1f74509a75
FIX: 2FA prompt incorrectly displayed on admin login page.
2018-02-23 11:05:39 +08:00
76a2fc3d07
UX: Add og metadata for groups.
...
https://meta.discourse.org/t/onebox-for-groups/79155
2018-02-22 15:03:41 +08:00
964624f3ab
FIX: No error displayed when 2FA token is invalid on admin login page.
2018-02-22 09:45:57 +08:00
edf326a9a5
Fix incorrect translation.
2018-02-22 08:06:37 +08:00
14f3594f9f
Review Changes for f4f8a293e7.
2018-02-21 14:55:49 +08:00
f4f8a293e7
FEATURE: Implement 2factor login TOTP
...
implemented review items.
Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator
add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests
add qunit tests - password reset, preferences
fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.
Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP
add two factor to email signin link
rate limit if second factor token present
add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
7902296c11
Oops we should register a service worker as long as it is supported.
2018-02-15 15:02:14 +08:00
28365f8ae5
PERF: Have nginx cache and serve the service worker file.
2018-02-15 10:50:39 +08:00
03b3e57a44
FEATURE: login by a link from email
...
Co-authored-by: tgxworld <tgx@discourse.org>
2018-02-13 16:14:39 +08:00
0776340b29
SECURITY: Prevent robots from indexing more routes
...
These routes could contain sensitive material and should never be
indexed for content.
2018-02-04 13:24:36 -05:00
2493648f9c
PERF: calculate topic_counts for tags in an async job so tag queries that include counts are much faster
2018-01-12 11:03:03 -05:00
8ff5f5f2ef
FIX: cache admin locale file for 24 hours
2018-01-09 10:23:49 +11:00
f08995c390
Remove unused code lines
2017-12-29 12:32:18 +05:30
44ee388070
FEATURE: omit images from og and twitter description tags
2017-11-28 21:34:02 +01:00
c2da25dd5c
Cleaning up the 404 page ( #5363 )
2017-11-24 12:41:31 -05:00
66e53f449a
UX: Auth complete page/modal has a link to continue to the site to accomodate auth methods that can't automatically redirect to Discourse
2017-11-21 13:56:19 -05:00
cef64e8f03
UX: Use `no_ember` styling for omniauth error page
2017-11-15 14:04:26 -05:00
d07ebf9d4c
UX: Support for custom error pages and headers in plugins
2017-11-14 16:31:44 -05:00
1c56e1c063
Support for HTML builders on the no-ember view
2017-11-14 16:04:27 -05:00
52480d554a
UX: Support for custom 404 pages
2017-11-14 11:57:17 -05:00
dfe9f70747
UX: warn that something must be selected with safe mode
2017-11-13 15:59:51 +11:00
38b8d68c68
FEATURE: Allow the user to select a custom home page ( #5268 )
...
* Add user_home configuration option
* Use the new user_home preference to actually show the right home page
* Fix trailing whitespace
* Update user_option_serializer.rb
* Fix JavaScript default homepage tests
* Use an object instead of a giant switch
* Remove trailing whitespace
* Make the default `user_home` set to `null` instead of `0`
* Rename user_home to homepage_id
2017-11-10 06:45:19 +11:00
7eb5f78343
UX: increase max length of topic titles in summary email html by 40 characters
2017-11-06 10:00:01 -05:00
7dc3671490
FEATURE: remove obsolete settings ga_tracking_code and ga_domain_name. Use ga_universal_tracking_code and ga_universal_domain_name instead.
2017-11-01 11:41:51 -04:00
bd1616d3d9
Add offline route and service worker to fix Android app install banner ( #5217 )
...
* set up static offline.html route and service worker for Android Web App Banner
* add viewport meta tag to offline view for android app banner
* add i18n support for offline.html pages, cleanup
* fix html syntax, add page title, remove license for service-worker.js
2017-10-31 10:46:48 +11:00
a5afc08363
FIX: html links in text part of summary email
2017-10-30 15:43:01 -04:00
28bc5ac10a
FIX: link to about page on subfolder
2017-10-30 14:34:12 -04:00
fec5691064
FIX: unsubscribe links in summary emails were missing subfolder
2017-10-30 14:28:43 -04:00
bf00ab5d4a
FIX: grant admin on subfolder
2017-10-27 16:46:02 -04:00
33f0d80ed5
UX: better title on search page
2017-10-27 09:13:04 +05:30
ad9553ff86
Merge pull request #5238 from discourse/jomaxro-patch-1
...
