-
Notifications
You must be signed in to change notification settings - Fork 169
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add explicit "crossorigin" attribute to bundle script tag in bootstrap #7124
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One test failure:
BootstrapHandlerTest.index_appended_to_head_in_npm
.
Reviewed 1 of 1 files at r1.
Reviewable status: all discussions resolved, 0 of 1 LGTMs obtained
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed 1 of 1 files at r2.
Reviewable status: complete! all discussions resolved, 1 of 1 LGTMs obtained
* Avoid clean up if PNPM is used (#7095) Fixes #7083 * Iterate over a copy for UI internals listeners (#7103) Avoids ConcurrentModificationException if firing an event causes listeners to be added or removed. * Convert lambda exps to simple loops to fix Java 11 build (#7102) * Fix command expectations to expect a local install (#7100) Test run against a local installation of pnpm test was expecting a global installation to be used. * Highlight drop target when dragged on child Fixes #7108 ..but does not fix case where child is a drop target too and drag moves back to parent drop target -> the class name for parent element is not reapplied. * Make nested drop target highlighting work Fixes #7109 * Allow adding a local js module through Page.addJsModule (#6933) * Deny adding a local js module through Page.addJsModule * Deprecate Page.addJsModule(url, loadMode) * Remove old "flow-deps" dependency/package-lock if PNPM is used (#7117) Part of #7113 * Fix using host value from the request (#7115) When using the host value from the request header we need to add the transport as host only contains the server and port. In the off case that we get the scheme as a header we should use that. * Exclude pnpm from managing itself (#7125) * Use recommended API to get chrome capabilities (#7138) DesiredCapabilities.chrome will be deprecated and removed. Current usage results in logged warnings "Using `new ChromeOptions()` is preferred to `DesiredCapabilities.chrome()`" https://github.com/SeleniumHQ/selenium/blob/selenium-3.141.59/java/client/src/org/openqa/selenium/remote/DesiredCapabilities.java#L115-L118 * Add explicit "crossorigin" attribute to bundle script tag in bootstrap (#7124) * Use Element API for traversing children to call the onEnabledStateChanged method (#7131) Fixes #7085 * Deprecate isIOS method and make it in ExtendedClientDetails (#7139) Fixes #6671 * Added missing constructor with scanNestedDefinitions option (#7099) Cherry pick from: vaadin/framework#11801 * Upgrade webpack plugins to fix npm audit warnings (#7122) Upgrade compression-webpack-plugin dependency Upgrade copy-webpack-plugin version Upgrade webpack dependencies versions * Only sending to server should be postponed - Update value in StateTree on the client side immediately - Defer execution only sending a new value to the server Fixes #7128 * Add IT test * Remove IT test which doesn't reproduce the issue * Handle possible array (#7159) If building sourcemaps for webpack the assets array will contain an array of bundles instead of a single string. Fixes #7158 * Workarounds for Safari 10 <script nomodule> and scope bugs (#7165) * Unregister listener when disconnecting web component (#7061) * Make links focusable (#7155) * Fix broken mobile dnd polyfill for ipad on iOS13 Fixes #7123 * Copy when jar (#7175) If packaging the project as a jar then we will copy the frontend files during prepare-frontend. This way running the development mode jar should have all frontend files available. Fixes #6994 * Fix running pnpm for a local installation (#7185) * Fix ElementStateProvider serialization (#7192) Add readResolve method for singleton class handing during (de)serialization of state providers. Fixes #7190 * Pin pnpm verion to 4.5 and remove workaround for 4.3.3 (#7191) Fixes #7183 * Pass query parameters to the new location (#7189) * Update chromedriver to v79 (#7181) * Assert chrome version 79 (#7201) * Only clear all if value changes. (#7212) If we remove all when the innerHTML value stays the same we will loose the innerHTML on the client as the value is not re-sent, but is still cleared from the client. Fixes #4644 * Don't add abstract error targets (#7215) Filter out any abstract classes from error navigation targets as they can't be instantiated anyway. Fixes vaadin/spring#530 * Add onclick to error window (#7217) Now the webpack error window can be closed by clicking it. Fixes #7211 * Error message for failing imports should be tool dependent (#7216) Fixes #7182 * Combine all constructors together Fixes #7148 * log: debug the list of dependencies and imports found in classes (#7221) Co-authored-by: Denis <denis@vaadin.com> Co-authored-by: Leif Åstrand <legioth@gmail.com> Co-authored-by: Mehdi Javan <32511762+mehdi-vaadin@users.noreply.github.com> Co-authored-by: caalador <mikael.grankvist@gmail.com> Co-authored-by: Pekka Hyvönen <pekka@vaadin.com> Co-authored-by: Bogdan Udrescu <bogdanudrescu@users.noreply.github.com> Co-authored-by: Guille <alvarezguille@users.noreply.github.com> Co-authored-by: Johannes Eriksson <joheriks@vaadin.com> Co-authored-by: Serhii Kulykov <iamkulykov@gmail.com> Co-authored-by: Muammer Yucel <muammer.yucel.82@gmail.com> Co-authored-by: Giovanni Lovato <giovanni@lova.to> Co-authored-by: Manuel Carrasco Moñino <manolo@apache.org>
Workaround for Safari not asking credentials when requesting the bundle. See: https://stackoverflow.com/questions/56557082/safari-blocked-https-from-asking-for-credentials-because-it-is-a-cross-o
Fixes #6560. Fixes #7087.
This change is