maxcdn / osscdn Goto Github PK

main.css and bower_components/angular-dropdowns/css/dropdowns.css seem safe to be combined.

Right now the package version dropdown is sorted based on filesystem sorting which has issues with semantic versioning. The best example of this is jQuery. The latest 1.x versions are sorted underneath older versions:

2.0.3
[etc]
1.2.6
1.2.3
1.10.2
1.10.1
1.10.0

I'm not good enough with javascript to do the needed parsing and sorting, or I would put in a pull request myself.

It'd be great if osscdn.com had https available. Shouldn't need any explanation to be honest.

If you're looking to avoid costs you can always use letsencrypt for free, works great.

An example is the Base64 project

{
  "name": "Base64",
  "filename": "base64.min.js",
  "version": "0.1.3",
  "description": "Base64 encoding and decoding",
  "author": "David Chambers <[email protected]>",
  "main": "./base64.js",
  "licenses": [{
    "type": "WTFPL",
    "url": "https://raw.github.com/davidchambers/Base64.js/master/LICENSE"
  }],
  "repository": {
    "type": "git",
    "url": "git://github.com/davidchambers/Base64.js.git"
  },
  "devDependencies": {
    "coffee-script": "1.4.x",
    "mocha": "1.8.x",
    "uglify-js": "2.2.x"
  }
}

• http://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js -- works fine
• https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js -- browser flashes SSL certificate warning (domain mismatch), and even if you tell the browser to ignore the warning, the result is a 404.

This is a big problem for us over at Bootstrap ( twbs/bootstrap#11312 ), since we're using HTTPS links to this CDN in our site, docs, examples, etc. I know HTTPS worked when I originally tested the links, so something seems to have gone wrong since then.

/cc @jdorfman

Since <meta http-equiv="X-UA-Compatible" content="IE=edge"> isn't valid HTML5 we should move it to the http headers.

div with attribute flash-alert="success" is hidden with opacity 0 and its over buttons "Bootstrap & Font-Awesome" and "Network"
half of this buttons is not clickable

Since the CSS files we build have a hash in their name it's pretty safe to increase their cache from 12hours to something like at least 1 week or 1 month.

OrchardCMS/OrchardCore#3330

Many things break without anyone noticing so we should enable Travis and cover as many stuff as possible.

Should we open the extras links in a new tab?

I noticed it for 1140 package.

See grunt-uncss. This should help in decreasing CSS size (ie. Bootstrap).

https://github.com/twbs/bootstrap/pull/12013/files#diff-4

The current file links should be replaced with copy buttons.

I noticed that the site doesn't even run on IE <= 8.

Seems a good idea to bump the minimum IE to 9.

https://github.com/MaxCDN/osscdn/blob/master/frontend/app/index.html#L19

Also since older IE support is not an issue you could update html5 boilerplate to the latest git; it's cleaner.

@bebraw it's that angular-ui-router issue.

Opening so that we track the issue.

I'm not very familiar with Angular.js but it shouldn't be too hard to bring back IE8 support.

http://stackoverflow.com/questions/18422606/angularjs-templates-not-loading-in-internet-explorer-8
http://stackoverflow.com/questions/18783203/angular-js-ui-router-on-internet-explorer-8
http://blog-it.hypoport.de/2013/08/24/how-to-make-your-angularjs-app-work-in-ie-8/

If you think it's not worth I guess we should get rid of es5-shim and json3 and tweak the browsehappy prompt.

can not use a css fonts from cdn.

The proper name is snap.svg. Not sure how you handle renames and removals, that's why I ask.

As per #41 (comment), opening this to discuss the idea

Apparently df07e97 doesn't fix the issue.

The fact is that with mangle disabled the size for modules.js is doubled. So we definitely need to enable mangle.

Now to work around the issue. I have a local patch which works but the following overwrites my changes

Running "uglify:scripts" (uglify) task
File "dist/scripts/scripts.js" created.
Original: 2911 bytes.
Minified: 1753 bytes.

Running "uglify:generated" (uglify) task
File "dist\scripts\modules.js" created.
Original: 858657 bytes.
Minified: 135212 bytes.
File "dist\scripts\scripts.js" created.
Original: 2617 bytes.
Minified: 1230 bytes.

@bebraw: do you know how we can solve this?

When I hit http://oss.maxcdn.com in a browser, it downloads the source. Probably due to this header:

Content-Type: application/octet-stream; charset=utf-8

# should be
Content-Type: text/html; charset=UTF-8

I will take care of this in the next days.

I wonder if there's an easy way to check for things like dadbda6

One reason the repository is too big/slow is due to the number of files it has.

The main site loads everything but the list, then loads forever.

The firefox console says: "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://api.jsdelivr.com/v1/jsdelivr/libraries?fields=name. (Reason: CORS header 'Access-Control-Allow-Origin' does not match '*, *')."

The IE console says: "SEC7118: XMLHttpRequest for http://api.jsdelivr.com/v1/jsdelivr/libraries?fields=name required Cross Origin Resource Sharing (CORS)."

Not tested in Chrome.

Reproducible on different computers running Windows 8 and Windows 7. Not tested on Linux, OSX, BSD, Solaris, or MikeOS.

Internet connection is VIA Rail Canada (Geotool says Internap) and Bell Canada in Ottawa.

As a CDN provider it will soon become good practice to provide integrities.
See:
jsdelivr/bootstrapcdn#555
jsdelivr/jsdelivr#6029
cdnjs/cdnjs#4599

For all static assets that never change can integrities be added?

I'm here to help if anything is needed.

Check the "oj*" packages. The homepage links are like unsafe:git://github.com/ojjs/oj

Atm

...
function walk(root, cb) {
    glob(path.join(root, '/**/package.json'), function(err, files) {
...

Is there any reason to look in all subdirectories for package.json files?

Hi,
Tried using fontawesome and I get a cross-domain error both in Chrome and Firefox:

Chrome: Font from origin 'http://oss.maxcdn.com' has been blocked from loading by Cross-Origin Resource Sharing policy: The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed. Origin '[MYWEBSITE]' is therefore not allowed access.

Firefox: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://oss.maxcdn.com/fontawesome/4.1.0/fonts/fontawesome-webfont.ttf?v=4.1.0. This can be fixed by moving the resource to the same domain or enabling CORS.

I tested with 4.2.0 and 4.1.0, can you please check what's wrong?

Thanks!

Since stars and hits aren't used anymore, the code should be cleaned up in walker.