Commit Graph

195 Commits

Author SHA1 Message Date
Kyle Zhao 38c70bfda2 extract inline JS for google analytics 2018-09-17 09:56:00 +10:00
Neil Lalonde 71b65be6f6 SECURITY: prevent use of X-Forwarded-Host to perform XSS 2018-08-13 16:45:22 -04:00
Osama Sayegh 0b7ed8ffaf FEATURE: backend support for user-selectable components
* FEATURE: backend support for user-selectable components

* fix problems with previewing default theme

* rename preview_key => preview_theme_id

* omit default theme from child themes dropdown and try a different fix

* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
OsamaSayegh decf1f27cf FEATURE: Groundwork for user-selectable theme components
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Guo Xiang Tan 875008522d FIX: `Discourse.S3BaseUrl` did not account for subfolder bucket names. 2018-07-06 15:53:57 +08:00
Guo Xiang Tan 73e30ff4c2 Revert "Rename s3 vars, change condition when displaying s3 uploads"
The new variables do not reflect that they represent S3 settings.

This reverts commit 24dfa1b657.
2018-07-06 15:53:57 +08:00
Maja Komel ec3e6a81a4 FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
Maja Komel 24dfa1b657 Rename s3 vars, change condition when displaying s3 uploads 2018-06-25 17:16:01 +02:00
Robin Ward a5172a37e0 Allow staff members to enable safe mode, even if disabled 2018-04-25 11:49:57 -04:00
Robin Ward fd14ee4797 FEATURE: Allow safe mode to be disabled 2018-04-24 11:03:33 -04:00
Jeff Wong 32f919ea34 Fix - service worker registrations
* register service workers in a development env

* register service worker from ember initialize fn
2018-04-10 15:17:32 -07:00
Neil Lalonde b7ecdb72d6 FIX: update Google Tag Manager javascript 2018-04-03 14:22:06 -04:00
OsamaSayegh 282f53f0cd FEATURE: Theme settings (2) (#5611)
Allows theme authors to specify custom theme settings for the theme. 

Centralizes the theme/site settings into a single construct
2018-03-04 19:04:23 -05:00
Guo Xiang Tan 70f14da732 UX: Use 'tel' input type for 2FA token inputs. 2018-02-27 09:30:44 +08:00
Guo Xiang Tan 7902296c11 Oops we should register a service worker as long as it is supported. 2018-02-15 15:02:14 +08:00
Guo Xiang Tan 28365f8ae5 PERF: Have nginx cache and serve the service worker file. 2018-02-15 10:50:39 +08:00
Neil Lalonde 7dc3671490 FEATURE: remove obsolete settings ga_tracking_code and ga_domain_name. Use ga_universal_tracking_code and ga_universal_domain_name instead. 2017-11-01 11:41:51 -04:00
Sam 70bb2aa426 FEATURE: allow specifying s3 config via globals
This refactors handling of s3 so it can be specified via GlobalSetting

This means that in a multisite environment you can configure s3 uploads
without actual sites knowing credentials in s3

It is a critical setting for situations where assets are mirrored to s3.
2017-10-06 16:20:01 +11:00
Leo McArdle e183600563 FIX: redirect loop for new users visiting /new-topic using full screen login 2017-09-07 21:02:41 +01:00
Sam Saffron d0c5205a52 Feature: Change markdown engine to markdown it
This commit removes the old evilstreak markdownjs engine.

- Adds specs to WhiteLister and changes it to stop using globals
    (Fixes large memory leak)
- Fixes edge cases around bbcode handling
- Removes mdtest which is no longer valid (to be replaced with
    CommonMark)
- Updates MiniRacer to correct minor unmanaged memory leak
- Fixes plugin specs
2017-07-17 11:41:34 -04:00
Neil Lalonde 3ebd8838af FEATURE: cross-domain tracking for Google universal analytics 2017-07-13 15:21:44 -04:00
Sam 79a084dd58 Revert "remove old markdown engine work-in-progress"
This reverts commit ee470b5317.
2017-07-12 18:10:51 -04:00
Sam Saffron ee470b5317 remove old markdown engine work-in-progress 2017-07-12 17:44:40 -04:00
Sam 234694b50f Feature: CommonMark support
This adds the markdown.it engine to Discourse.
https://github.com/markdown-it/markdown-it

As the migration is going to take a while the new engine is default
disabled. To enable it you must change the hidden site setting:
enable_experimental_markdown_it.

