From 75630dbc7c5fa1621dab9332dca4539f12395e26 Mon Sep 17 00:00:00 2001 From: pursual Date: Fri, 4 Dec 2015 17:35:18 -0500 Subject: [PATCH 1/5] Fix static files BEFORE sessions To avoid a mongo ping per static file. --- config/lib/express.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/config/lib/express.js b/config/lib/express.js index 0f3c8b947c..6ca13b9d86 100644 --- a/config/lib/express.js +++ b/config/lib/express.js @@ -228,6 +228,12 @@ module.exports.init = function (db) { // Initialize Express view engine this.initViewEngine(app); + + // Initialize Helmet security headers + this.initHelmetHeaders(app); + + // Initialize modules static client routes + this.initModulesClientRoutes(app); // Initialize Express session this.initSession(app, db); @@ -235,12 +241,6 @@ module.exports.init = function (db) { // Initialize Modules configuration this.initModulesConfiguration(app); - // Initialize Helmet security headers - this.initHelmetHeaders(app); - - // Initialize modules static client routes - this.initModulesClientRoutes(app); - // Initialize modules server authorization policies this.initModulesServerPolicies(app); From 80ecc0b35a6753e0e1e18bbddd39776615f05af5 Mon Sep 17 00:00:00 2001 From: pursual Date: Fri, 4 Dec 2015 18:38:42 -0500 Subject: [PATCH 2/5] Update express.js fix(core): Serve static files without session init Small change to config/lib.express.js. Move static routes config above session init. Fixes #1089 --- config/lib/express.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/lib/express.js b/config/lib/express.js index 6ca13b9d86..03a23097c1 100644 --- a/config/lib/express.js +++ b/config/lib/express.js @@ -232,7 +232,7 @@ module.exports.init = function (db) { // Initialize Helmet security headers this.initHelmetHeaders(app); - // Initialize modules static client routes + // Initialize modules static client routes, BEFORE session. this.initModulesClientRoutes(app); // Initialize Express session From d474e72fddc395c406ce35e7a42e2ba9e9f4df78 Mon Sep 17 00:00:00 2001 From: pursual Date: Fri, 4 Dec 2015 23:21:00 -0500 Subject: [PATCH 3/5] fix(core): Serve static files without session init --- config/lib/express.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/lib/express.js b/config/lib/express.js index 03a23097c1..8278cd5aa6 100644 --- a/config/lib/express.js +++ b/config/lib/express.js @@ -232,7 +232,7 @@ module.exports.init = function (db) { // Initialize Helmet security headers this.initHelmetHeaders(app); - // Initialize modules static client routes, BEFORE session. + // Initialize modules static client routes, BEFORE session! this.initModulesClientRoutes(app); // Initialize Express session From c0bbd59bf3d382b45fee118a92fe26d10b33406d Mon Sep 17 00:00:00 2001 From: pursual Date: Fri, 4 Dec 2015 23:23:05 -0500 Subject: [PATCH 4/5] fix(core): Serve static files without session init Small change to config/lib.express.js. Move static routes config above session init. Fixes #1089 --- config/lib/express.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/lib/express.js b/config/lib/express.js index 8278cd5aa6..03a23097c1 100644 --- a/config/lib/express.js +++ b/config/lib/express.js @@ -232,7 +232,7 @@ module.exports.init = function (db) { // Initialize Helmet security headers this.initHelmetHeaders(app); - // Initialize modules static client routes, BEFORE session! + // Initialize modules static client routes, BEFORE session. this.initModulesClientRoutes(app); // Initialize Express session From c00e644726e6713ded653db397bf16c130861c31 Mon Sep 17 00:00:00 2001 From: pursual Date: Fri, 4 Dec 2015 17:35:18 -0500 Subject: [PATCH 5/5] fix(core): Serve static files without session init Fixes #1089 --- config/lib/express.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/config/lib/express.js b/config/lib/express.js index 0f3c8b947c..03a23097c1 100644 --- a/config/lib/express.js +++ b/config/lib/express.js @@ -228,6 +228,12 @@ module.exports.init = function (db) { // Initialize Express view engine this.initViewEngine(app); + + // Initialize Helmet security headers + this.initHelmetHeaders(app); + + // Initialize modules static client routes, BEFORE session. + this.initModulesClientRoutes(app); // Initialize Express session this.initSession(app, db); @@ -235,12 +241,6 @@ module.exports.init = function (db) { // Initialize Modules configuration this.initModulesConfiguration(app); - // Initialize Helmet security headers - this.initHelmetHeaders(app); - - // Initialize modules static client routes - this.initModulesClientRoutes(app); - // Initialize modules server authorization policies this.initModulesServerPolicies(app);