Add div to login-required text
2017-10-24 17:04:18 +08:00
e9159e49f3
FEATURE: Site Setting to determine whether flags defaults to topics
2017-10-20 12:37:20 -04:00
cafbf506cc
better error message when confirming email change
2017-10-20 20:58:00 +05:30
64e5532b90
Add div to login-required text
2017-10-15 14:45:24 -04:00
6fe604b93e
Revert "SECURITY: Fix XSS on unsubscribed page."
...
This reverts commit 190558db9d
2017-10-09 09:03:07 +08:00
190558db9d
SECURITY: Fix XSS on unsubscribed page.
2017-10-09 08:59:03 +08:00
70bb2aa426
FEATURE: allow specifying s3 config via globals
...
This refactors handling of s3 so it can be specified via GlobalSetting
This means that in a multisite environment you can configure s3 uploads
without actual sites knowing credentials in s3
It is a critical setting for situations where assets are mirrored to s3.
2017-10-06 16:20:01 +11:00
ebdf8d6718
remove uneeded code
2017-10-04 15:05:58 +11:00
14310d2eee
UX: title in JS must match title on Server
...
Corrects title flashing with incorrect value on front page reloads
2017-10-04 15:04:42 +11:00
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
6d35b62238
add image type attribute to icon link tag
2017-09-08 12:48:30 +05:30
e183600563
FIX: redirect loop for new users visiting /new-topic using full screen login
2017-09-07 21:02:41 +01:00
fa69e0dd77
Improved metadata for tags. ( #5067 )
2017-08-28 13:11:34 -04:00
d506e577a5
FEATURE: if full search returns no results, show google search form
2017-08-15 16:46:41 -04:00
b354099252
FEATURE: add custom open graph tag for ignoring canonical url
2017-08-15 19:24:20 +05:30
37300d6777
SECURITY: Do not show latest/top topics on 404 for login_required sites
2017-08-13 19:02:44 +03:00
bf2c35aa99
FEATURE: add RSS feed for badge pages
2017-08-09 13:43:49 +05:30
2e4b3e9b06
Don't include all html builders on client and server side
2017-08-07 11:29:35 -04:00
2d95b9dfbf
FIX: prevent Cloudflare from obfuscating emails
...
https://support.cloudflare.com/hc/en-us/articles/200170016-What-is-Email-Address-Obfuscation-
2017-08-03 15:06:13 +05:30
f3f7dd02d1
safely call html_safe on category description
...
The `categories.description` column is not modified as "not null", so it is possible for the description to be nil. This changes the code not call html_safe on nil.
2017-07-25 11:40:02 -07:00
4f77ca72a3
Stop Rails from escaping the HTML in this description.
2017-07-24 17:15:15 -07:00
d0c5205a52
Feature: Change markdown engine to markdown it
...
This commit removes the old evilstreak markdownjs engine.
- Adds specs to WhiteLister and changes it to stop using globals
(Fixes large memory leak)
- Fixes edge cases around bbcode handling
- Removes mdtest which is no longer valid (to be replaced with
CommonMark)
- Updates MiniRacer to correct minor unmanaged memory leak
- Fixes plugin specs
2017-07-17 11:41:34 -04:00
3ebd8838af
FEATURE: cross-domain tracking for Google universal analytics
2017-07-13 15:21:44 -04:00
79a084dd58
Revert "remove old markdown engine work-in-progress"
...
This reverts commit ee470b5317
2017-07-12 18:10:51 -04:00
ee470b5317
remove old markdown engine work-in-progress
2017-07-12 17:44:40 -04:00
7b35c55a1e
FIX: Display Google search form when 404 page is rendered by Ember.
2017-06-29 14:37:24 +09:00
eee00b5bb5
UX: include a link to change email preferences at the bottom of summary emails as an alternative to unsubscribing
2017-06-26 12:27:22 -04:00
234694b50f
Feature: CommonMark support
...
This adds the markdown.it engine to Discourse.
https://github.com/markdown-it/markdown-it
As the migration is going to take a while the new engine is default
disabled. To enable it you must change the hidden site setting:
enable_experimental_markdown_it.
This commit is a squash of many other commits, it also includes some
improvements to autospec (ability to run plugins), and a dev dependency
on the og gem for html normalization.
2017-06-23 12:01:33 -04:00
4d62f41fbc
RTL digest emails
...
Allows RTL digest emails.
