Fixes #423
Fixes #423
Conversation
express-minify requires a compiler to install so making it optional makes setting up a new dev env easier.
Installs fine for me... what do you mean?
Request logging will eventually occur on production so -1 for this... plus I mentioned to you to keep require statements at the top for now.
Interesting idea but why not let the end user decide instead with their own sec policy? |
My VS compiler install is messed up and have been putting off fixing it. In any case, it requires
No big deal. It was to be slightly consistent with optional stuff anyways.
Because the user should not have to make that decision. If he's given an option, he'll be scared away / choose the more secure option anyways. Greasyfork doesn't allow images from http, so conforming with them would be best. |
|
@Zren commented on 15 nov. 2014 23:17 CET:
Can you elaborate on this. I'm using VS for development too and have no problems with it. @Zren commented on 15 nov. 2014 20:37 CET:
I was thinking about why not hide the non-https images when they are viewed on https site... |
Forgot we actually support |
|
@Zren commented on 15 nov. 2014 23:50 CET:
I was more thinking about not showing the images in the views when |
The problem is with google doing false positives of this... I'd be more interested if authed then just do it and allow the user to control their own security policy (we don't need to be a dictator which is one of sizzles previously mentioned goals and one of mine on USO.)... if not authed google would either get a (possible) 404 which would hurt our SEO ranking in which case we should just show the "default" icon (which is actually a font... maybe with another unique indicator). This still doesn't address |
|
@Zren express-minify is currently on Pro and Dev now but not Dbg (debug) ... basically if you are having issues with this it would be best to resolve them. My solution was 3 fold... upgrade my distro... compile my own node instead of using my distros... and then installing a newer npm. toobusy package currently compiles okay here now but of course we aren't using it anymore. |
Yep. Mainly because I thought the chrome was blocking mixed content over HTTPS but that was the SSL cert. I'll put this on the backburner for now.
Don't really want to fix my C compiler until I reformat & reinstall Windows, which I'm not planning on doing until I get a new drive (possible an SSD :] ). So making my current env work until then. Part of what got me to actually help with OUJS is how easy it was to setup a dev env. It didn't require a compiler (after we made it optional, and eventually used toobusy-js instead). I didn't have to setup MongoDB as the defaults point to the dev db. All I had to do was clone + npm install + run. Going to make a new PR without the HTTPS commit and just make express-minify optional. |
|
SSD's are quite an improvement... they are worth it if not too expensive.
Windows is giving you a compiling error? Most of node under that is precompiled last I installed about a little over a week ago... sounds to me like you have bigger issues if Windows is doing this to you. Forward ref #431 |
express-minifyan optional dependancy as we only use it in production and it requires a compiler to install (pain). Also makemorganoptional even though it doesn't need a compiler. I could probably make it adevDependancybut it's not terribly critical (as we might want to use it in production).https://ordata:image/URIs (png/gif only atm, probably should add jpg or just allow anything).