Discource-C/discourse
1
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-08 04:18:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
30,122 Commits 211 Branches 505 Tags
Commit Graph

6035 Commits

Author SHA1 Message Date
Rafael dos Santos Silva
2450f178ca FEATURE: Allow admins to control PWA display mode per user agent 2018-10-26 13:47:22 -03:00
Joffrey JAFFEUX
b2585524a9
FEATURE: adds a most disagreed flaggers report 2018-10-26 15:59:04 +02:00
Kyle Zhao
a6eca28ec6
CSP - extract all other inline JavaScripts (#6528) 
* wizard page inline js

* print topic inline js

* drop JS for preventing double submission

this is the default behavior with Rails' UJS `disable_with` helper

* omniauth complete redirect JS

* account activate inline js
 2018-10-25 09:52:01 -04:00
Bianca Nenciu
6a3767cde7 FEATURE: Warn users via email about suspicious logins. (#6520) 
* FEATURE: Warn users via email about suspicious logins.

* DEV: Move suspicious login check to a job.
 2018-10-25 09:45:31 +00:00
Jeff Atwood
54e025225d minor copyedit 2018-10-24 16:22:29 -07:00
Sam Saffron
64aca0dc1b FIX: remove duplicate referrer policy 
Rails already ships with strict-origin-when-cross-origin, no need
to also add no-referrer-when-downgrade

see: https://meta.discourse.org/t/harden-referrer-policy-header/100172
 2018-10-24 08:38:39 +11:00
Kyle Zhao
e9a971a2b6
FEATURE: [Experimental] Content Security Policy (#6514) 
do not register new MIME type, parse raw body instead
 2018-10-22 13:22:23 -04:00
Régis Hanol
3e232412e3 UX: show error when hitting the rate limit on password reset 2018-10-22 19:00:30 +02:00
Rafael dos Santos Silva
db26fe1527 FIX: Proper naming for the GNU/Linux OS 2018-10-22 13:34:01 -03:00
Bianca Nenciu
99b43f281b FIX: Fix browser detection for Microsoft Edge. (#6516) 
cool!
 2018-10-22 23:15:41 +11:00
David Taylor
37b7afa522 FIX: Sanitize tags before creation 2018-10-22 10:53:42 +01:00
Arpit Jalan
ce0a51665e FIX: count emoji shortcuts in topic title 
https://meta.discourse.org/t/max-emojis-in-title-set-to-0-conflicting-with-emoji-shortcuts/98368/3?u=techapj
 2018-10-22 13:44:05 +05:30
Kyle Zhao
dca830cb73 Revert "FEATURE: [Experimental] Content Security Policy (#6504)" 
This reverts commit fb8231077a07fe9b3bcdce150c6615b1897166c7.
 2018-10-19 11:53:29 -04:00
David Taylor
0dd717e641 Revert "FIX: Sanitize tags before creation" 
This reverts commit 18ae8de9e5f8d04f32bf2f0781bfaf6ab833e2c9.
 2018-10-19 15:49:05 +01:00
David Taylor
18ae8de9e5 FIX: Sanitize tags before creation 2018-10-19 15:43:31 +01:00
Kyle Zhao
fb8231077a
FEATURE: [Experimental] Content Security Policy (#6504) 2018-10-19 10:39:22 -04:00
Bianca Nenciu
b69652278f FEATURE: Add Wiki Editor badge. (#6511) 2018-10-19 15:30:27 +02:00
Bianca Nenciu
f60b10d090 UX: Warn users if the post that's currently edited has changed. (#6498) 2018-10-17 15:35:32 +02:00
Jeff Atwood
0db3e27ce4 remove windows phone references, it is ☠ 2018-10-16 15:11:24 -07:00
Davide Porrovecchio
005e1f5373 Add Cache-Control header to CORS (#6490) 2018-10-16 10:46:55 +11:00
Kyle Zhao
99d1ded3b3
rename route /javascripts to /theme-javascripts (#6495) 2018-10-15 11:32:52 -04:00
Maja Komel
c104256991 FIX: SSO provider secrets - check wildcard domains last, toggle secrets visibility 2018-10-15 16:18:29 +02:00
David Taylor
7ac08f936e
FEATURE: Upload tags from CSV (#6484) 2018-10-15 09:12:54 +01:00
Maja Komel
27e732a58d FEATURE: allow multiple secrets for Discourse SSO provider 
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.