This commit is a squash of many other commits, it also includes some
improvements to autospec (ability to run plugins), and a dev dependency
on the og gem for html normalization.
2017-06-23 12:01:33 -04:00
Robin Ward 30ebaf6b6a Update FontAwesome to 4.7.0 2017-04-26 15:16:30 -04:00
Sam bbed29ba57 correct font preloading 2017-04-20 11:18:37 -04:00
Sam 5dd752877e FEATURE: try adding some preload hints for chrome 2017-04-17 11:52:43 -04:00
Sam a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Sam 30e0154e5d SECURITY: fix reflected XSS with safe_mode param
(only applies to beta and master)
2016-12-19 10:11:51 +11:00
Sam e2c87da42a FEATURE: Add basic support for Safe Mode
In Safe Mode all JS extensions and site customizations are disabled.

To access Safe Mode visit `sitename.org/safe-mode`
2016-11-21 16:46:14 +11:00
Neil Lalonde d38727efb7 FIX: Google Universal Analytics was tracking two page views on first page view 2016-08-02 12:55:02 -04:00
Neil Lalonde ba637e40b6 FEATURE: Google Tag Manager Universal Analytics support 2016-07-14 16:35:20 -04:00
Robin Ward bba0fd0654 REFACTOR: PreloadStore to ES6 2016-07-11 12:57:05 -04:00
Robin Ward 25d6915cac Migrate discourse.js to ES6 2016-07-11 12:57:05 -04:00
Robin Ward a546395397 REFACTOR: Migrate markdown functionality in ES6 2016-07-11 12:57:05 -04:00
Jeff Atwood 36e3e53798 is it really necessary to specify 'normal' font? 2016-04-11 02:30:11 -07:00
Jeff Atwood e45243924e oops 2016-04-11 02:00:16 -07:00
Jeff Atwood fff03fb7c3 woff and woff2 are all we need for webfonts
on any browser that is remotely modern
2016-04-11 01:37:17 -07:00
Sam Saffron 38983bc977 oops 2016-02-08 09:53:47 +11:00
Sam Saffron b032c63773 FIX: properly defer authentication complete 2016-02-08 08:44:12 +11:00
Robin Ward 6c2dee29a8 UX: Upgrade Font Awesome to 4.5.0 2015-12-10 17:19:23 -05:00
Robin Ward 8ba7c06b7d Merge pull request #3735 from riking/patch-4
FIX: Discourse.BaseUri should not default to /
2015-11-06 14:52:19 -05:00
Sam b6c2aa13e6 clean up implementation of non frame login / registration 2015-10-13 14:49:09 +11:00
Sam 45ab42dea9 UX: upgrade font awesome to 4.4 2015-09-21 12:46:58 +10:00
Kane York aca70805f1 FIX: Discourse.BaseUri should not default to / 2015-09-10 17:34:08 -07:00
Robin Ward 707c493e3c FIX: When changing colors, refresh the admin stylesheet 2015-08-18 14:13:40 -04:00
Robin Ward 22844b9e46 Ember 1.12 support 2015-08-13 11:14:16 -04:00
Robin Ward 59cdde330f Raise errors in development mode on deprecation
We've had quite some time to find the deprecation errors in Ember and
most should be fixed. It is time to turn up the difficulty, which will
raise exceptions in development/test mode if a deprecation is present.
This will force developers to fix them as they encounter them.
2015-08-04 13:23:42 -04:00
Robin Ward 9911e92e24 Merge pull request #3609 from riking/patch-7
FEATURE: Localization fallbacks
2015-07-30 10:44:29 -04:00
Sam 6d9674278e UX: remove zocial and use font awesome instead
UX: use github logo for github login
2015-07-21 15:47:58 +10:00
Kane York 728845d008 FEATURE: Localization fallbacks (client)
This patch sets I18n.defaultLocale in the Discourse.start() script block (it
was formerly always 'en') to SiteSetting.default_locale, and patches
translate() to perform fallback to defaultLocale followed by english.
Additionally, when enable_verbose_localization() is called, no fallbacks will
be performed.

