Commit Graph

112 Commits

Author SHA1 Message Date
Guo Xiang Tan ad5082d969 Make rubocop happy again. 2018-06-07 13:28:18 +08:00
Régis Hanol 3c8b43bb01 FIX: non-oneboxed links on separate lines should stay on separate lines 2018-04-11 21:33:45 +02:00
Vinoth Kannan 58bb3967e5 SECURITY: Oneboxer should escape the URL before processing 2018-03-15 19:57:55 +05:30
Régis Hanol 3be0294465 FIX: local post onebox was always pointing to 1st post 2018-02-26 16:05:35 +01:00
Régis Hanol 7d7f6faf40 FIX: properly render emojis in local oneboxes 2018-02-26 11:16:53 +01:00
Régis Hanol 0799831dbe FIX: use the avatar of the post rather than the topic in local oneboxes 2018-02-20 19:49:39 +01:00
Régis Hanol 60ec483caa FIX: include title in local onebox when linking to a different topic 2018-02-19 22:40:14 +01:00
Régis Hanol 93b1829f04 tiny refactor 2018-02-16 11:21:11 +01:00
Sam cda3f72ab8 SECURITY: don't onebox whispers 2018-02-16 08:57:20 +11:00
Sam 57e140dc07 FIX: oneboxing to private messages 2018-02-16 08:00:22 +11:00
Régis Hanol 8e0da35857 FIX: allow local oneboxes to public topics/posts in PM 2018-02-15 18:14:41 +01:00
Sam f028ffaf29 SECURITY: correct local onebox category checks
Also removes ugly "source_topic_id" from cooked posts

