Lott
5d71acba05
Replace HipChat with Slack
2016-03-18 17:05:21 -07:00
Nick Winter
e5dda556c6
Add Mandate configuration for session save delays
2016-03-14 16:39:05 -07:00
Scott Erickson
ebc98f988f
Refactor CreateAccountModal out of AuthModal, add class code to signup
2016-03-10 10:52:11 -08:00
Scott Erickson
a2249f8df1
Add return-to-admin (turn off espionage mode)
2016-03-04 10:43:17 -08:00
Scott Erickson
7fb08f343a
Refactor /db/article to use generators
2016-02-22 16:03:21 -08:00
Rob
0aa3418e44
Add PicoCTF backend support.
2016-02-16 16:44:35 -08:00
Nick Winter
b39883209c
Remove a couple server logs
2015-12-16 16:39:44 -08:00
Scott Erickson
7c516c4d9f
Move product information to the db
2015-12-14 11:10:50 -08:00
Rob
32861b025a
Support sending performance information to stats.
2015-11-17 14:57:12 -08:00
Nick Winter
6773f1e876
Check all languages instead of just first for country servers
2015-11-03 09:42:17 -08:00
Scott Erickson
94d29d2e8a
Move trailing slash removal to client Router, make client route "/play/" work for facebook
2015-10-21 16:55:48 -07:00
Nick Winter
f723fcbd39
Fix geolocation code
2015-10-12 13:12:34 -07:00
Nick Winter
5dde55c1f3
Add premium server recognition for Brazil
2015-10-09 08:05:34 -07:00
Nick Winter
cd0c252b14
Disabled some logging now that chinaVersion appears to be working.
2015-08-08 12:26:20 -07:00
Nick Winter
b8da7f547f
More fixes for geoip stuff.
2015-08-08 11:28:39 -07:00
Nick Winter
fc0a6513f3
Fixing some bugs in the geoip and language detection stuff.
2015-07-31 14:32:32 -07:00
Nick Winter
e43addf55b
Debugging chinaVersion inconsistencies.
2015-07-27 11:35:20 -07:00
Nick Winter
62e8ee624c
Made chinaVersion detection fire only when the language is Chinese.
2015-03-23 17:00:29 -07:00
Nick Winter
b4ea78e5cb
Implementing alternative pricing with Alipay in China to support dedicated China server.
2015-03-23 15:26:44 -07:00
Michael Schmatz
a16ae2b5bc
Changed read prefs and enabled middleware
2015-03-21 21:49:32 -04:00
Michael Schmatz
c25d36ee76
Temporarily disable redirection middleware
2015-03-21 14:27:35 -04:00
Michael Schmatz
fcf52cfbf7
Added undefined checking to accepted language
2015-03-20 17:47:17 -04:00
Michael Schmatz
5a7666fca3
More read nearests and changed redirection
2015-03-20 16:33:03 -04:00
Michael Schmatz
cfa09a3239
Added redirection to Chinese servers based on location and language
2015-03-19 15:25:24 -04:00
Nick Winter
b4e9ee67f0
Added one-minute in-memory server caching for a bunch of common queries.
2015-02-26 17:20:27 -08:00
Nick Winter
63fa2f86d4
Tracking who is simulating matches so we can see patterns in ill-reported matches. Rejecting simulations from simulators with old versions of the Simulator code.
2015-02-11 20:24:12 -08:00
Scott Erickson
ba1ffe194c
Deferring user creation until after the client app loads, to try and lower the massive number of anonymous users that are created.
2015-01-05 14:43:20 -08:00
Nick Winter
e4c6d07a4a
Added keyboard shortcuts to move, resize, minor-rotate, and toggle collision for Thangs in the level editor. Fixed some issues with stretchy Thangs and collision shapes not updating. Fixed #1699 . Fixed #57 . Colored collision overlays according to collision categories.
2014-12-20 13:39:51 -08:00
Nick Winter
d801ed61ce
Separating contact emails into premium subscriber support and basic general support.
2014-12-18 20:35:14 -08:00
Scott Erickson
32f0bc745f
Disabling saving of lastIP user property for now.
2014-12-08 10:45:32 -08:00
Scott Erickson
f4e3416918
Set up an endpoint for fetching Stripe info.
2014-12-05 17:19:52 -08:00
Nick Winter
5aefd5ffa2
I think the server needs to gzip now, and possibly only a bug is keeping it working.
2014-12-04 16:33:17 -08:00
Scott Erickson
42c7fca055
Tweaked the error middleware to proxy and be silent about client errors.
2014-11-29 11:06:02 -08:00