From 0f97fee71234aa7783c401af849586d3518f98e0 Mon Sep 17 00:00:00 2001 From: Sebastian Sdorra Date: Tue, 27 Nov 2018 11:33:27 +0100 Subject: [PATCH 1/4] add polyfill for Object.assign and fetch, to fix ie11 --- .../packages/ui-components/yarn.lock | 4 ---- scm-ui/package.json | 10 ++++++--- scm-ui/public/index.mustache | 1 + scm-ui/yarn.lock | 21 +++++++++++++++++-- 4 files changed, 27 insertions(+), 9 deletions(-) diff --git a/scm-ui-components/packages/ui-components/yarn.lock b/scm-ui-components/packages/ui-components/yarn.lock index d7afe51035..94816787ec 100644 --- a/scm-ui-components/packages/ui-components/yarn.lock +++ b/scm-ui-components/packages/ui-components/yarn.lock @@ -688,10 +688,6 @@ react "^16.4.2" react-dom "^16.4.2" -"@scm-manager/ui-types@2.0.0-SNAPSHOT": - version "2.0.0-20181010-130547" - resolved "https://registry.yarnpkg.com/@scm-manager/ui-types/-/ui-types-2.0.0-20181010-130547.tgz#9987b519e43d5c4b895327d012d3fd72429a7953" - "@types/node@*": version "10.12.0" resolved "https://registry.yarnpkg.com/@types/node/-/node-10.12.0.tgz#ea6dcbddbc5b584c83f06c60e82736d8fbb0c235" diff --git a/scm-ui/package.json b/scm-ui/package.json index c4b7cb3983..d80ee6571e 100644 --- a/scm-ui/package.json +++ b/scm-ui/package.json @@ -5,6 +5,7 @@ "private": true, "main": "src/index.js", "dependencies": { + "@babel/polyfill": "^7.0.0", "@fortawesome/fontawesome-free": "^5.3.1", "@scm-manager/ui-extensions": "^0.1.1", "bulma": "^0.7.1", @@ -31,17 +32,19 @@ "redux": "^4.0.0", "redux-devtools-extension": "^2.13.5", "redux-logger": "^3.0.6", - "redux-thunk": "^2.3.0" + "redux-thunk": "^2.3.0", + "whatwg-fetch": "^3.0.0" }, "scripts": { + "polyfills": "concat node_modules/@babel/polyfill/dist/polyfill.min.js node_modules/whatwg-fetch/dist/fetch.umd.js -o target/scm-ui/polyfills.bundle.js", "webfonts": "copyfiles -f node_modules/@fortawesome/fontawesome-free/webfonts/* target/scm-ui/styles/webfonts", "build-css": "node-sass-chokidar --include-path ./styles --include-path ./node_modules styles/ -o target/scm-ui/styles", "watch-css": "npm run build-css && node-sass-chokidar --include-path ./styles --include-path ./node_modules styles/ -o target/scm-ui/styles --watch --recursive", "start-js": "ui-bundler serve --target target/scm-ui --vendor vendor.bundle.js", - "start": "npm-run-all -p webfonts watch-css start-js", + "start": "npm-run-all -p webfonts watch-css polyfills start-js", "build-js": "ui-bundler bundle --mode=production target/scm-ui/scm-ui.bundle.js", "build-vendor": "ui-bundler vendor --mode=production target/scm-ui/vendor.bundle.js", - "build": "npm-run-all -s webfonts build-css build-vendor build-js", + "build": "npm-run-all -s webfonts build-css polyfills build-vendor build-js", "test": "ui-bundler test", "test-ci": "ui-bundler test --ci", "flow": "flow", @@ -49,6 +52,7 @@ }, "devDependencies": { "@scm-manager/ui-bundler": "^0.0.21", + "concat": "^1.0.3", "copyfiles": "^2.0.0", "enzyme": "^3.3.0", "enzyme-adapter-react-16": "^1.1.1", diff --git a/scm-ui/public/index.mustache b/scm-ui/public/index.mustache index 62a40d8e93..590b5e3cdb 100644 --- a/scm-ui/public/index.mustache +++ b/scm-ui/public/index.mustache @@ -34,6 +34,7 @@ + diff --git a/scm-ui/yarn.lock b/scm-ui/yarn.lock index ec5a53aecc..5e91190b95 100644 --- a/scm-ui/yarn.lock +++ b/scm-ui/yarn.lock @@ -513,6 +513,13 @@ "@babel/helper-regex" "^7.0.0" regexpu-core "^4.1.3" +"@babel/polyfill@^7.0.0": + version "7.0.0" + resolved "https://registry.yarnpkg.com/@babel/polyfill/-/polyfill-7.0.0.tgz#c8ff65c9ec3be6a1ba10113ebd40e8750fb90bff" + dependencies: + core-js "^2.5.7" + regenerator-runtime "^0.11.1" + "@babel/preset-env@^7.0.0": version "7.1.0" resolved "https://registry.yarnpkg.com/@babel/preset-env/-/preset-env-7.1.0.tgz#e67ea5b0441cfeab1d6f41e9b5c79798800e8d11" @@ -2005,6 +2012,12 @@ concat-stream@^1.6.0, concat-stream@^1.6.1, concat-stream@~1.6.0: readable-stream "^2.2.2" typedarray "^0.0.6" +concat@^1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/concat/-/concat-1.0.3.tgz#40f3353089d65467695cb1886b45edd637d8cca8" + dependencies: + commander "^2.9.0" + connect-history-api-fallback@^1: version "1.5.0" resolved "https://registry.yarnpkg.com/connect-history-api-fallback/-/connect-history-api-fallback-1.5.0.tgz#b06873934bc5e344fef611a196a6faae0aee015a" @@ -2065,7 +2078,7 @@ copyfiles@^2.0.0: through2 "^2.0.1" yargs "^11.0.0" -core-js@^2.4.0, core-js@^2.5.0: +core-js@^2.4.0, core-js@^2.5.0, core-js@^2.5.7: version "2.5.7" resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.5.7.tgz#f972608ff0cead68b841a16a932d0b183791814e" @@ -7056,7 +7069,7 @@ regenerator-runtime@^0.10.5: version "0.10.5" resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.10.5.tgz#336c3efc1220adcedda2c9fab67b5a7955a33658" -regenerator-runtime@^0.11.0: +regenerator-runtime@^0.11.0, regenerator-runtime@^0.11.1: version "0.11.1" resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.11.1.tgz#be05ad7f9bf7d22e056f9726cee5017fbf19e2e9" @@ -8530,6 +8543,10 @@ whatwg-fetch@^2.0.4: version "2.0.4" resolved "https://registry.yarnpkg.com/whatwg-fetch/-/whatwg-fetch-2.0.4.tgz#dde6a5df315f9d39991aa17621853d720b85566f" +whatwg-fetch@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/whatwg-fetch/-/whatwg-fetch-3.0.0.tgz#fc804e458cc460009b1a2b966bc8817d2578aefb" + whatwg-mimetype@^2.1.0: version "2.2.0" resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-2.2.0.tgz#a3d58ef10b76009b042d03e25591ece89b88d171" From ed3917469b6c6323133c25029972d734d8453427 Mon Sep 17 00:00:00 2001 From: Sebastian Sdorra Date: Tue, 27 Nov 2018 11:33:51 +0100 Subject: [PATCH 2/4] added cache-control header to api response, to fix stale data on ie11 --- .../api/v2/CacheControlResponseFilter.java | 39 ++++++++++++ .../v2/CacheControlResponseFilterTest.java | 61 +++++++++++++++++++ 2 files changed, 100 insertions(+) create mode 100644 scm-webapp/src/main/java/sonia/scm/api/v2/CacheControlResponseFilter.java create mode 100644 scm-webapp/src/test/java/sonia/scm/api/v2/CacheControlResponseFilterTest.java diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/CacheControlResponseFilter.java b/scm-webapp/src/main/java/sonia/scm/api/v2/CacheControlResponseFilter.java new file mode 100644 index 0000000000..059b48df5a --- /dev/null +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/CacheControlResponseFilter.java @@ -0,0 +1,39 @@ +package sonia.scm.api.v2; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.ws.rs.container.ContainerRequestContext; +import javax.ws.rs.container.ContainerResponseContext; +import javax.ws.rs.container.ContainerResponseFilter; +import javax.ws.rs.ext.Provider; + +/** + * Adds the Cache-Control: no-cache header to every api call. But only if non caching headers are set to the response. + * The Cache-Control header should fix stale resources on ie. + */ +@Provider +public class CacheControlResponseFilter implements ContainerResponseFilter { + + private static final Logger LOG = LoggerFactory.getLogger(CacheControlResponseFilter.class); + + @Override + public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) { + if (!isCacheable(responseContext)) { + LOG.trace("add no-cache header to response"); + responseContext.getHeaders().add("Cache-Control", "no-cache"); + } + } + + private boolean isCacheable(ContainerResponseContext