From 93e4c705f6f420d6e389d35b1a21e5592fffe361 Mon Sep 17 00:00:00 2001 From: Blayr Date: Thu, 2 May 2024 14:34:41 +0000 Subject: [PATCH 1/2] Don't deauthorize request when loading assets --- lib/mini_profiler.rb | 3 ++- lib/mini_profiler/client_settings.rb | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/mini_profiler.rb b/lib/mini_profiler.rb index cccbce90..40e81b1b 100644 --- a/lib/mini_profiler.rb +++ b/lib/mini_profiler.rb @@ -176,7 +176,8 @@ def call(env) end ) if skip_it - return client_settings.handle_cookie(@app.call(env)) + # preserve_cookie to ensure we don't deauthorize the request (delete the auth cookie) when loading assets + return client_settings.handle_cookie(@app.call(env), preserve_cookie: true) end skip_it = (@config.pre_authorize_cb && !@config.pre_authorize_cb.call(env)) diff --git a/lib/mini_profiler/client_settings.rb b/lib/mini_profiler/client_settings.rb index 36855230..67a9ace5 100644 --- a/lib/mini_profiler/client_settings.rb +++ b/lib/mini_profiler/client_settings.rb @@ -39,13 +39,13 @@ def initialize(env, store, start) end - def handle_cookie(result) + def handle_cookie(result, preserve_cookie: false) status, headers, _body = result if (MiniProfiler.config.authorization_mode == :allow_authorized && !MiniProfiler.request_authorized?) # this is non-obvious, don't kill the profiling cookie on errors or short requests # this ensures that stuff that never reaches the rails stack does not kill profiling - if status.to_i >= 200 && status.to_i < 300 && ((Process.clock_gettime(Process::CLOCK_MONOTONIC) - @start) > 0.1) + if !preserve_cookie && status.to_i >= 200 && status.to_i < 300 && ((Process.clock_gettime(Process::CLOCK_MONOTONIC) - @start) > 0.1) discard_cookie!(headers) end else From b8428423454b7584995b08de68945c2ecd80a8c5 Mon Sep 17 00:00:00 2001 From: iberianpig Date: Fri, 7 Feb 2025 19:01:33 +0900 Subject: [PATCH 2/2] fix: serve static assets based on Rails configuration - Modified the condition for enabling the asset server to check for `::Rails.configuration.public_file_server.enabled` or `::Rails.configuration.assets.unknown_asset_fallback` for Rails versions 5.1.0 and above. - The `unknown_asset_fallback` option allows for fallback handling when an asset is not found, which can lead to additional requests to the `/assets` path when assets are missing. --- lib/mini_profiler_rails/railtie.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/mini_profiler_rails/railtie.rb b/lib/mini_profiler_rails/railtie.rb index 57379962..064ea190 100644 --- a/lib/mini_profiler_rails/railtie.rb +++ b/lib/mini_profiler_rails/railtie.rb @@ -165,7 +165,9 @@ def self.serves_static_assets?(app) return false end - if ::Rails.version >= "5.0.0" + if ::Rails.version >= "5.1.0" + ::Rails.configuration.public_file_server.enabled || ::Rails.configuration.assets.unknown_asset_fallback + elsif ::Rails.version >= "5.0.0" ::Rails.configuration.public_file_server.enabled elsif ::Rails.version >= "4.2.0" ::Rails.configuration.serve_static_files