addresses #1789, #1364
- Moves ./core/server/loader -> ./core/bootstrap.
The bootstrap file is only accessed once during startup,
and it’s sole job is to ensure a config.js file exists
(creating one if it doesn’t) and then validates
the contents of the config file.
Since this is directly related to the initializing
the application is is appropriate to have
it in the ./core folder, named bootstrap as that
is what it does.
This also improves the dependency graph, as now
the bootstrap file require’s the ./core/server/config
module and is responsible for passing in the validated
config file.
Whereas before we had ./core/server/config
require’ing ./core/server/loader and running its
init code and then passing that value back to itself,
the flow is now more straight forward of
./core/bootstrap handling initialization and then
instatiation of config module
- Merges ./core/server/config/paths into
./core/server/config
This flow was always confusing me to that some config
options were on the config object, and some were on
the paths object.
This change now incorporates all of the variables
previously defined in config/paths directly
into the config module, and in extension,
the config.js file.
This means that you now have the option of deciding
at startup where the content directory for ghost
should reside.
- broke out loader tests in config_spec to bootstrap_spec
- updated all relevant files to now use config().paths
- moved urlFor and urlForPost function into
./server/config/url.js
no issue
- added check that a combination of email + expires is rejected after
10 attempts
- changed comparison to time independent method
Thanks to @chiiph for reporting this issue!
closes#1866, fixes#2067, fixes#2068
- Upgrade client side moment to 2.4.0 to match the server side script.
- Add a guard to pub date to fix#2067
- Add new format to close#1866
closes#1837
- moved admin theme static resource service above 'checkSSL', otherwise
when forceAdminSSL is true it will try to redirect them to HTTPS, and
error pages will be unstyled
closes#1836
- adding server.enable('trust proxy') to let connect framework do the work
of detecting X-Forwarded-Proto header
- replacing explicit checking for the X-Forwarded-Proto header with just
'req.secure' boolean check
Closes#1605
* Move styling for `#signup`, `#forgotten`, `#reset`, `#login`, `#usermenu` and `#notifications` to classes
No IDs have been added or removed, so any events shouldn't be affected and it passes all tests.
closes#2028
- Instead of binding and unbinding the click event, bind the data to the
outer scope so we can use a standard click handler.
- Use removeProp instead of setting the property to false when enabling.
- Use the `disabled` as value when disabling.
fixes#1908
- each individual update function handles rendering its own item on success or failure, rather than re-rendering the whole group
- also resolved a bug where the published date didn't get reset properly on error
Fixes#1841
* Added initial flag "no" for submission into Signup View
* Flag set to "yes" if submit button clicked
* Error thrown if flag is "yes", thus no subsequent submission sent to API
* Flag set to "no" if ajax returns with error
issue #2015
- this is another little workaround / improvement to try to reduce the number of people who end up with a published post with no published_at set
- I assume we need to complete #1655 to fix this properly
fixes#2011
- rather than trigger NProgress for fetch calls
I’ve moved it to be used for all sync calls
- issue #2011 was a result of NProgress only being
called during a fetch() call, which when saving
is not used - save() is. Sync is used by all
ajax calls.
