Commit Graph

3334 Commits

Author SHA1 Message Date
Sam 5cc8bb535b SECURITY: do cookie auth rate limiting earlier 2016-08-09 10:02:18 +10:00
Régis Hanol 51322a46b3 FEATURE: retry processing incoming emails on rate limit 2016-08-08 22:28:27 +02:00
Régis Hanol 5c06076b5c FIX: strip blacklisted attachments before checking for empty email body 2016-08-08 22:20:33 +02:00
Matt Palmer aa56100660 Failover messages really aren't warnings
"I'm going to do something entirely sane and reasonable" doesn't warrant a
warning-level log message.  It's perfectly fine and reasonable to just log
that sort of thing at info level.
2016-08-08 16:02:23 +10:00
Guo Xiang Tan 8539f02b5e FIX: Backuper should return the full path. 2016-08-08 07:49:37 +08:00
Neil Lalonde 823a699d41 Version bump to v1.7.0.beta1 2016-08-05 15:18:19 -04:00
Neil Lalonde f10c4682cd FIX: muted tags showing in latest topic list 2016-08-04 11:54:48 -04:00
Guo Xiang Tan 6827239444 Merge pull request #4360 from tgxworld/support_new_pg_dump_format
Changes to backup and restore
2016-08-04 10:58:42 +08:00
Régis Hanol e92f5e4fbf FEATURE: new email attachment blacklists site settings 2016-08-03 17:55:54 +02:00
Régis Hanol 35c13bca6c Merge pull request #4363 from cpradio/version-link-shows-compare
FEATURE: Installed Version link shows GitHub Compare to branch being followed
2016-08-03 16:03:57 +02:00
Régis Hanol 323bd555c0 FIX: process all incoming email's destinations instead of only the first 2016-08-03 15:57:37 +02:00
Régis Hanol b08ab829b8 added 'X-Auto-Response-Suppress' email header (props to elijah) 2016-08-03 11:02:07 +02:00
Guo Xiang Tan adc8336949 Make sure we track restore/backlog success logs as well. 2016-08-03 16:23:47 +08:00
Guo Xiang Tan b860d1b254 FIX: Ensure uploads directory exists. 2016-08-03 16:23:47 +08:00
Guo Xiang Tan 0a942dbc73 FEATURE: Avoid creating an archive for database only backups. 2016-08-03 16:23:46 +08:00
cpradio 1b89c2f0ef FEATURE: Installed Version link shows GitHub Compare to branch being followed 2016-08-02 06:18:44 -04:00
Guo Xiang Tan 3f4f1ee032 Merge pull request #4359 from tgxworld/backward_compatibility_for_backups_and_restores
FIX: Ensure that our restorer is backwards compatible.
2016-08-02 10:45:27 +08:00
Guo Xiang Tan 441b98579a FIX: Ensure that our restorer is backwards compatible. 2016-08-02 09:19:56 +08:00
Régis Hanol ca4c939e9a incoming mail is considered autogenerated when the subject match a list of 'out of office' keywords 2016-08-02 00:04:59 +02:00
Régis Hanol 7d0dc7cb7a FIX: don't create staged user(s) when receiving a bounce (mailer-deamon begone) 2016-08-01 23:37:59 +02:00
Sam 9018de39ed FEATURE: allow shipping bio markdown via SSO
- Also adds site setting for sso_overrides_bio to disable bio editing by end users
2016-08-01 15:29:28 +10:00
Robin Ward 2891f230d1 SECURITY: Make sure uploaded_urls have corresponding upload records 2016-07-28 13:54:17 -04:00
Robin Ward dc1a830d3d SECURITY: SQL Injection in Admin List Active Users 2016-07-28 11:42:06 -04:00
Guo Xiang Tan 36ddb1787e FEATURE: Add toggle topic visibility button in popup menu. 2016-07-28 16:57:04 +08:00
Sam 16a383ea1e SECURITY: limit bad cookie auth attempts
- Also cleans up the _t cookie if it is invalid
2016-07-28 12:58:49 +10:00
Sam ab68e0c9db FEATURE: allow "developer" account flagging via developers table
This mechanism for flagging developer accounts will eventually replace
DISCOURSE_DEVELOPER_EMAILS
2016-07-28 10:14:06 +10:00
Régis Hanol 11172b7c2d FIX: cropping GIF wasn't working 2016-07-27 18:48:02 +02:00
Andre Pereira 8cbd585e20 FEATURE: Allow staff users to merge posts. 2016-07-27 12:04:14 +08:00
Robin Ward 2a4006fe0c Add `YandexBot` to our list of crawlers 2016-07-26 13:21:37 -04:00
Neil Lalonde ce595189ff Version bump to v1.6.0.beta12 2016-07-26 11:49:51 -04:00
Guo Xiang Tan 76e57ddef3 FIX: Log errors in `ensure` block of restorer. 2016-07-26 10:24:01 +08:00
Guo Xiang Tan 03aa13b2bb FEATURE: Work with compressed version of `pg_dump` during backup and restore. 2016-07-26 10:24:01 +08:00
Sam b5fbff947b FIX: don't expire old sessions when logging in 2016-07-26 11:37:41 +10:00
Régis Hanol b0f7e4ba00 FEATURE: deactive users after too many bounces 2016-07-25 18:57:06 +02:00
Régis Hanol 7648916314 new 'reset_bounce_score_after_days' site setting 2016-07-25 17:29:54 +02:00
Régis Hanol d2e22ab215 extract bounce scores into site settings 2016-07-25 17:27:28 +02:00
Régis Hanol 9971e62254 FIX: migrate_from_s3 rake task 2016-07-25 12:12:10 +02:00
Sam e01802a13b FIX: strip quote from search term when searching within topic 2016-07-25 15:06:25 +10:00
Sam c1f62d8657 Revert "make upgrade a bit more seamless"
This reverts commit 78b88a1633.
2016-07-25 12:49:33 +10:00
Sam 78b88a1633 make upgrade a bit more seamless 2016-07-25 12:30:52 +10:00
Sam df535c6346 FEATURE: refresh session cookie at most once an hour
This feature ensures session cookie lifespan is extended
when user is online.

Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Arpit Jalan a9207dafa7 FEATURE: configure session time via site setting for all the users (#4343) 2016-07-23 02:57:30 +05:30
Robin Ward af266acac1 FIX: Plugin Custom emoji weren't working correctly on the server side 2016-07-22 12:59:43 -04:00
Sam 12dc511fea PERF: make score calculator cheaper when site has long topics 2016-07-22 09:48:44 +10:00
Robin Ward c11f7bee99 FIX: Registering emoji via plugin.rb was broken 2016-07-21 14:15:51 -04:00
Neil Lalonde 7c092b0fe0 FEATURE: add filter to show topics that have not been tagged 2016-07-20 16:21:51 -04:00
Guo Xiang Tan 1adfa0a4b5 FEATURE: Add SiteSetting to disable readonly mode during backup. 2016-07-19 17:44:04 +08:00
Sam 1c964bf730 PERF: cache category topic ids 2016-07-19 12:34:54 +10:00
Robin Ward 7d4aed66c7 Email Cooker can onebox posts too 2016-07-18 15:00:12 -04:00
Robin Ward 12cfc8cedd FIX: Email cooker should support links within blockquotes 2016-07-18 14:38:40 -04:00