For this to work, I have done the following major additions:
1- adding appropriate direction to body and tables
2- making text-direction compatible with rtl
3- making float, padding, and margin tags compatible with rtl
2017-06-16 15:20:20 +04:30
0b41046238
don't force SiteSetting.title into meta title tag
2017-06-12 13:50:50 -04:00
6e37f09b19
UX: add email to '/email/unsubscribed' page
2017-06-10 09:51:12 +05:30
5ff986129a
copyedit to unsubscribe email
2017-06-09 00:27:24 -07:00
1c0bbcd580
UX: show user email when unsubscribing
2017-06-09 09:20:24 +05:30
59922ce0a4
FEATURE: remove table wrapping posts in notification emails
2017-05-16 10:37:53 -04:00
aa009dd2b5
Add @embeddable_css_class from embed_controller
2017-05-11 15:16:16 -04:00
71a266b673
Remove daily mailing mode option as it doesn't scale.
...
https://meta.discourse.org/t/daily-updates-option-for-mailing-list-mode/45029/14?u=tgxworld
2017-05-05 12:21:50 +08:00
b381372184
Use Ember.js for the `/u/account-created` path so we can add controls
2017-05-03 11:18:01 -04:00
982e3d04f6
PERF: Allow memory to be freed instead of fetching all the objects into memory at once.
...
```
MemoryProfiler.report do
Jobs::UserEmail.new.execute(type: :mailing_list, user_id: user.id)
end.pretty_print
```
Before:
```
Total allocated: 180096119 bytes (1962025 objects)
Total retained: 2194 bytes (16 objects)
allocated memory by gem
-----------------------------------
66979096 activerecord-4.2.8
43507184 nokogiri-1.7.1
43365188 mail-2.6.4
5960201 activesupport-4.2.8
5056267 discourse/lib
4835284 rack-mini-profiler-0.10.1
3825817 arel-6.0.4
2186088 i18n-0.8.1
1719330 discourse/app
```
After:
```
Total allocated: 161935975 bytes (1473940 objects)
Total retained: 2234 bytes (17 objects)
allocated memory by gem
-----------------------------------
45430264 activerecord-4.2.8
43568627 nokogiri-1.7.1
43430754 mail-2.6.4
11233878 rack-mini-profiler-0.10.1
5260825 activesupport-4.2.8
5054491 discourse/lib
2186088 i18n-0.8.1
1822494 arel-6.0.4
```
2017-05-03 17:01:57 +08:00
f5b11cb429
PERF: Don't allocate extra array.
2017-05-02 11:54:23 +08:00
30ebaf6b6a
Update FontAwesome to 4.7.0
2017-04-26 15:16:30 -04:00
cd4f0393a8
Add a title tag to the search results page
2017-04-26 15:02:07 -04:00
bf9c4a7828
FEATURE: secure_email site setting to prevent data going out in email
2017-04-26 13:05:56 -04:00
dfe3c162cc
move stylesheet after js
2017-04-20 12:34:50 -04:00
bbed29ba57
correct font preloading
2017-04-20 11:18:37 -04:00
8b8ee2ad61
Pass a context in when using a HTML builder
2017-04-18 12:35:35 -04:00
b43d2e42f4
missing spots
2017-04-17 12:30:20 -04:00
81ebe853d1
missed a few spots
2017-04-17 12:05:23 -04:00
5dd752877e
FEATURE: try adding some preload hints for chrome
2017-04-17 11:52:43 -04:00
fe29fe71c5
FIX: embedding comments was broken
2017-04-14 08:14:22 +05:30
3f4f0b32a9
FIX: path wizard showing with no style
2017-04-13 15:22:39 -04:00
a3e8c3cd7b
FEATURE: Native theme support
...
This feature introduces the concept of themes. Themes are an evolution
of site customizations.
Themes introduce two very big conceptual changes:
- A theme may include other "child themes", children can include grand
children and so on.
- A theme may specify a color scheme
The change does away with the idea of "enabled" color schemes.
It also adds a bunch of big niceties like
- You can source a theme from a git repo
- History for themes is much improved
- You can only have a single enabled theme. Themes can be selected by
users, if you opt for it.
