Bianca Nenciu
37fa7775f1
FIX: Fix order of recently connected devices. ( #6517 )
2018-10-22 17:30:23 +00:00
Kyle Zhao
e9a971a2b6
FEATURE: [Experimental] Content Security Policy ( #6514 )
...
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
Jeff Wong
ec2613699f
Change box category view to use flexbox
2018-10-22 10:15:31 -07:00
Régis Hanol
b9261588f9
make the code prettier
2018-10-22 19:07:41 +02:00
Régis Hanol
3e232412e3
UX: show error when hitting the rate limit on password reset
2018-10-22 19:00:30 +02:00
David Taylor
3377f26eba
FIX: Clean tag before searching for matches
2018-10-22 11:09:06 +01:00
David Taylor
37b7afa522
FIX: Sanitize tags before creation
2018-10-22 10:53:42 +01:00
Kyle Zhao
dca830cb73
Revert "FEATURE: [Experimental] Content Security Policy ( #6504 )"
...
This reverts commit fb8231077a
.
2018-10-19 11:53:29 -04:00
Kris
b35c8fb336
Add offset to topic footer admin menu, to avoid header overlap
2018-10-19 11:30:11 -04:00
David Taylor
0dd717e641
Revert "FIX: Sanitize tags before creation"
...
This reverts commit 18ae8de9e5
.
2018-10-19 15:49:05 +01:00
David Taylor
18ae8de9e5
FIX: Sanitize tags before creation
2018-10-19 15:43:31 +01:00
Kyle Zhao
fb8231077a
FEATURE: [Experimental] Content Security Policy ( #6504 )
2018-10-19 10:39:22 -04:00
Bianca Nenciu
b69652278f
FEATURE: Add Wiki Editor badge. ( #6511 )
2018-10-19 15:30:27 +02:00
David Taylor
7166d7de9a
FIX: Prevent duplicate tags in tag-choosers ( #6512 )
...
* FIX: Prevent duplicate tags in tag-choosers
This reverts 5685b45
, which fixes the duplicate tags problem.
The fix introduced by 5685b45
is re-implemented on the server.
2018-10-19 13:44:43 +01:00
Joffrey JAFFEUX
5f86564da1
FEATURE: adds latest to user-api-key session scope
2018-10-19 09:54:06 +02:00
Sam
9bfc939692
cleanup so gravatar download failures are consistent
...
previously we would ignore socket error, but this would mean that
there could be conditions where we would keep trying to download
gravatars forever (in an hourly job)
2018-10-19 12:51:55 +11:00
Angus McLeod
85ef8e5a9f
auto is not a valid value for min/max height ( #6509 )
2018-10-18 21:33:45 -04:00
Bianca Nenciu
22ada32d4d
FIX: Strip @ when searching for users and groups. ( #6506 )
2018-10-19 11:56:10 +11:00
Robin Ward
f0af61da41
FIX: User `AvatarLookup` for looking up avatar details ( #6508 )
...
This allows plugins with their own avatar logic to work in the user
summary sections.
2018-10-18 15:49:34 -04:00
Blake Erickson
93485facaf
FIX: lowercase username for add/rem group members
...
This fix searches for users based on the downcased username so that if
you pass in usernames to add/remove from a group and you don't have the
casing just right it will still find the correct users.
I updated the tests to add a username that has a mix of upper and
lowercase letters to verify this functionality.
2018-10-18 13:17:24 -06:00
Régis Hanol
3973823a33
FIX: always update 'last_gravatar_download_attempt' when updating gravatar
2018-10-18 11:02:54 +02:00
Kyle Zhao
0f1afad6da
FIX: extracted theme JavaScripts for multisite ( #6502 )
...
* FIX: extracted theme javascripts for multisite
* onceoff to rebake all theme fields
2018-10-18 17:05:34 +11:00
Guo Xiang Tan
22408f93c9
FIX: Wrap custom fields database statements in a transaction.
...
Kind of strange that we don't do it because a database statement
may fail and leave us in a weird state.
2018-10-18 12:23:04 +08:00
Guo Xiang Tan
44eba0bb60
FIX: Don't rescue `PG::UniqueViolation` within a transaction.
...
Also acquire a transaction per link instead of failing when
any of the links can't be processed.
This prevents ActiveRecord from rolling back the transaction
and the next SQL statement sent to PG will fail. This is
however hard to test as it only happens when there are
two competing process trying to process this method at the
same time.
