Commit Graph

3495 Commits

Author SHA1 Message Date
Bianca Nenciu d9484db718
FIX: Split link watched words from replace (#13196)
It was not clear that replace watched words can be used to replace text
with URLs. This introduces a new watched word type that makes it easier
to understand.
2021-06-02 15:36:49 +10:00
Penar Musaraj 4d4c3fe1e4
FIX: Delete internal links when moderator deletes a post (#13233) 2021-06-01 14:02:53 -04:00
Dan Ungureanu ccbe3bea79
UX: Improve style of GitHub PR body in emails (#13198)
On the web, we display only an excerpt in a monospace font and the rest
of the body is hidden under ellipsis. The email displayed both of them
and it did not use the same style. This commit leaves only the excerpt
in emails and makes it use a monospace font to display it.
2021-05-31 14:03:19 +03:00
Penar Musaraj 726500bc59
FEATURE: Enable pausing images from Giphy and Tenor (#13185) 2021-05-27 15:00:38 -04:00
Gerhard Schlager 157f10db4c
FEATURE: Use path from existing URL of uploads and optimized images (#13177)
Discourse shouldn't dynamically calculate the path of uploads and optimized images after a file has been stored on disk or S3. Otherwise it might calculate the wrong path if the SHA1 or extension stored in the database doesn't match the actual file path.
2021-05-27 17:42:25 +02:00
Arpit Jalan 283b08d45f
DEV: Absorb onebox gem into core (#12979)
* Move onebox gem in core library

* Update template file path

* Remove warning for onebox gem caching

* Remove onebox version file

* Remove onebox gem

* Add sanitize gem

* Require onebox library in lazy-yt plugin

* Remove onebox web specific code

This code was used in standalone onebox Sinatra application

* Merge Discourse specific AllowlistedGenericOnebox engine in core

* Fix onebox engine filenames to match class name casing

* Move onebox specs from gem into core

* DEV: Rename `response` helper to `onebox_response`

Fixes a naming collision.

* Require rails_helper

* Don't use `before/after(:all)`

* Whitespace

* Remove fakeweb

* Remove poor unit tests

* DEV: Re-add fakeweb, plugins are using it

* Move onebox helpers

* Stub Instagram API

* FIX: Follow additional redirect status codes (#476)

Don’t throw errors if we encounter 303, 307 or 308 HTTP status codes in responses

* Remove an empty file

* DEV: Update the license file

Using the copy from https://choosealicense.com/licenses/gpl-2.0/#

Hopefully this will enable GitHub to show the license UI?

* DEV: Update embedded copyrights

* DEV: Add Onebox copyright notice

* DEV: Add MIT license, convert COPYRIGHT.txt to md

* DEV: Remove an incorrect copyright claim

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Co-authored-by: jbrw <jamie@goatforce5.org>
2021-05-26 15:11:35 +05:30
Roman Rizzi a5fddd5cdb
FIX: Hide a post's pending flag count from TL4 users. (#13129)
They can't see the review queue, so there's no reason to show a button with the post's pending flag count in the post controls.
2021-05-26 12:58:00 +10:00
Martin Brennan 7a79bd7da3
FEATURE: Allow selective dismissal of new and unread topics (#12976)
This PR improves the UI of bulk select so that its context is applied to the Dismiss Unread and Dismiss New buttons. Regular users (not just staff) are now able to use topic bulk selection on the /new and /unread routes to perform these dismiss actions more selectively.

For Dismiss Unread, there is a new count in the text of the button and in the modal when one or more topic is selected with the bulk select checkboxes.

For Dismiss New, there is a count in the button text, and we have added functionality to the server side to accept an array of topic ids to dismiss new for, instead of always having to dismiss all new, the same as the bulk dismiss unread functionality. To clean things up, the `DismissTopics` service has been rolled into the `TopicsBulkAction` service.

