Commit Graph

19861 Commits

Author SHA1 Message Date
Neil Lalonde 82e170d6a6 FIX: 404 when filtering by category, no sub-category, and a tag 2016-07-28 16:19:03 -04:00
Robin Ward efc6408b1d FIX: Regression with escaping on badge page 2016-07-28 15:57:06 -04:00
Jeff Atwood d9289b6da9 Merge pull request #4352 from tgxworld/full_width_for_polls
UX: Polls should take up full width of post's container.
2016-07-28 11:59:08 -07:00
Robin Ward 2891f230d1 SECURITY: Make sure uploaded_urls have corresponding upload records 2016-07-28 13:54:17 -04:00
Robin Ward cf5b756b1a SECURITY: Cross-Site Scripting in Category and Group Settings 2016-07-28 11:57:59 -04:00
Neil Lalonde 77847f0d46 FIX: meta description tags for tags 2016-07-28 11:49:23 -04:00
Robin Ward dc1a830d3d SECURITY: SQL Injection in Admin List Active Users 2016-07-28 11:42:06 -04:00
Robin Ward 2f8ab8cd30 SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions 2016-07-28 11:38:12 -04:00
Guo Xiang Tan bb3f4a10f3 UX: Polls should take up full width of post's container. 2016-07-28 23:06:25 +08:00
Guo Xiang Tan 85a91c8b81 Remove unused property. 2016-07-28 21:28:49 +08:00
Guo Xiang Tan 0128fdfc46 FIX: `Discourse.ajax` is deprecated. 2016-07-28 18:20:24 +08:00
Guo Xiang Tan c449bbe882 Merge pull request #4347 from tgxworld/unlist_topic_creation
FEATURE: Add toggle topic visibility button in popup menu.
2016-07-28 17:18:34 +08:00
Guo Xiang Tan 36ddb1787e FEATURE: Add toggle topic visibility button in popup menu. 2016-07-28 16:57:04 +08:00
Sam 16a383ea1e SECURITY: limit bad cookie auth attempts
- Also cleans up the _t cookie if it is invalid
2016-07-28 12:58:49 +10:00
Sam 0ba8da9658 reduce amount of cache setting 2016-07-28 10:20:29 +10:00
Sam 83f80341b3 FIX: topic id cache should be a multi process cache 2016-07-28 10:20:14 +10:00
Sam ab68e0c9db FEATURE: allow "developer" account flagging via developers table
This mechanism for flagging developer accounts will eventually replace
DISCOURSE_DEVELOPER_EMAILS
2016-07-28 10:14:06 +10:00
Sam c6dbaca0dc SECURITY: disable user entered badge SQL by default
- Hidden site settings now must be change via rails console
2016-07-28 09:03:00 +10:00
Sam cb3afd11b4 SECURITY: limit route access when using external avatars 2016-07-28 09:00:43 +10:00
Neil Lalonde 437ad5b05a Remove extra characters returned from Transifex 2016-07-27 17:55:29 -04:00
Neil Lalonde 6a8f57d602 Update translations 2016-07-27 17:55:28 -04:00
Neil Lalonde 7109442ef0 Stop using Transifex workaround, but keep the code just in case 2016-07-27 17:55:28 -04:00
Gerhard Schlager 37a78752e9 phpBB3 importer: fixes for internal links and guest users (#4350)
* phpBB3 importer: ignore query parameters in internal links

* phpBB3 importer: Don't fail if guest usernames differ only by case

* phpBB3 importer: Import username as name for guest users
2016-07-27 22:57:33 +02:00
Gerhard Schlager fccc0c93c5 Store the original username during import (#4349) 2016-07-27 22:30:15 +02:00
Régis Hanol e848c336bb FIX: only prevent clicks on links in the preview 2016-07-27 20:53:45 +02:00
Régis Hanol c4b52b1a19 GET is a more RESTy verb for '/users/:username/emails' 2016-07-27 20:15:28 +02:00
Régis Hanol 6dac9075dc new 'convert_pasted_images_quality' site setting 2016-07-27 19:59:44 +02:00
Régis Hanol be099bb637 only convert pasted images to HQ jpg when it's at least 5% smaller 2016-07-27 19:55:13 +02:00
Neil Lalonde a3f39866ab Update translations using temporary workaround for Transifex bugs 2016-07-27 13:29:13 -04:00
Régis Hanol ea59283c1e FIX: PM automatic groups via URL 2016-07-27 19:16:31 +02:00
Régis Hanol 11172b7c2d FIX: cropping GIF wasn't working 2016-07-27 18:48:02 +02:00
Régis Hanol 56d2626187 support 'read_restricted' categories in importers 2016-07-27 18:38:23 +02:00
Neil Lalonde 0fa8fb1774 Merge pull request #4348 from gschlager/transifex
Workaround for Transifex YML issues
2016-07-27 12:34:42 -04:00
Gerhard Schlager 3d76ad623c
Workaround for Transifex YML issues 2016-07-27 18:02:57 +02:00
Jeff Atwood f8144f07fd purge 2x the unactivated old users 2016-07-27 03:29:00 -07:00
Guo Xiang Tan c58123b421 Merge pull request #4346 from tgxworld/adrapereira-ap_merge_multiple_responses
FEATURE: Allow staff users to merge posts.
2016-07-27 12:48:09 +08:00
Andre Pereira 8cbd585e20 FEATURE: Allow staff users to merge posts. 2016-07-27 12:04:14 +08:00
Neil Lalonde 3af27a6d83 FIX: category settings should not limit number of tags 2016-07-26 16:04:11 -04:00
Neil Lalonde 3c0df3510a FIX: tags index should show all tags belonging to a category even if they have never been used 2016-07-26 16:04:11 -04:00
Robin Ward 5ba8612fa8 UX: Button had wrong margin on iOS 2016-07-26 15:10:14 -04:00
Robin Ward 424bb143db FIX: Jump to post on iOS was broken - replace with prompt 2016-07-26 15:08:04 -04:00
Robin Ward 2a4006fe0c Add `YandexBot` to our list of crawlers 2016-07-26 13:21:37 -04:00
Neil Lalonde de99853dee FIX: routes for tag nav items 2016-07-26 12:39:36 -04:00
Robin Ward 930f2e1b68 Update one of the win10 emoji 2016-07-26 12:07:41 -04:00
Neil Lalonde ce595189ff Version bump to v1.6.0.beta12 2016-07-26 11:49:51 -04:00
Robin Ward fbfd3124a0 Whitelist some more tags and add extra tests 2016-07-26 11:02:09 -04:00
Guo Xiang Tan 2242568507 UX: Missing spinning wheel on topics list. 2016-07-26 17:31:28 +08:00
Guo Xiang Tan 47c835f0f0 UX: Missing spinning wheel on user topics list. 2016-07-26 17:17:39 +08:00
Guo Xiang Tan b335ccbd59 Merge pull request #4341 from tgxworld/pipe_dump_to_gzip
FEATURE: Work with compressed version of `pg_dump` during backup and …
2016-07-26 10:43:39 +08:00
Guo Xiang Tan 76e57ddef3 FIX: Log errors in `ensure` block of restorer. 2016-07-26 10:24:01 +08:00