It also memoizes the file loading operations in JsLocaleHelper and strips out
translations from the fallbacks that are also present in a prefered language,
to minimize file size.
2015-07-15 10:17:28 -07:00
Sam 24102f2636 FIX: apply s3 cdn to client side assets 2015-05-27 12:59:51 +10:00
Sam 45bdd23689 FEATURE: support user local switching to RTL correctly
FEATURE: support RTL in multisite
2015-05-20 15:56:54 +10:00
Robin Ward 8294205f7c Ember 1.11 broken WIP 2015-05-11 11:18:37 -04:00
Robin Ward 65bfa574ce Add `userId` to GA tracking 2015-04-07 13:10:33 -04:00
Sam 5d31290dbc FIX: cleanup old letter avatars if needed
FEATURE: use image magick version as a key for letter avatars
2015-04-07 13:03:43 +10:00
Régis Hanol 9633cfeae1 bump font cache 2015-03-27 16:33:15 +01:00
Régis Hanol 4d58db2b09 also remove zocial svg font 2015-03-27 15:33:03 +01:00
Régis Hanol 8bbc742247 remove svg version of font-awesome 2015-03-27 13:42:30 +01:00
Régis Hanol d9606bef9d update font-awesome to 4.3.0 2015-03-27 13:08:58 +01:00
Sam a82530012a FEATURE: Allow selection of highlight js languages
PERF: stop loading highlight js on load

To get latest highlight js run bin/rake highlightjs:update
2015-03-13 16:18:59 +11:00
Robin Ward de4e4f2b98 Replace $LAB with path aware `loadScript` that uses jQuery 2015-03-09 14:39:39 -04:00
Régis Hanol 1b2381d5a0 FIX: only remove custom CSS in admin on first load 2015-03-02 23:31:04 +01:00
Régis Hanol 521d3de10d revert: ⬆️ update font-awesome 2015-02-05 17:26:18 +01:00
Régis Hanol 4ac82f45bf FIX: force font-awesome update 2015-02-05 14:25:27 +01:00
Sam f23eb475a4 FEATURE: remove override stylesheet option, too confusing 2014-12-23 13:03:48 +11:00
Régis Hanol 45dbdb6896 FEATURE: custom emojis 2014-12-23 01:12:26 +01:00
lidlanca 33e1790408 stripping port information from Discourse.BaseUrl
Port information if presented in Discourse.BaseUrl may break user avatar URL in the template generation.

https://github.com/discourse/discourse/edit/master/app/assets/javascripts/discourse/models/user.js
avatarTemplate()

