58b53f7841
update copy for "was this you?" login dialog
2018-10-27 13:57:30 -07:00
2450f178ca
FEATURE: Allow admins to control PWA display mode per user agent
2018-10-26 13:47:22 -03:00
b2585524a9
FEATURE: adds a most disagreed flaggers report
2018-10-26 15:59:04 +02:00
a6eca28ec6
CSP - extract all other inline JavaScripts ( #6528 )
...
* wizard page inline js
* print topic inline js
* drop JS for preventing double submission
this is the default behavior with Rails' UJS `disable_with` helper
* omniauth complete redirect JS
* account activate inline js
2018-10-25 09:52:01 -04:00
6a3767cde7
FEATURE: Warn users via email about suspicious logins. ( #6520 )
...
* FEATURE: Warn users via email about suspicious logins.
* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
54e025225d
minor copyedit
2018-10-24 16:22:29 -07:00
64aca0dc1b
FIX: remove duplicate referrer policy
...
Rails already ships with strict-origin-when-cross-origin, no need
to also add no-referrer-when-downgrade
see: https://meta.discourse.org/t/harden-referrer-policy-header/100172
2018-10-24 08:38:39 +11:00
e9a971a2b6
FEATURE: [Experimental] Content Security Policy ( #6514 )
...
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
3e232412e3
UX: show error when hitting the rate limit on password reset
2018-10-22 19:00:30 +02:00
db26fe1527
FIX: Proper naming for the GNU/Linux OS
2018-10-22 13:34:01 -03:00
99b43f281b
FIX: Fix browser detection for Microsoft Edge. ( #6516 )
...
cool!
2018-10-22 23:15:41 +11:00
37b7afa522
FIX: Sanitize tags before creation
2018-10-22 10:53:42 +01:00
ce0a51665e
FIX: count emoji shortcuts in topic title
...
https://meta.discourse.org/t/max-emojis-in-title-set-to-0-conflicting-with-emoji-shortcuts/98368/3?u=techapj
2018-10-22 13:44:05 +05:30
dca830cb73
Revert "FEATURE: [Experimental] Content Security Policy ( #6504 )"
...
This reverts commit fb8231077a
2018-10-19 11:53:29 -04:00
0dd717e641
Revert "FIX: Sanitize tags before creation"
...
This reverts commit 18ae8de9e5
2018-10-19 15:49:05 +01:00
18ae8de9e5
FIX: Sanitize tags before creation
2018-10-19 15:43:31 +01:00
fb8231077a
FEATURE: [Experimental] Content Security Policy ( #6504 )
2018-10-19 10:39:22 -04:00
b69652278f
FEATURE: Add Wiki Editor badge. ( #6511 )
2018-10-19 15:30:27 +02:00
f60b10d090
UX: Warn users if the post that's currently edited has changed. ( #6498 )
2018-10-17 15:35:32 +02:00
0db3e27ce4
remove windows phone references, it is ☠
2018-10-16 15:11:24 -07:00
005e1f5373
Add Cache-Control header to CORS ( #6490 )
2018-10-16 10:46:55 +11:00
99d1ded3b3
rename route `/javascripts` to `/theme-javascripts` ( #6495 )
2018-10-15 11:32:52 -04:00
c104256991
FIX: SSO provider secrets - check wildcard domains last, toggle secrets visibility
2018-10-15 16:18:29 +02:00
7ac08f936e
FEATURE: Upload tags from CSV ( #6484 )
2018-10-15 09:12:54 +01:00
27e732a58d
FEATURE: allow multiple secrets for Discourse SSO provider
...
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.
This allows for better auditing of the SSO provider feature
2018-10-15 16:03:53 +11:00
6acdea37c4
DEV: extract inline js when baking theme fields ( #6447 )
...
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields
This work is needed to support CSP work
2018-10-15 15:55:23 +11:00
2acb885c72
FEATURE: fullscreen composer mode on desktop
...
Adds keyboard shortcut and icon that allows expanding composer to full screen.
2018-10-15 13:59:49 +11:00
84d4c81a26
FEATURE: Support backup uploads/downloads directly to/from S3.
...
This reverts commit 3c59106bac
2018-10-15 09:43:31 +08:00
af39624d19
Update translations
2018-10-12 10:40:25 -04:00
12f132736b
FIX: error looking at users in admin when tl3_promotion_min_duration is set to a very high value
2018-10-11 15:11:48 -04:00
b5b382dcd6
Feature: add boxes with subcategories option for desktop categories page ( #6471 )
...