Patch was authored by @zogstrip

Signed-off-by: Sam <sam.saffron@gmail.com>
2018-02-14 10:40:46 +11:00
Régis Hanol 8e55400392 FIX: add 'SiteSetting.port' to 'Onebox.allowed_ports' in development mode 2017-12-18 18:31:41 +01:00
Joffrey JAFFEUX 6cd8203686 FIX: allows onebox to force GET hosts returning wrong headers on HEAD 2017-08-08 11:44:27 +02:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Blake Erickson 6fc5ece628 FIX: onebox for dropbox video links not working
add dropbox to the list of ignore redirects for onebox links
2017-07-26 14:37:54 -06:00
Régis Hanol 9e03fae26c FIX: internal oneboxing wasn't working when login was required 2017-07-17 17:33:10 +02:00
Robin Ward db485ae0da FIX: Support for skipping redirects on certain domains (like steam) 2017-06-26 15:38:43 -04:00
Robin Ward 0de5d01d79 FIX: Onebox wasn't using correct uri 2017-06-06 16:39:15 -04:00
Robin Ward 369bb78f8e FIX: Support for cookies in onebox redirects 2017-06-06 15:02:11 -04:00
Robin Ward 4c690f7089 Use `FinalDestination` to ensure public redirects for onebox 2017-05-22 16:42:49 -04:00
David McClure b188c30925 FIX: Import scripts were failing to load onebox sanitize config 2017-02-25 09:27:42 -08:00
Régis Hanol ba115480ba FIX: wasn't extracting links to quoted posts 2017-02-06 14:45:04 +01:00
Guo Xiang Tan d10fe51b72 Fix broken specs since all urls will be oneboxed. 2017-01-06 10:05:51 +08:00
Régis Hanol b12b2b1911 change onebox preview key for me consistency 2016-12-20 11:18:47 +01:00
Régis Hanol 52cd9972bb FIX: prevent DDoS with lots of _oneboxable_ links
FIX: ensure the onebox route is only allowed to logged in users
FIX: only allow 1 outgoing onebox preview per user
FIX: client should only do 1 preview at a time
2016-12-20 00:31:10 +01:00
Régis Hanol a655e4b092 ensure we allow self oneboxing of login required sites 2016-11-03 22:48:32 +01:00
Régis Hanol 08d53b32ca let's try loading onebox engines this way 2016-10-25 01:25:44 +02:00
Régis Hanol 3841cd9a7f FEATURE: onebox everything by default
FEATURE: new 'max_oneboxes_per_post' site setting
FEATURE: change onebox whitelist to a blacklist
PERF: debounce the loading of oneboxes
PERF: improve perf of mention links in preview
FIX: sort loading of custom oneboxer
2016-10-24 12:46:22 +02:00
Robin Ward 0396b14b70
FEATURE: New "First Onebox" badge 2016-04-12 15:31:14 -04:00
Arpit Jalan f38abbe279 FIX: onebox links should respect nofollow settings 2015-12-04 01:59:12 +05:30
Sam 57870b970d correct hack and move to oneboxer 2015-09-25 20:14:53 +10:00
Sam 18a8853181 FIX: don't crash out searching for parent in oneboxer 2015-09-22 12:42:13 +10:00
Sam 88a5a676a7 lower error level on onebox failures 2015-08-24 10:43:07 +10:00
riking 5657006aca Rename handle_exception to handle_job_exception 2015-02-09 12:47:46 -08:00
riking d90404e830 Change 'code' to 'message' 2014-07-17 15:19:58 -07:00
Robin Ward fc20332c0f Lift all oneboxes out of `<p>` tags. 2014-07-04 16:09:51 -04:00
Robin Ward 7bb33c28c2 Add new `max_width` feature for oneboxes. Allows vimeo oneboxes to not
look like total garbage.
2014-06-05 13:18:18 -04:00
Sam 0bc3525b10 BUGFIX: more robust onebox implementation 2014-05-28 17:15:10 +10:00
Robin Ward b0405d7cfa Adds a Site Setting to whitelist onebox domains 2014-04-09 16:57:45 -04:00
Sam 239bcd19df BUGFIX: protect ourselved against rogue onebox gem 2014-04-01 15:29:14 +11:00
Sam 00a46253ae BUGFIX: Don't resolve oneboxes when cooking
Defer to post save job
2014-03-18 15:22:53 +11:00
Robin Ward cd7ef6b49a Revert "FIX: Bunch of Onebox issues"
This reverts commit ccbe671e4a.
2014-02-25 13:35:08 -05:00
Robin Ward ccbe671e4a FIX: Bunch of Onebox issues 2014-02-25 13:29:05 -05:00
Neil Lalonde d343e9f360 Add DiscourseLocalOnebox 2014-01-29 14:14:07 -05:00
Robin Ward e453bfa073 Work in progress: Swap out onebox code for onebox gem 2014-01-29 14:14:07 -05:00
Neil Lalonde 86647f0a54 Add ScreenedUrl. Rename BlockedEmail to ScreenedEmail. 2013-08-14 16:08:23 -04:00
Sam e4a76812a6 this is a slightly round about way of making our self oneboxes sane
shrunk avatar to 60px, added global whitelisting
2013-05-01 16:38:13 +10:00
Sam Saffron 94a578e4b2 ignore assets
fix runner so it works on mac
get rid of some test warnings
2013-04-30 12:43:59 +10:00
Sam 33e3ad1603 clean up onebox application so it uses a single code path
use fragments for oneboxes
strip parent <p> if <div> is in it
clean some tests
2013-04-10 17:52:38 +10:00
Robin Ward ee5213be5f Fixes regression with video embeds 2013-03-21 20:53:12 -04:00
Robin Ward babcfe6234 Cache oneboxes in Redis now instead of postgres. 2013-03-21 13:11:54 -04:00
Robin Ward 9d4ecd7ef8 Oneboxes should use a sorted array for ordering, not a hash. 2013-03-21 11:47:01 -04:00
Robin Ward 1221c393a3 Merge branch 'whitespace-cleanese' of git://github.com/goshakkk/discourse
Conflicts:
	lib/oneboxer.rb
	lib/oneboxer/whitelist.rb
	spec/controllers/robots_txt_controller_spec.rb
2013-02-26 10:42:49 -05:00
Gosha Arinich cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
tms 2e230d2661 Be more selective about when we allow oembed discovery 2013-02-25 20:48:17 -05:00
Robin Ward ba238f92c2 Revert "Merge branch 'onebox-safety' of git://github.com/tms/discourse"
This reverts commit 7ca57db97a, reversing
changes made to b7e027cfd1.
2013-02-19 14:22:13 -05:00
tms 6d06420583 Be more selective about when we allow oembed discovery 2013-02-19 11:46:36 -05:00
tms 702fbcdfa8 Oneboxes shouldn't explode when the remote causes an HTTPError 2013-02-17 04:10:17 -05:00
Jaime Iniesta 6995e75d41 Replace Hpricot with Nokogiri 2013-02-14 11:35:50 +01:00
Sam Saffron 0f88947279 fix onebox for your own site 2013-02-06 16:22:11 +11:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00