On a technical level this change comes with a whole bunch of goodies
- All CSS is now compiled using a custom pipeline that uses libsass
see /lib/stylesheet
- There is a single pipeline for css compilation (in the past we used
one for customizations and another one for the rest of the app
- The stylesheet pipeline is now divorced of sprockets, there is no
reliance on sprockets for CSS bundling
- CSS is generated with source maps everywhere (including themes) this
makes debugging much easier
- Our "live reloader" is smarter and avoid a flash of unstyled content
we run a file watcher in "puma" in dev so you no longer need to run
rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
b3761653b3
FIX: render emoji in title tag on topic page
2017-04-11 00:25:22 +05:30
3957540dd1
FIX: convert emoji to unicode in topic titles in emails
2017-04-10 13:15:25 -04:00
f960505359
FIX: translate badge metadata title
2017-04-06 09:57:52 +05:30
402eaaa773
FEATURE: add og tags to metadata in individual badges page
2017-04-06 09:32:53 +05:30
17f2974d0a
SECURITY: Confirm new administrator accounts via email
2017-04-04 15:59:01 -04:00
14410b71fb
Convert server side paths to use `/u/`
2017-03-30 10:23:24 -04:00
45a257815a
Convert front end paths from `/users/` to `/u/`
2017-03-30 10:23:24 -04:00
2fedf1c668
FIX: jQuery include was incorrect for `finish-installation`
2017-03-27 10:29:25 -04:00
874e8900af
Display email address in SSO error message.
2017-03-21 15:37:46 -04:00
aeaf5075bf
Custom errors for when Email is invalid via SSO
2017-03-21 15:23:38 -04:00
52d78294cc
Render a layout when there's an SSO error
2017-03-21 15:23:38 -04:00
801b5838e1
FIX: do not show faq/guidelines page to anonymous users for private forums
2017-03-08 16:00:49 +05:30
090236b15b
FIX: do not show about page to anonymous users for private forums
2017-03-08 13:15:44 +05:30
ca20cb9941
FEATURE: subcategories can be discovered by web crawlers on page 1 of the parent category topics list
2017-03-02 15:06:56 -05:00
7496f373cd
add headline itemprop to DiscussionForumPosting for crawlers
2017-03-02 12:35:50 -05:00
80858bae2c
FEATURE: further restrict downloading of backups
...
- send email to logged in admin when they press the "download" button
- show pop-up that email was sent
- create email template
- require a valid token to download backup
2017-03-01 08:28:34 -07:00
0e8c849572
UX: "See more" on not found page should redirect to /top.
2017-02-27 13:33:19 +08:00
068ce19ae2
FEATURE: linked topics should be rendered under posts for crawlers
2017-02-21 12:43:24 +05:30
aa2c527c60
Remove "From" from every post in Popular Posts section of summary emails
2017-02-20 11:04:12 -05:00
d0fbb27f3e
FEATURE: new invite acceptance page, where username can be chosen and password can be set
2017-02-15 16:51:57 -05:00
07b9c351a4
Merge pull request #4705 from vinothkannans/dev
...
new: server plugin outlet for indexable robots.txt
2017-02-13 11:18:51 -05:00
08c14dd689
new: server plugin outlet for indexable robots.txt
2017-02-13 17:31:10 +05:30
1b43c209eb
'Article' to 'DiscussionForumPosting' schema type
...
topic => https://meta.discourse.org/t/invalid-article-schema/57037
Replacing '[Article](https://schema.org/Article )' schema type with '[DiscussionForumPosting](https://schema.org/DiscussionForumPosting )'
2017-02-11 18:44:40 +05:30
a5dfcddc6c
FIX: crawler view of paginated content should have link elements in head for next and previous pages
2017-02-07 16:11:12 -05:00
ece979efd1
add tags to webcrawler view of a topic in an ItemList
2017-02-06 18:12:48 -05:00
c4e10f2a9d
FEATURE: redesign the change password page to use javascript and validations
2017-02-03 16:09:24 -05:00
ae671355da
FIX: add /tags routes to robots.txt
2017-02-03 11:57:00 -05:00
9dd09e453b
FEATURE: add explicit confirmation button to accept the invite
2017-01-25 15:50:30 +05:30
d0a3dc10d8
FIX: RSS Language should use a dash/hypen instead of underscore
2017-01-14 14:24:21 -05:00
d9146de080
FIX: an image can be shown twice in summary emails
2017-01-09 13:27:43 -05:00
98df6db0eb
FIX: Respect site setting to hide username in mailing list summary.
2017-01-09 12:18:30 +08:00
878af4c8b1
add tiny bit of space to email summary
2017-01-03 15:45:29 -08:00
d3fb724578
Merge pull request #4632 from xfalcox/native-app-banner
...