We now also show the top Dismiss/Dismiss New button based on whether the bottom one is in the viewport, not just based on the topic count.
2021-05-26 09:38:46 +10:00
Jeff Atwood 50926f6143
FIX: Simplify post and topic deletion language (#13128)
Based on feedback from Matt Haughey, we don't need to use so many words when describing a deleted topic or post.

Co-authored-by: Martin Brennan <martin@discourse.org>
2021-05-25 12:04:10 +10:00
Daniel Waterworth ca809d2c40
FEATURE: Add on_preload for TopicView (#13122)
This allows plugins to load data on fetched posts before each post is
individually serialized.
2021-05-24 11:46:57 -05:00
Andrei Prigorshnev c62efc0f0f
FIX: Ignore max excerpt length for div excerpts too (#13058)
We support two types of custom excerpts. It can be <div class="excerpt"> or <span class="excerpt">: b21f74060e/lib/excerpt_parser.rb (L120)

We also ignore max excerpt length for custom excerpts. But we forgot to process div when ignoring max length.
2021-05-24 13:05:24 +04:00
Gerhard Schlager 332ae97555
FEATURE: Correctly convert topic title to uppercase and lowercase for Turkish default locale (#13115) 2021-05-24 18:13:30 +10:00
Martin Brennan afb2b4c6b9
FIX: Update upload secure status when revising posts (#13110)
When uploads are created from the composer (editing or creating a post),
for sites with secure uploads enabled we assume security by default and
that new upload is set to secure. When the post is created, we then
check whether the post uploads _actually_ need to be secure and adjust
accordingly.

We were not doing this when revising a post, so when a new upload was
created when editing a post in a public topic, the secure status stayed
true erroneously causing issues with image previews, among other things.
2021-05-21 13:32:32 +10:00
Josh Soref 59097b207f
DEV: Correct typos and spelling mistakes (#12812)
Over the years we accrued many spelling mistakes in the code base. 

This PR attempts to fix spelling mistakes and typos in all areas of the code that are extremely safe to change 

- comments
- test descriptions
- other low risk areas
2021-05-21 11:43:47 +10:00
Penar Musaraj 29f3621f45
FIX: Disable lightboxing of animated images (#13099) 2021-05-20 15:19:44 -04:00
Alan Guo Xiang Tan 958b56dc6c
PERF: Precompile child theme stylesheets. (#13040)
Previously, we only precompiled the CSS for parent themes but not for
the child themes. As a result, the CSS for child themes were being
compiled during the first request which made the respond time high for
that request.
2021-05-20 16:01:54 +10:00
Andrei Prigorshnev 075cd07a07
No need to disable rate limiter after running tests (#13093)
We disable rate limiter before running every test here 90ab3b1c75/spec/rails_helper.rb (L109-L109)
2021-05-19 16:04:35 +04:00
Andrei Prigorshnev 3e0f72f57f
FEATURE: Increase daily edit limits proportionally to trust level (#13090) 2021-05-19 13:57:21 +04:00
Arpit Jalan f96f534f3e
FIX: do not include contact url & email in client site settings payload (#13004) 2021-05-19 16:15:24 +10:00
Bianca Nenciu c1dfd76658
FIX: Make replace watched words work with wildcard (#13084)
Watched words are always regular expressions, despite watched_words_
_regular_expressions being enabled or not. Internally, wildcard
characters are replaced with a regular expression that matches any non
whitespace character.
2021-05-18 12:09:47 +03:00
jbrw a24b6daa87
FIX: An unresolved blank uri should attempt an alternate Oneboxing strategy, if available (#13070) 2021-05-14 15:23:20 -04:00
Bianca Nenciu 3a1b05f219
FIX: Make autotag watched words case insensitive (#13043)
* FIX: Hide tag watched words if tagging is disabled

These 'autotag' words were shown even if tagging was disabled.

