discourse

mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-05-05 17:40:33 +08:00

History

Alan Guo Xiang Tan 9d544dc2dd DEV: Add /dev-mode endpoint for MiniProfiler auth cookie (#37027 ) What is the problem? Developers need to profile pages while browsing as anonymous users or while impersonating other users. Currently, MiniProfiler authorization is tied to the session, so it's lost when the session changes. What is the solution? Add a `/dev-mode` endpoint that sets an encrypted cookie to persist MiniProfiler authorization for 1 hour, independent of the session: - New `DevModeController` with CSRF-protected POST form - Only accessible to users in the Developer group - Cookie validated on each request by checking timestamp, user existence, and developer status	2026-01-12 10:01:20 +08:00
..
index.html.erb

Alan Guo Xiang Tan 9d544dc2dd

DEV: Add /dev-mode endpoint for MiniProfiler auth cookie (#37027 )

What is the problem?

Developers need to profile pages while browsing as anonymous users or
while impersonating other users. Currently, MiniProfiler authorization
is tied to the session, so it's lost when the session changes.

What is the solution?

Add a `/dev-mode` endpoint that sets an encrypted cookie to persist
MiniProfiler authorization for 1 hour, independent of the session:
- New `DevModeController` with CSRF-protected POST form
- Only accessible to users in the Developer group
- Cookie validated on each request by checking timestamp, user
  existence, and developer status

2026-01-12 10:01:20 +08:00

index.html.erb

菲码源库

快速导航

产品服务

生态伙伴