In the future there should be a way to reference baseUrl with or without port information
2014-09-12 16:29:17 -04:00
Robin Ward 39c7101c4b TWEAK: Remove `TransitionAborted` exceptions from logging. They are
apparently normal when you abort a router transition and can be ignored.
2014-08-07 16:52:31 -04:00
M Smart 0d9e2b5df5 Move the scripts helper into a better place. 2014-07-22 20:14:57 -04:00
M Smart ec280913b2 Enumerate deferred scripts with a sprockets helper 2014-07-22 19:46:43 -04:00
Sam 5477325376 FIX: should use "script" to allow cdn 2014-07-14 08:47:06 +10:00
Sam 9157f51618 FEATURE: upgrade font awesome to head 2014-07-03 17:58:12 +10:00
Sam fa6f22dd39 Move letter avatars out of upload system
FIX: S3 issues around system avatars
FIX: reduced backup file size
2014-05-30 14:45:55 +10:00
Sam 7fbf162666 Logster update
cleans up a bunch of messed up context stuff with multisite
improves backtraces
adds request params
2014-05-25 13:54:52 +10:00
Robin Ward 5e07d18069 FIX: Don't track pageView on initial load. Let the router signal that. 2014-05-21 14:04:08 -04:00
Neil Lalonde c4d3aa3d47 Theming: a UI to choose some base colors that are applied to all the site css. CSS compiled outside of asset pipeline. 2014-05-14 10:18:12 -04:00
Régis Hanol 978fb7ff96 Merge pull request #2328 from ligthyear/better-debugging-of-promises-in-dev
Log the actual promise object instead of a useless name
2014-05-09 11:25:44 +02:00
Benjamin Kampmann 41f1c70fe4 Log the actual promise object instead of a useless name
- console.log has support for objects including introspection, use this
 - instead of logging useless names
2014-05-09 11:16:56 +02:00
Robin Ward f50039b48b Support 404 routes in the Ember App 2014-04-29 15:29:13 -04:00
Robin Ward fc65bc28be FIX: Use the container to register Discourse's custom location handler 2014-04-17 10:45:06 -04:00
Vikhyat Korrapati 33307a50b3 Get rid of plugins.css, inject it using DiscourseSassImporter. 2014-04-09 19:42:43 +05:30
Benjamin Kampmann d22df7731d Allow plugins to ship custom styles only for mobile
- adds another :mobile-flag to register_assets
- adds test for plugin registering of assets
- load plugins when on desktop and plugins_mobile when on mobile
2014-04-07 16:33:35 +02:00
Vikhyat Korrapati ef99ab59a5 Allow importing Discourse styles in custom stylesheets to modify vars. 2014-04-01 23:04:50 +05:30
Régis Hanol 77a8a4083a Revert "Merge pull request #2125 from vikhyat/css-variables"
This reverts commit b537de3ca5, reversing
changes made to b925827e5b.
2014-04-01 16:24:29 +02:00
Vikhyat Korrapati ddd1dfe896 Allow importing Discourse styles in custom stylesheets to modify vars. 2014-04-01 15:25:43 +05:30
Robin Ward 14f075e812 Missing semicolon; 2014-02-11 14:57:14 -05:00
Robin Ward fc36a87e72 FIX: Invalid ruby code for universal google analytics 2014-01-30 15:45:24 -05:00
Eric Carlson bc033283c6 Google Universal Analytics 2014-01-25 17:42:25 -07:00
Sam a247389d4e FEATURE: automatically update site to latest version of assets
if a user neglects to move around the site it will prompt to do so 2 hours in
2014-01-15 12:08:35 +11:00
Sam fd95dbe75a FEATURE: Automatically force a full refresh between pages if assets change 2014-01-15 12:08:35 +11:00
Neil Lalonde 1f0a59584b Revert "Re-apply with fixes: Stop using user agent to detect mobile devices. Use a media query and yepnope to load the appropriate css and customizations." 2013-12-18 14:47:22 -05:00
Neil Lalonde 58e5d532c5 Revert "Got rid of buggy yepnope spaghetti, however mobile detection really should be driven from the server." 2013-12-18 14:47:12 -05:00
Sam 8ccab6d140 Got rid of buggy yepnope spaghetti, however mobile detection really should be driven from the server. 2013-12-13 15:17:05 +11:00
Neil Lalonde 5171a23a9c Re-apply with fixes: Stop using user agent to detect mobile devices. Use a media query and yepnope to load the appropriate css and customizations. 2013-12-11 11:19:22 -05:00
Neil Lalonde ed3d3ae1e1 Upgrade font-awesome to version 4 2013-12-11 10:31:09 -05:00
Neil Lalonde 2596f7dec2 Revert "Stop using user agent to detect mobile devices. Use a media query and yepnope to load the appropriate css and customizations." 2013-12-09 16:28:11 -05:00
Neil Lalonde ca5d4d5e54 Stop using user agent to detect mobile devices. Use a media query and yepnope to load the appropriate css and customizations. 2013-12-09 13:28:42 -05:00
Neil Lalonde e3660e59b4 Strip http(s) from SiteSetting.ga_domain_name 2013-12-06 11:46:52 -05:00
Neil Lalonde 7bbb32bac2 Fix javascript_include_tag for browser-update so it includes MD5. Needed to add .js extension for some reason. 2013-12-02 15:57:23 -05:00