* FIX: Make autotag watched words case insensitive

This commit also fixes the bug when no tag was applied if no other tag
was already present.
2021-05-14 16:52:10 +03:00
jbrw 19182b1386
DEV: Oneboxer wildcard subdomains (#13015)
* DEV: Allow wildcards in Oneboxer optional domain Site Settings

Allows a wildcard to be used as a subdomain on Oneboxer-related SiteSettings, e.g.:

- `force_get_hosts`
- `cache_onebox_response_body_domains`
- `force_custom_user_agent_hosts`

* DEV: fix typos

* FIX: Try doing a GET after receiving a 500 error from a HEAD

By default we try to do a `HEAD` requests. If this results in a 500 error response, we should try to do a `GET`

* DEV: `force_get_hosts` should be a hidden setting

* DEV: Oneboxer Strategies

Have an alternative oneboxing ‘strategy’ (i.e., set of options) to use when an attempt to generate a Onebox fails. Keep track of any non-default strategies that were used on a particular host, and use that strategy for that host in the future.

Initially, the alternate strategy (`force_get_and_ua`) forces the FinalDestination step of Oneboxing to do a `GET` rather than `HEAD`, and forces a custom user agent.

* DEV: change stubbed return code

The stubbed status code needs to be a value not recognized by FinalDestination
2021-05-13 15:48:35 -04:00
Dan Ungureanu 60be1556fc
FIX: Various invite system fixes (#13003)
* FIX: Ensure the same email cannot be invited twice

When creating a new invite with a duplicated email, the old invite will
be updated and returned. When updating an invite with a duplicated email
address, an error will be returned.

* FIX: not Ember helper does not exist

* FIX: Sync can_invite_to_forum? and can_invite_to?

The two methods should perform the same basic set of checks, such as
check must_approve_users site setting.

Ideally, one of the methods would call the other one or be merged and
that will happen in the future.

* FIX: Show invite to group if user is group owner
2021-05-12 13:06:39 +03:00
Krzysztof Kotlarek 4a2912233c
FIX: flaky specs after topic view custom filters (#13019)
* FIX: flaky specs after topic view custom filters

When ensuring TopicView class variables return to the original state it should use empty Hash instead of empty Array. That

https://github.com/discourse/discourse/blob/master/lib/topic_view.rb#L60

* FIX: convert to string for topic view custom filter
2021-05-11 11:24:14 +10:00
Krzysztof Kotlarek a4bd1806d9
FEATURE: ability to register custom filters for posts (#12938)
Allow plugins to extend TopicView to filter posts
2021-05-10 08:57:58 +10:00
Penar Musaraj 9bc126949e
DEV: Support referencing public images in plugins in SCSS (#12930) 2021-05-03 14:40:02 -04:00
Joffrey JAFFEUX d16a39dc53
FIX: prevents exception when text input is nil (#12922)
nil was converted to "" and the matching regex would return [] and then be converted to nil with max usage.

Example exception:

```
NoMethodError (undefined method `<=' for nil:NilClass)

lib/text_sentinel.rb:71:in `seems_unpretentious?'
lib/validators/quality_title_validator.rb:13:in `validate_each'
lib/topic_creator.rb:25:in `valid?'
```
2021-05-03 09:21:35 +02:00
Gerhard Schlager 4f36f604c8
FIX: Looking up translation overrides by symbol failed when `count` is used (#12896) 2021-04-30 13:54:45 +02:00
David Taylor 1bc1a439ee
PERF: Ensure locales are always handled as symbols internally (#12897)
Sometimes, parts of the application pass in the locale as a string, not a symbol. This was causing the translate_accelerator to cache two versions of the locale separately: one cache for the symbol version, and one cache for the string version. For example, in a running production process:

```
irb(main):001:0> I18n.instance_variable_get(:@loaded_locales)
=> [:en, "en"]
```

This commit ensures the `locale` key is always converted to a symbol, and adds a spec to ensure the same locale cannot appear twice in `@loaded_locales`
2021-04-30 10:56:27 +01:00
Robin Ward 51f872f13a
DEV: Require Ember CLI to be used in development mode (#12738)
We really want to encourage all developers to use Ember CLI for local
development and testing. This will display an error page if they are not
with instructions on how to start the local server.