responseContext) { + return hasLastModifiedDate(responseContext) || hasEntityTag(responseContext); + } + + private boolean hasEntityTag(ContainerResponseContext responseContext) { + return responseContext.getEntityTag() != null; + } + + private boolean hasLastModifiedDate(ContainerResponseContext responseContext) { + return responseContext.getLastModified() != null; + } +} diff --git a/scm-webapp/src/test/java/sonia/scm/api/v2/CacheControlResponseFilterTest.java b/scm-webapp/src/test/java/sonia/scm/api/v2/CacheControlResponseFilterTest.java new file mode 100644 index 0000000000..b0e8c4fdf5 --- /dev/null +++ b/scm-webapp/src/test/java/sonia/scm/api/v2/CacheControlResponseFilterTest.java @@ -0,0 +1,61 @@ +package sonia.scm.api.v2; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; + +import javax.ws.rs.container.ContainerRequestContext; +import javax.ws.rs.container.ContainerResponseContext; +import javax.ws.rs.core.EntityTag; +import javax.ws.rs.core.MultivaluedMap; +import java.util.Date; + +import static org.mockito.Mockito.*; + +@RunWith(MockitoJUnitRunner.class) +public class CacheControlResponseFilterTest { + + @Mock + private ContainerRequestContext requestContext; + + @Mock + private ContainerResponseContext responseContext; + + @Mock + private MultivaluedMap headers; + + private CacheControlResponseFilter filter = new CacheControlResponseFilter(); + + @Before + public void setUpMocks() { + when(responseContext.getHeaders()).thenReturn(headers); + } + + @Test + public void filterShouldAddCacheControlHeader() { + filter.filter(requestContext, responseContext); + + verify(headers).add("Cache-Control", "no-cache"); + } + + @Test + public void filterShouldNotSetHeaderIfLastModifiedIsNotNull() { + when(responseContext.getLastModified()).thenReturn(new Date()); + + filter.filter(requestContext, responseContext); + + verify(headers, never()).add("Cache-Control", "no-cache"); + } + + @Test + public void filterShouldNotSetHeaderIfEtagIsNotNull() { + when(responseContext.getEntityTag()).thenReturn(new EntityTag("42")); + + filter.filter(requestContext, responseContext); + + verify(headers, never()).add("Cache-Control", "no-cache"); + } + +} From 46b111df7d97c056d4d0620a5f81eb41c9c3fa28 Mon Sep 17 00:00:00 2001 From: Sebastian Sdorra Date: Tue, 27 Nov 2018 11:58:40 +0100 Subject: [PATCH 3/4] remove vulnerable flatmap-stream package --- scm-ui/yarn.lock | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/scm-ui/yarn.lock b/scm-ui/yarn.lock index 5e91190b95..667ba08368 100644 --- a/scm-ui/yarn.lock +++ b/scm-ui/yarn.lock @@ -2941,12 +2941,11 @@ event-emitter@^0.3.5: d "1" es5-ext "~0.10.14" -event-stream@~3.3.0: - version "3.3.6" - resolved "https://registry.yarnpkg.com/event-stream/-/event-stream-3.3.6.tgz#cac1230890e07e73ec9cacd038f60a5b66173eef" +event-stream@3.3.5, event-stream@~3.3.0: + version "3.3.5" + resolved "https://registry.yarnpkg.com/event-stream/-/event-stream-3.3.5.tgz#e5dd8989543630d94c6cf4d657120341fa31636b" dependencies: duplexer "^0.1.1" - flatmap-stream "^0.1.0" from "^0.1.7" map-stream "0.0.7" pause-stream "^0.0.11" @@ -3264,10 +3263,6 @@ flat-cache@^1.2.1: graceful-fs "^4.1.2" write "^0.2.1" -flatmap-stream@^0.1.0: - version "0.1.1" - resolved "https://registry.yarnpkg.com/flatmap-stream/-/flatmap-stream-0.1.1.tgz#d34f39ef3b9aa5a2fc225016bd3adf28ac5ae6ea" - flow-bin@^0.79.1: version "0.79.1" resolved "https://registry.yarnpkg.com/flow-bin/-/flow-bin-0.79.1.tgz#01c9f427baa6556753fa878c192d42e1ecb764b6" From 2855911fef99d956411b570acd8c1c22a1120278 Mon Sep 17 00:00:00 2001 From: Philipp Czora Date: Tue, 27 Nov 2018 12:49:53 +0000 Subject: [PATCH 4/4] Close branch bugfix/ie11