Guo Xiang Tan
0290619669
Merge pull request #4443 from tgxworld/security_escape_input
...
SECUIRTY: Escape input made to system calls.
2016-09-16 12:09:27 +08:00
Guo Xiang Tan
512922d776
SECURITY: Add filename validation for backup uploads.
2016-09-16 11:58:14 +08:00
Guo Xiang Tan
f63a797e39
SECUIRTY: Escape input made to system calls.
2016-09-16 11:58:14 +08:00
Guo Xiang Tan
8f36290c05
FIX: No need to list all the files.
2016-09-16 11:57:35 +08:00
Sam
e6fcaadd45
FIX: redirects back to origin for SSO and omniauth login
2016-09-16 13:48:50 +10:00
Sam
2f8c14fef1
FEATURE: allow write user api keys by default
...
app needs to write data regarding notifications and set read status etc
default allow.
2016-09-16 12:27:53 +10:00
Sam
25a82e7d22
PERF: only publish notification state if we changed it
...
also publish seen_notification_id so we can tell what is new and what is old
cleanup controller so it correctly checks user
fix bug around clearing notification when people click mark read
2016-09-16 12:02:19 +10:00
Sam
33578a2c17
FIX: always import avatars during SSO if they are missing
2016-09-16 09:45:00 +10:00
Neil Lalonde
b9801d2e26
UX: add text near group flair settings explaining that flair only shows for a user's primary group
2016-09-15 17:39:47 -04:00
Neil Lalonde
a74781fbbc
fix jslint error
2016-09-15 16:50:23 -04:00
Neil Lalonde
d0ebde9d84
don't try to render flair if there's no primary group
2016-09-15 16:26:58 -04:00
Neil Lalonde
e3e15182df
FEATURE: avatar flair on user cards
2016-09-15 16:15:18 -04:00
Robin Ward
cd571b26ba
FIX: Allow Safe Redirections in Topic Embedding
2016-09-15 13:56:59 -04:00
Guo Xiang Tan
596fcfeb58
FIX: Set formatter for original Rails logger.
2016-09-15 23:51:22 +08:00
Arpit Jalan
5dbd6a304b
add search-container class to search page
2016-09-15 13:46:22 +05:30
Guo Xiang Tan
baacb30ba1
FIX: Incorrect folder.
2016-09-15 15:20:07 +08:00
Guo Xiang Tan
b0752b1f91
FIX: Don't bypass validations.
2016-09-15 10:15:17 +08:00
Sam
fe7883eeea
UX: don't allow user scaling in mobile view
...
on iOS 10 behavior of zoom restriction has changed.
This does not disable zooming on iOS 10 but it DOES stop it from randomly
zooming when you are composing
2016-09-15 07:36:16 +10:00
Arpit Jalan
92e716a1fd
fix vbulletin import script
2016-09-14 08:15:48 +05:30
Neil Lalonde
8087cca54d
Version bump to v1.7.0.beta4
2016-09-13 12:23:51 -04:00
Arpit Jalan
1a87960454
Update Translations
2016-09-13 21:21:19 +05:30
Robin Ward
aa7c735d34
FIX: Improve selecting text over line breaks
2016-09-13 11:36:17 -04:00
Arpit Jalan
e46204d195
FIX: allow long words if they contain periods
2016-09-13 09:15:05 +05:30
Robin Ward
2c9a47dda5
FIX: Validate the raw content of posts before enqueuing them
2016-09-12 12:26:49 -04:00
Neil Lalonde
06eb256d0a
FIX: blocking users should never hide all posts if they are trust level 1 or higher
2016-09-12 11:58:10 -04:00
Sam
2d859ba0ed
FIX: user api should always be available to staff
2016-09-12 15:42:06 +10:00
Neil Lalonde
b381d84dd9
FIX: tag search should not be case sensitive
2016-09-09 16:55:26 -04:00
Robin Ward
e78b7a243e
FIX: Don't enqueue posts if the user can't create them (ex: closed)
2016-09-09 12:15:56 -04:00
Robin Ward
1f5325e3f0
FIX: Only validate uploaded URLs if they change
2016-09-08 12:06:18 -04:00
Arpit Jalan
ed0b355e15
generalize permalink URL in GetSatisfaction import script
2016-09-08 15:01:40 +05:30
Arpit Jalan
bade41db42
improve GetSatisfaction import script
2016-09-08 14:57:20 +05:30
Arpit Jalan
19ddf95efa
FIX: add custom invite email templates
2016-09-08 00:54:48 +05:30
Robin Ward
9609a47016
Ability to skip email validation via a plugin
2016-09-07 14:05:46 -04:00
timur
aeae63a56a
Change reverse.each
...
Change on reverse_each because reverse_each loops in reverse order (no
intermediate array created).
2016-09-07 14:57:31 +08:00
Robin Ward
610dd933a3
FEATURE: Support importing email from Twitter
2016-09-06 12:18:13 -04:00
Robin Ward
acaac02673
Merge pull request #4423 from SafaAlfulaij/arabic_client_plural_rules
...
Add Arabic Pluralization Rules for Client
2016-09-06 11:22:21 -04:00
Guo Xiang Tan
f69f225f65
FIX: Don't prevent unicorn worker from starting if warmup fails.
2016-09-06 14:02:08 +08:00
Matt Palmer
51854e56ac
Don't hide e-mail in settings behind email-in plugins
2016-09-06 14:23:43 +10:00
Guo Xiang Tan
0fbb949af5
Merge pull request #4432 from tgxworld/migrate_upload_scheme_to_scheduled_job
...
FIX: Make `Jobs::MigrateUploadScheme` a scheduled job.
2016-09-06 08:39:27 +08:00
Guo Xiang Tan
35bc0c943f
More randomly failing specs fixes.
2016-09-05 19:33:03 +08:00
Guo Xiang Tan
1b2b142f30
FIX: Post without a topic can be destroyed.
2016-09-05 19:00:49 +08:00
Guo Xiang Tan
52c70f8b45
Merge pull request #4426 from tgxworld/gsoc_webhooks
...
Gsoc webhooks
2016-09-05 18:46:03 +08:00
Erick Guan
9ce61b4586
FEATURE: Webhooks.
2016-09-05 18:44:00 +08:00
Guo Xiang Tan
1f70fc9e11
Make sure we reset global in specs.
2016-09-05 18:18:14 +08:00
Arpit Jalan
87e84756f0
improve Ning import script
2016-09-05 15:27:03 +05:30
Guo Xiang Tan
31d900f7e7
Fix build.
2016-09-05 17:03:41 +08:00
Guo Xiang Tan
aa1f306894
Properly clean up plugin event in specs..
2016-09-05 16:10:03 +08:00
Guo Xiang Tan
aabb7a8592
FIX: DiscourseEvent should not be triggered from within the controller.
2016-09-05 15:58:04 +08:00
Guo Xiang Tan
ec90655c41
FIX: Clean up specs properly.
2016-09-05 15:48:59 +08:00
Guo Xiang Tan
aa9decf6fd
Remove `DiscourseEvent.clear`.
2016-09-05 15:17:49 +08:00