This allows for better auditing of the SSO provider feature
 2018-10-15 16:03:53 +11:00
Kyle Zhao
6acdea37c4 DEV: extract inline js when baking theme fields (#6447) 
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields

This work is needed to support CSP work
 2018-10-15 15:55:23 +11:00
Joe
2acb885c72 FEATURE: fullscreen composer mode on desktop 
Adds keyboard shortcut and icon that allows expanding composer to full screen.
 2018-10-15 13:59:49 +11:00
Guo Xiang Tan
84d4c81a26 FEATURE: Support backup uploads/downloads directly to/from S3. 
This reverts commit 3c59106bac4d79f39981bda3ff9db7786c1a78a0.
 2018-10-15 09:43:31 +08:00
Neil Lalonde
af39624d19 Update translations 2018-10-12 10:40:25 -04:00
Neil Lalonde
12f132736b FIX: error looking at users in admin when tl3_promotion_min_duration is set to a very high value 2018-10-11 15:11:48 -04:00
Jeff Wong
b5b382dcd6 Feature: add boxes with subcategories option for desktop categories page (#6471) 
* Feature: add boxes with subcategories option for desktop categories page

* only add subclass div when subclasses exist
 2018-10-11 15:59:37 +08:00
Guo Xiang Tan
3c59106bac Revert "FEATURE: Support backup uploads/downloads directly to/from S3." 
This reverts commit c29a4dddc1694e2805944f4d5fd0f4fd4514092e.

We're doing a beta bump soon so un-revert this after that is done.
 2018-10-11 11:08:23 +08:00
Gerhard Schlager
c29a4dddc1 FEATURE: Support backup uploads/downloads directly to/from S3. 2018-10-11 10:38:43 +08:00
Robin Ward
a566ed42ae FEATURE: Option to disable user presence and profile 
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
 2018-10-10 17:34:33 -04:00
Joshua Rosenfeld
fd48ba10b8
Add quotes to site setting HTML links 2018-10-10 16:53:02 -04:00
Joshua Rosenfeld
51029e3884
Revert sendgrid URL change 
per 2ded524b5a
 2018-10-10 09:00:39 -04:00
Joshua Rosenfeld
18e99ddfa9 Link to social login instructions in site settings 2018-10-10 08:46:48 -04:00
Joshua Rosenfeld
cd2b8d40f1 Properly link to URLs in site settings 2018-10-10 08:46:03 -04:00
Joshua Rosenfeld
d35bce96ab Use https:// when possible 2018-10-10 07:11:58 -04:00
Joshua Rosenfeld
3d8b063c83
Update test_mailer to minimize URL redirects 2018-10-10 06:16:33 -04:00
Bianca Nenciu
1d26a473e7 FEATURE: Show "Recently used devices" in user preferences (#6335) 
* FEATURE: Added MaxMindDb to resolve IP information.

* FEATURE: Added browser detection based on user agent.

* FEATURE: Added recently used devices in user preferences.

* DEV: Added acceptance test for recently used devices.

* UX: Do not show 'Show more' button if there aren't more tokens.

* DEV: Fix unit tests.

* DEV: Make changes after code review.

* Add more detailed unit tests.

* Improve logging messages.

* Minor coding style fixes.

* DEV: Use DropdownSelectBoxComponent and run Prettier.

* DEV: Fix unit tests.
 2018-10-09 22:21:41 +08:00
Penar Musaraj
47f19adac8 Remove old bookmark strings 2018-10-09 09:31:08 -04:00
Vinoth Kannan
ac034a6b2c copyedit on branch field help text 2018-10-09 11:56:51 +05:30
Erin Kosewic
51aba32651 FEATURE: add branch option to remote theme import 
* FEATURE: add branch option to remote theme import

* FIX: Add missing variable in params

* FIX: Add missing param for import_theme method

* SPEC: Add test methods for branch support in git import

* FIX: Add missing space to scss style

* Do not assume default branch as master

* Change branch field placeholder

* FIX: add missing div start tag
 2018-10-09 17:01:08 +11:00
Kyle Zhao
acba7d2a5d Extract discourse_javascript.html.erb to a scrip include 
* extract omniauth auth complete inline JS

* extract Ember error logging inline JS

* transpile `authentication-complete`

This is CSP related work
 2018-10-09 16:50:45 +11:00
Guo Xiang Tan
1c9b5e75e7 DEV: Support post deployment migrations for plugins. 2018-10-09 13:11:45 +08:00
Jeff Wong
e55f220b33 add category style boxes with featured topics option 2018-10-08 16:19:54 -07:00
Gerhard Schlager
97ad9e9d9b UX: Prompt for custom invite message was hard to translate 2018-10-08 18:01:21 +02:00
Guo Xiang Tan
40fa96777d
FEATURE: Post deployment migrations. (#6406) 
This moves us away from the delayed drops pattern which
was problematic on two counts. First, it uses a hardcoded "delay for"
duration which may be too short for certain deployment strategies.
Second, delayed drop doesn't ensure that it only runs after
the latest application code has been deployed. If the migration runs
and the application code fails to deploy, running the migration after
"delay for" has been met will cause the application to blow up.

The new strategy allows post deployment migrations to be skipped if the
env `SKIP_POST_DEPLOYMENT_MIGRATIONS` is provided.

```
SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
-> deploy app servers
SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
```

To aid with the generation of a post deployment migration, a generator
has been added. Simply run `rails generate post_migration`.
 2018-10-08 15:47:38 +08:00
Jeff Atwood
3b6a525e5b minor copyedit for bookmarks 2018-10-07 04:17:59 -07:00
Arpit Jalan
2a94bf9dfb UX: change staff actions logs user label 2018-10-06 13:54:46 +05:30