To disable it, you can set `NO_EMBER_CLI=1` as an ENV variable
2021-04-29 14:13:36 -04:00
Bianca Nenciu e6329d3007
FIX: Gracefully handle inline images in emails (#12855) 2021-04-29 10:17:33 +03:00
Régis Hanol cd93d1b5f7
FEATURE: new 'trim_incoming_emails' site setting (#12874)
This setting allows admin to de/activate automatic trimming of incoming email.
There are instances where it does wonders in trimming all the garbage content and other
instances where it's so bad that it trims the most important part of the email.

FIX: don't remove hidden content using the style attribute when converting HTML to Markdown.
The regexp used was doing more harm than good. It was way too broad.

FIX: properly elide signatures from emails sent with Front App.
This is fairly safe as Front App nicely identifies signatures in the HTML part.
2021-04-28 17:08:48 +02:00
Régis Hanol bea1fc1ab8
FEATURE: TL4 & category moderators can merge posts (#12843)
This gives TL4 users and category moderators the ability to merge posts in topics they have moderation privileges.
2021-04-27 18:24:27 +02:00
Bianca Nenciu 8aeeadd8b0
FIX: Replace use of regular expression (#12838)
It used a regular expression to check if message IDs were in RFC format.
2021-04-27 08:48:51 +03:00
Bianca Nenciu 765ba1ab2d
FEATURE: Ignore anonymous page views on private sites (#12800)
For sites with login_required set to true, counting anonymous pageviews is
confusing. Requests to /login and other pages would make it look like
anonymous users have access to site's content.
2021-04-26 14:19:47 +03:00
Robin Ward e3b1d1a718
DEV: Improve Ember CLI's bootstrap logic (#12792)
* DEV: Give a nicer error when `--proxy` argument is missing

* DEV: Improve Ember CLI's bootstrap logic

Instead of having Ember CLI know which URLs to proxy or not, have it try
the URL with a special header `HTTP_X_DISCOURSE_EMBER_CLI`. If present,
and Discourse thinks we should bootstrap the application, it will
instead stop rendering and return a HTTP HEAD with a response header
telling Ember CLI to bootstrap.

In other words, any time Rails would otherwise serve up the HTML for the
Ember app, it stops and says "no, you do it."

* DEV: Support asset filters by path using a new options object

Without this, Ember CLI's bootstrap would not get the assets it wants
because the path it was requesting was different than the browser path.
This adds an optional request header to fix it.

So far this is only used by the styleguide.
2021-04-23 10:24:42 -04:00
Bianca Nenciu 8c4a11c006
DEV: Move autotag to topic creator (#12790)
This move was necessary to automatically tag the topic with the right
tags from creation time. The process post job may be delayed for a
short time.
2021-04-23 16:55:34 +03:00
Penar Musaraj c11d75da87
FEATURE: Allow pausing animated images in posts (#12795)
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-04-22 11:28:35 -04:00
Joffrey JAFFEUX 0eeedf307a
DEV: replaces huge generated emoji list by a simpler regex (#11053)
Note that this commit is also fixing various mistakes in emojis.

Some of them have been fixed manually in db.json/data.js/groups.json and will need to be fixed in emoji-db gem.
2021-04-22 08:43:06 +02:00
Roman Rizzi 6b613e3076
FEATURE: Review every post using the review queue. (#12734)
* FEATURE: Review every post using the review queue.

If the `review_every_post` setting is enabled, posts created and edited by regular uses are sent to the review queue so staff can review them. We'll skip PMs and posts created or edited by TL4 or staff users.

Staff can choose  to:

- Approve the post (nothing happens)
- Approve and restore the post (if deleted)
- Approve and unhide the post (if hidden)
- Reject and delete it
- Reject and keep deleted (if deleted)
- Reject and suspend the user
- Reject and silence the user

* Update config/locales/server.en.yml

Co-authored-by: Robin Ward <robin.ward@gmail.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2021-04-21 08:41:36 -03:00
Martin Brennan e3b1f5721b
FIX: Enforce tag group count validation before sending to review queue (#12728)
There is a category setting that enforces 1 or more tags must be added to a topic from a specific tag group before creating it. This validation was not being run before the topic was being sent to a review queue for categories that have that setting enabled.

