Add explicit "crossorigin" attribute to bundle script tag in bootstrap #7124
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
denis-anisimov
previously approved these changes
Dec 11, 2019
There was a problem hiding this comment.
One test failure:
BootstrapHandlerTest.index_appended_to_head_in_npm .
Reviewed 1 of 1 files at r1.
Reviewable status: all discussions resolved, 0 of 1 LGTMs obtained
denis-anisimov
approved these changes
Dec 12, 2019
There was a problem hiding this comment.
Reviewed 1 of 1 files at r2.
Reviewable status:complete! all discussions resolved, 1 of 1 LGTMs obtained
denis-anisimov
pushed a commit
that referenced
this pull request
Dec 12, 2019
denis-anisimov
pushed a commit
that referenced
this pull request
Dec 13, 2019
TatuLund
added a commit
that referenced
this pull request
Dec 27, 2019
* Avoid clean up if PNPM is used (#7095) Fixes #7083 * Iterate over a copy for UI internals listeners (#7103) Avoids ConcurrentModificationException if firing an event causes listeners to be added or removed. * Convert lambda exps to simple loops to fix Java 11 build (#7102) * Fix command expectations to expect a local install (#7100) Test run against a local installation of pnpm test was expecting a global installation to be used. * Highlight drop target when dragged on child Fixes #7108 ..but does not fix case where child is a drop target too and drag moves back to parent drop target -> the class name for parent element is not reapplied. * Make nested drop target highlighting work Fixes #7109 * Allow adding a local js module through Page.addJsModule (#6933) * Deny adding a local js module through Page.addJsModule * Deprecate Page.addJsModule(url, loadMode) * Remove old "flow-deps" dependency/package-lock if PNPM is used (#7117) Part of #7113 * Fix using host value from the request (#7115) When using the host value from the request header we need to add the transport as host only contains the server and port. In the off case that we get the scheme as a header we should use that. * Exclude pnpm from managing itself (#7125) * Use recommended API to get chrome capabilities (#7138) DesiredCapabilities.chrome will be deprecated and removed. Current usage results in logged warnings "Using `new ChromeOptions()` is preferred to `DesiredCapabilities.chrome()`" https://github.com/SeleniumHQ/selenium/blob/selenium-3.141.59/java/client/src/org/openqa/selenium/remote/DesiredCapabilities.java#L115-L118 * Add explicit "crossorigin" attribute to bundle script tag in bootstrap (#7124) * Use Element API for traversing children to call the onEnabledStateChanged method (#7131) Fixes #7085 * Deprecate isIOS method and make it in ExtendedClientDetails (#7139) Fixes #6671 * Added missing constructor with scanNestedDefinitions option (#7099) Cherry pick from: vaadin/framework#11801 * Upgrade webpack plugins to fix npm audit warnings (#7122) Upgrade compression-webpack-plugin dependency Upgrade copy-webpack-plugin version Upgrade webpack dependencies versions * Only sending to server should be postponed - Update value in StateTree on the client side immediately - Defer execution only sending a new value to the server Fixes #7128 * Add IT test * Remove IT test which doesn't reproduce the issue * Handle possible array (#7159) If building sourcemaps for webpack the assets array will contain an array of bundles instead of a single string. Fixes #7158 * Workarounds for Safari 10 <script nomodule> and scope bugs (#7165) * Unregister listener when disconnecting web component (#7061) * Make links focusable (#7155) * Fix broken mobile dnd polyfill for ipad on iOS13 Fixes #7123 * Copy when jar (#7175) If packaging the project as a jar then we will copy the frontend files during prepare-frontend. This way running the development mode jar should have all frontend files available. Fixes #6994 * Fix running pnpm for a local installation (#7185) * Fix ElementStateProvider serialization (#7192) Add readResolve method for singleton class handing during (de)serialization of state providers. Fixes #7190 * Pin pnpm verion to 4.5 and remove workaround for 4.3.3 (#7191) Fixes #7183 * Pass query parameters to the new location (#7189) * Update chromedriver to v79 (#7181) * Assert chrome version 79 (#7201) * Only clear all if value changes. (#7212) If we remove all when the innerHTML value stays the same we will loose the innerHTML on the client as the value is not re-sent, but is still cleared from the client. Fixes #4644 * Don't add abstract error targets (#7215) Filter out any abstract classes from error navigation targets as they can't be instantiated anyway. Fixes vaadin/spring#530 * Add onclick to error window (#7217) Now the webpack error window can be closed by clicking it. Fixes #7211 * Error message for failing imports should be tool dependent (#7216) Fixes #7182 * Combine all constructors together Fixes #7148 * log: debug the list of dependencies and imports found in classes (#7221) Co-authored-by: Denis <denis@vaadin.com> Co-authored-by: Leif Åstrand <legioth@gmail.com> Co-authored-by: Mehdi Javan <32511762+mehdi-vaadin@users.noreply.github.com> Co-authored-by: caalador <mikael.grankvist@gmail.com> Co-authored-by: Pekka Hyvönen <pekka@vaadin.com> Co-authored-by: Bogdan Udrescu <bogdanudrescu@users.noreply.github.com> Co-authored-by: Guille <alvarezguille@users.noreply.github.com> Co-authored-by: Johannes Eriksson <joheriks@vaadin.com> Co-authored-by: Serhii Kulykov <iamkulykov@gmail.com> Co-authored-by: Muammer Yucel <muammer.yucel.82@gmail.com> Co-authored-by: Giovanni Lovato <giovanni@lova.to> Co-authored-by: Manuel Carrasco Moñino <manolo@apache.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Workaround for Safari not asking credentials when requesting the bundle. See: https://stackoverflow.com/questions/56557082/safari-blocked-https-from-asking-for-credentials-because-it-is-a-cross-o
Fixes #6560. Fixes #7087.
This change is