2018-10-18 10:54:30 +08:00
Guto Foletto
0abc932056
add styles so permalinks admin could fit mobile screen ( #6496 )
2018-10-17 17:37:14 +02:00
Bianca Nenciu
f60b10d090
UX: Warn users if the post that's currently edited has changed. ( #6498 )
2018-10-17 15:35:32 +02:00
David Taylor
065bf0762c
FEATURE: New plugin outlets for user card customization
2018-10-17 14:15:48 +01:00
David Taylor
c6f364224e
FEATURE: Allow plugins to whitelist user custom fields for public display ( #6499 )
...
This works exactly the same as `whitelist_staff_user_custom_fields`, but is not limited to staff
2018-10-17 10:33:27 +01:00
Arpit Jalan
42c405a820
FIX: use topic summary for meta description if topic excerpt is blank
2018-10-17 14:13:30 +05:30
Joe
1b5ba899a1
UX: header items wrap on small screens for anon
2018-10-17 14:19:20 +08:00
Joe
5815a33a9a
FIX: closing an empty fullscreen composer with toggler prevents scrolling
2018-10-17 13:52:47 +08:00
Kris
b23ebf10c2
Minor post alignment fixes
2018-10-16 12:39:55 -04:00
Vinoth Kannan
e3c6dd26c4
FIX: Do not set null value to remove cookie
2018-10-16 06:48:54 +05:30
Sam
19d7543004
FIX: clear color scheme cache when clearing theme cache
2018-10-16 12:00:46 +11:00
Vinoth Kannan
08c404e138
FIX: Do not set null value to remove cookie
2018-10-16 06:12:32 +05:30
Sam
8d06731484
FIX: reduce amount of work onceoff does
...
In the past onceoff was forcing inline download of gravatars,
this can be so expensive that it will never finish
This fix ensures it only marks avatars stale which will be picked
up by regular schedules
2018-10-16 10:29:16 +11:00
Kyle Zhao
99d1ded3b3
rename route `/javascripts` to `/theme-javascripts` ( #6495 )
2018-10-15 11:32:52 -04:00
Maja Komel
c104256991
FIX: SSO provider secrets - check wildcard domains last, toggle secrets visibility
2018-10-15 16:18:29 +02:00
Joffrey JAFFEUX
f6eff38c0e
FEATURE: adds list#(unread|new) to user api key routes ( #6494 )
2018-10-15 15:48:35 +02:00
David Taylor
7ac08f936e
FEATURE: Upload tags from CSV ( #6484 )
2018-10-15 09:12:54 +01:00
Sam
4c8fe13500
FIX: remove code that restricted "header" theme field from admin
...
There was some old code that restricted a percentage of a themes code from
admin, only when admin was refreshed, this leads to lots of confusion
Conditional is now removed
2018-10-15 17:29:10 +11:00
Maja Komel
27e732a58d
FEATURE: allow multiple secrets for Discourse SSO provider
...
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.
This allows for better auditing of the SSO provider feature
2018-10-15 16:03:53 +11:00
Kyle Zhao
6acdea37c4
DEV: extract inline js when baking theme fields ( #6447 )
...
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields
This work is needed to support CSP work
2018-10-15 15:55:23 +11:00
Guo Xiang Tan
aa60936115
DEV: Add order to avoid randomly failing test.
2018-10-15 11:42:45 +08:00
Joe
2acb885c72
FEATURE: fullscreen composer mode on desktop
...
Adds keyboard shortcut and icon that allows expanding composer to full screen.
2018-10-15 13:59:49 +11:00
Maja Komel
57b52cd1de
FIX: keep emoji syntax for custom emojis in quotes ( #6488 )
2018-10-15 10:57:15 +08:00
Guo Xiang Tan
84d4c81a26
FEATURE: Support backup uploads/downloads directly to/from S3.
...
This reverts commit 3c59106bac
.
2018-10-15 09:43:31 +08:00
Joe
6a59187ae8
UX: images should be responsive in embedded comments
2018-10-14 23:38:07 +08:00
Robin Ward
2178f7768f
FIX: Don't show empty user stats in the card when profile is hidden
2018-10-12 12:33:27 -04:00
Sam
a1c912b630
Return 400 instead of 404 for bad token
2018-10-12 10:51:41 +11:00