FEATURE: Opt-in native Discourse app install banner
2017-01-03 16:32:24 -02:00
d7c8c2d5e3
FEATURE: Opt-in native Discourse app install banner on Android/iOS
2017-01-03 15:50:45 -02:00
b72014423e
FIX: summary email wrong background colour above popular posts
2017-01-03 11:05:54 -05:00
0f484e11fe
FIX: Popular Posts heading in summary emails was a different style than other headings
2016-12-29 15:33:53 -05:00
67347432b7
Remove unread counts from last section of summary email, and rename it "New for you"
2016-12-28 14:06:01 -05:00
f3b4a889b2
FIX: remove extra space to the right of avatars in summary emails
2016-12-28 13:56:46 -05:00
3256620d5d
FIX: some blank topics and posts in summary email because they're images
2016-12-19 16:21:31 -05:00
e03d5e2140
Reapply Ember 2.10 for good this time!
...
This reverts commit ddd299f4aa
2016-12-19 11:19:10 -05:00
0599bd0154
FEATURE: add referrer never tag to password reset page
2016-12-19 11:01:58 +11:00
30e0154e5d
SECURITY: fix reflected XSS with safe_mode param
...
(only applies to beta and master)
2016-12-19 10:11:51 +11:00
ddd299f4aa
Revert "Revert "Revert Ember 2.10+ for a short while""
...
This reverts commit 76bbc481cb
2016-12-16 10:29:30 -05:00
76bbc481cb
Revert "Revert Ember 2.10+ for a short while"
...
This reverts commit 21682fd60b
2016-12-16 09:52:29 -05:00
21682fd60b
Revert Ember 2.10+ for a short while
2016-12-15 16:43:38 -05:00
f01f95d62d
FEATURE: new settings to customize some colors in emails
2016-12-15 14:43:53 -05:00
62ba5ea33f
Name before username in summary email
2016-12-15 14:43:52 -05:00
a26c3fe2b6
FIX: truncate long topic titles in summary email
2016-12-14 12:59:01 -05:00
03bc6f70f9
Better error messages when embedding fails
2016-12-13 14:38:05 -05:00
17bc42fe85
FIX: box style category badges in emails, and shrink text and some spacing in summary email
2016-12-09 16:59:54 -05:00
a7ee72649d
FIX: add back support for customizing header in summary email
2016-12-06 12:40:42 -05:00
1f50fcd613
FIX: digest customizations for above/below popular topics were sometimes not being shown
2016-12-06 12:35:02 -05:00
52763f5115
FEATURE: Allow posting a link with topics
2016-12-05 17:20:54 +01:00
9db3685823
fix another case of double user name in digest
2016-12-02 13:31:12 -05:00
fa395bb43c
fix colour bug in summary email
2016-12-02 10:33:12 -05:00
8a0cf1b90e
FIX: if username and name are the same, don't show both in summary emails
2016-12-01 12:17:23 -05:00
61bcc98c0e
slightly tighten spacing on digests
2016-11-30 17:13:01 -08:00
8cd30cdc8b
FIX: respect the enable_names setting, and fix cases when html is invalid
2016-11-30 17:58:07 -05:00
3f3a0d7b14
make counts fixed width for digest/summary
2016-11-29 17:21:51 -08:00
4d52682267
FIX: wrong font of site title in summary email
2016-11-29 17:12:11 -05:00
a187932126
Counts at top of summary email are links
2016-11-29 17:10:25 -05:00
4e0958051e
FIX: don't try to show svg's in summary email
2016-11-28 14:35:59 -05:00
fc68a7f0c6
tighten spacing on digest "new in"
2016-11-27 10:19:23 -08:00
9b363d6df7
tighten spacing on digest email
2016-11-27 10:03:34 -08:00
e77dbbacea
no vendor specific formatting in digest emails
2016-11-27 09:49:15 -08:00
af4f2d000a
FIX: translation missing messages in digest when showing more than 5 popular topics
2016-11-25 16:37:06 -05:00
9d5ac320f4
FIX: dates in digest email wrapping when they should have plenty of space on one line
2016-11-25 16:29:01 -05:00
655b8a0540
move topic.image_url to same row as avatar in digest email
2016-11-25 15:41:22 -05:00
96daf5431f
digest: don't show stats with 0. try to show new posts and new users counts.
2016-11-24 16:28:24 -05:00
Guo Xiang Tan
Maja Komel
Jeff Wong
Erick Guan
Robin Ward
Neil Lalonde
Sam
Vinoth Kannan
Gerhard Schlager
Kris
Michael Howell
Penar Musaraj
Arpit Jalan
Guo Xiang Tan
Joshua Rosenfeld
Leo McArdle
Bianca Nenciu
David Taylor
Ryan Mulligan
Benjamin Elijah Griffin
hosnas
Jeff Atwood
Pat David
Aashaka Shah
Blake Erickson
cpradio
Rafael dos Santos Silva