Commit Graph

32 Commits

Author SHA1 Message Date
Sam f028ffaf29 SECURITY: correct local onebox category checks
Also removes ugly "source_topic_id" from cooked posts

Patch was authored by @zogstrip

Signed-off-by: Sam <sam.saffron@gmail.com>
2018-02-14 10:40:46 +11:00
Maja Komel 018cb7f36b add a custom user onebox (#5542)
* add custom user onebox

* add specs
2018-01-30 11:03:08 +01:00
Régis Hanol d6b22e6cc1 FIX: whitelist oneboxed iframes 2017-12-23 01:56:33 +01:00
Vinoth Kannan 230fec68ca FIX: Topic links onebox differently if end in / 2017-11-06 01:41:36 +05:30
Sam 5897ae945a FIX: stop using inline quote for local onebox 2017-06-27 10:57:38 -04:00
Régis Hanol ba115480ba FIX: wasn't extracting links to quoted posts 2017-02-06 14:45:04 +01:00
Régis Hanol 499a83270a FIX: don't onebox to IP addresses 2017-01-12 22:35:33 +01:00
Régis Hanol 197517d55e FIX: locally uploaded audio & video files should onebox even when the extension is uppercase 2016-12-15 23:21:44 +01:00
Régis Hanol 9ef724a065 FIX: self-onebox in read protected categories 2016-11-07 18:14:28 +01:00
Régis Hanol a655e4b092 ensure we allow self oneboxing of login required sites 2016-11-03 22:48:32 +01:00
Régis Hanol 70b79328ab FIX: overwrite onebox's whitelist 2016-10-25 00:21:02 +02:00
Guo Xiang Tan 20359788dc
Rename `SiteSetting#use_https` to `force_https`. 2016-06-29 15:02:43 +08:00
Sam e01dc54f2a UX: we should always simply use emoji codes as opposed to treating as image 2016-06-02 12:29:25 +10:00
Régis Hanol 5a75972b0b SECURITY: 2 XSSs in post gutter and local oneboxes 2016-05-14 00:37:47 +02:00
Sam 6688dce2b8 FIX: discourse local onebox not working correctly in multisite 2016-04-13 12:19:02 +10:00
Robin Ward 621f7e0a65 FIX: Replace emoji in local oneboxes 2016-03-14 14:48:48 -04:00
Rafael dos Santos Silva e51293d298 FIX: Local onebox on subfolder installs
This should fix oneboxing local topics when using the subfolder install feature.
2016-02-01 13:30:48 -02:00
Guo Xiang Tan a362ad9407 FIX: Emoji in Discourse onebox is wrapped in square brackets. 2016-01-13 19:00:11 +08:00
Arpit Jalan 3a28bafc0f FEATURE: onebox internal audio or video files 2015-12-25 01:52:14 +05:30
Sam fc2d61136d FEATURE: add context for cross topic links 2015-09-25 14:52:43 +10:00
riking 1412687112 FIX: Whoops, DiscourseLocalOnebox became DiscourseGlobalOnebox 2015-04-24 01:09:38 -07:00
riking 694ee30e86 FIX: Uploaded files could not be oneboxed 2015-04-21 23:08:29 -07:00
Robin Ward d06d050eb7 UX: When oneboxing a topic, use the stripe category badge 2015-01-23 15:12:42 -05:00
Robin Ward d0fb8bbcfc Instead of `.js.handlebars` use `.hbs` for handlebars templates 2014-09-26 15:23:15 -04:00
Arpit Jalan e6c853e642 show parent and child category in oneboxes 2014-09-17 01:01:41 +05:30
Arpit Jalan 36f36f4428 hide category name for Uncategorized topics while oneboxing 2014-09-05 00:36:13 +05:30
riking 41dadcc349 Fix local onebox subcategory urls 2014-08-25 16:47:54 -07:00
Louis Rose 1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Neil Lalonde 9fba385172 FIX: don't onebox hidden posts 2014-04-28 11:03:19 -04:00
Robin Ward 034287033e Add back onebox support for flash video 2014-04-09 13:41:25 -04:00
Robin Ward cbf2e2e8f9 FIX: DiscourseLocalOnebox should have a higher priority than other
discourse sites
2014-02-25 14:08:48 -05:00
Neil Lalonde d343e9f360 Add DiscourseLocalOnebox 2014-01-29 14:14:07 -05:00