* Feature: add boxes with subcategories option for desktop categories page
* only add subclass div when subclasses exist
2018-10-11 15:59:37 +08:00
3c59106bac
Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
...
This reverts commit c29a4dddc1
2018-10-11 11:08:23 +08:00
c29a4dddc1
FEATURE: Support backup uploads/downloads directly to/from S3.
2018-10-11 10:38:43 +08:00
a566ed42ae
FEATURE: Option to disable user presence and profile
...
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
2018-10-10 17:34:33 -04:00
fd48ba10b8
Add quotes to site setting HTML links
2018-10-10 16:53:02 -04:00
51029e3884
Revert sendgrid URL change
...
per 2ded524b5a
2018-10-10 09:00:39 -04:00
18e99ddfa9
Link to social login instructions in site settings
2018-10-10 08:46:48 -04:00
cd2b8d40f1
Properly link to URLs in site settings
2018-10-10 08:46:03 -04:00
d35bce96ab
Use https:// when possible
2018-10-10 07:11:58 -04:00
3d8b063c83
Update test_mailer to minimize URL redirects
2018-10-10 06:16:33 -04:00
1d26a473e7
FEATURE: Show "Recently used devices" in user preferences ( #6335 )
...
* FEATURE: Added MaxMindDb to resolve IP information.
* FEATURE: Added browser detection based on user agent.
* FEATURE: Added recently used devices in user preferences.
* DEV: Added acceptance test for recently used devices.
* UX: Do not show 'Show more' button if there aren't more tokens.
* DEV: Fix unit tests.
* DEV: Make changes after code review.
* Add more detailed unit tests.
* Improve logging messages.
* Minor coding style fixes.
* DEV: Use DropdownSelectBoxComponent and run Prettier.
* DEV: Fix unit tests.
2018-10-09 22:21:41 +08:00
47f19adac8
Remove old bookmark strings
2018-10-09 09:31:08 -04:00
ac034a6b2c
copyedit on branch field help text
2018-10-09 11:56:51 +05:30
51aba32651
FEATURE: add branch option to remote theme import
...
* FEATURE: add branch option to remote theme import
* FIX: Add missing variable in params
* FIX: Add missing param for import_theme method
* SPEC: Add test methods for branch support in git import
* FIX: Add missing space to scss style
* Do not assume default branch as master
* Change branch field placeholder
* FIX: add missing div start tag
2018-10-09 17:01:08 +11:00
acba7d2a5d
Extract `discourse_javascript.html.erb` to a scrip include
...
* extract omniauth auth complete inline JS
* extract Ember error logging inline JS
* transpile `authentication-complete`
This is CSP related work
2018-10-09 16:50:45 +11:00
1c9b5e75e7
DEV: Support post deployment migrations for plugins.
2018-10-09 13:11:45 +08:00
e55f220b33
add category style boxes with featured topics option
2018-10-08 16:19:54 -07:00
97ad9e9d9b
UX: Prompt for custom invite message was hard to translate
2018-10-08 18:01:21 +02:00
40fa96777d
FEATURE: Post deployment migrations. ( #6406 )
...
This moves us away from the delayed drops pattern which
was problematic on two counts. First, it uses a hardcoded "delay for"
duration which may be too short for certain deployment strategies.
Second, delayed drop doesn't ensure that it only runs after
the latest application code has been deployed. If the migration runs
and the application code fails to deploy, running the migration after
"delay for" has been met will cause the application to blow up.
The new strategy allows post deployment migrations to be skipped if the
env `SKIP_POST_DEPLOYMENT_MIGRATIONS` is provided.
```
SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
-> deploy app servers
SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
```
To aid with the generation of a post deployment migration, a generator
has been added. Simply run `rails generate post_migration`.
2018-10-08 15:47:38 +08:00
3b6a525e5b
minor copyedit for bookmarks
2018-10-07 04:17:59 -07:00
Jeff Atwood
Rafael dos Santos Silva
Joffrey JAFFEUX
Kyle Zhao
Bianca Nenciu
Sam Saffron
Régis Hanol
David Taylor
Arpit Jalan
Davide Porrovecchio
Maja Komel
Joe
Guo Xiang Tan
Neil Lalonde
Jeff Wong
Gerhard Schlager
Robin Ward
Joshua Rosenfeld
Penar Musaraj
Vinoth Kannan
Erin Kosewic
Guo Xiang Tan