meteor-feature-requests
meteor-feature-requests copied to clipboard
meteor
A tracker for Meteor issues that are requests for new functionality, not bugs.
An issue came up on the [forums](https://forums.meteor.com/t/security-dont-store-tokens-in-localstorage/50539) where Meteor app audit highlighted storage of session tokens in `localStorage` as a security issue. Setting up content security policy is not seen...
There is a useful [`mergeCss` function](https://github.com/meteor/meteor/blob/devel/packages/standard-minifier-css/plugin/minify-css.js#L65) in the [`standard-minifier-css` package](https://github.com/meteor/meteor/blob/devel/packages/standard-minifier-css) that does the following (according to the comments): > Lints CSS files and merges them into one file, fixing up...
@benjamn I like your work about `server-render` package, and there's something can be improved. When doing SSR, we need login token to get current user. One way to achieve is...
It would be nice if the progress indicators were more verbose, possibly showing a percent complete for tasks that it can predict (such as download sizes), or more general show...
build server-only are include web.browser and web.browser.legacy want to save some build time that build server only
Migrated from: meteor/meteor#4360
[meteor-random](https://www.npmjs.com/package/meteor-random) was last published three years ago, so it would be nice to have the random module officially on npm for interop purposes. The core code could just wrap that....
Currently all the Accounts API hooks are synchronous, such as `Accounts.onLogin(data => ...)` or `Accounts.validateLoginAttempt(data => ...)`, and require that all included actions are run synchronously, otherwise they will "fire"...
While working on https://github.com/meteor/meteor/pull/9558, I was reminded of this part of the 1.6 announcement about how Apollo and Meteor will be coming [closer together](https://blog.meteor.com/announcing-meteor-1-6-abf30f29e2c6#93b9). Accounts is a pretty popular part...
Currently it is really painful to do any HTTP based authentication. It seems the best way is that a client calls a Meteor method on load and then that one...