There was an existing validation in `TopicCreator` but it was not correct; it was only validating when the tags did _not_ exist and also only happened on `create`. I now run the validation in `TopicCreator.valid?`

I also improved the error message shown to the user when they have not added the tags required (showing the tag names from the tag group), and changed the composer tag selector to not show "optional" if there are N tags required from a certain group.
2021-04-19 09:43:50 +10:00
Bianca Nenciu 96a16123d8
FIX: Generate unique HTML heading names (#12705)
Headings with the exact same name generated exactly the same heading
names, which was invalid. This replaces the old code for generating
names for non-English headings which were using URI encode and resulted
in unreadable headings.
2021-04-16 10:54:19 +03:00
David Taylor 0ec5fd5262
DEV: Raise exception when execute_command will spawn a shell (#12716) 2021-04-15 16:29:37 +01:00
Mark VanLandingham 1d85574d52
FIX: Don't show the get a room composer message in private categories (#12702) 2021-04-14 12:34:13 -05:00
Bianca Nenciu 21d1ee1065
FIX: Use Nokogiri and Loofah consistently (#12693)
CookedPostProcessor used Loofah to parse the cooked content of a post
and Nokogiri to parse cooked Oneboxes. Even though Loofah is built on
top of Nokogiri, replacing an element from the cooked post (a Nokogiri
node) with a parsed onebox (a Loofah node) produced a strange result
which included XML namespaces. Removing the mix and using Loofah
to parse Oneboxes fixed the problem.
2021-04-14 18:09:55 +03:00
Bianca Nenciu e4e2c7c66f
FIX: Improve anchor links (#12683)
* FIX: Use theme color for anchor icon

* FIX: Do not count anchor links

* FIX: Do not count hashtags links either

* DEV: Add tests for link_count

* FIX: Disable anchors in quotes and preview

* FIX: Try building some anchor slugs for unicode

* DEV: Fix tests
2021-04-14 10:27:07 +03:00
Martin Brennan eeaecd4fd2
FEATURE: Category setting to allow unlimited first post edits by the owner of the topic (#12690)
This PR adds a new category setting which is a column in the `categories` table, `allow_unlimited_owner_edits_on_first_post`.

What this does is:

* Inside the `can_edit_post?` method of `PostGuardian`, if the current user editing a post is the owner of the post, it is the first post, and the topic's category has `allow_unlimited_owner_edits_on_first_post`, then we bypass the check for `LimitedEdit#edit_time_limit_expired?` on that post.
* Also, similar to wiki topics, in `PostActionNotifier#after_create_post_revision` we send a notification to all users watching a topic when the OP is edited in a topic with the category setting `allow_unlimited_owner_edits_on_first_post` enabled.

This is useful for forums where there is a Marketplace or similar category, where topics are created and then updated indefinitely by the OP rather than the OP making new topics or additional replies. In a way this acts similar to a wiki that only one person can edit.
2021-04-14 15:54:09 +10:00
David Taylor 65647000a1
DEV: Allow `Discourse::Utils.execute_command` timeout with `env` (#12672)
Followup to 5deda5ef3e

The first argument to `Open3.capture3` can be an environment variable hash. In this case, we need to insert the `timeout` command after the env hash.
2021-04-12 13:53:41 +01:00
Penar Musaraj abb0a4bae2
DEV: Add SCSS helper to replace `asset-uri` and `image-uri` (#12664) 2021-04-12 13:57:39 +10:00
Sam 5deda5ef3e
FIX: automatically timeout long running image magick commands (#12670)
Previously certain images may lead to convert / identify to run for unreasonable
amounts of time

This adds a maximum amount of time these commands can run prior to forcing
them to stop
2021-04-12 13:55:54 +10:00
Sam 5b342ae505
FIX: remove superfluous spaces from CJK blurbs (#12629)
Previously we used the raw data indexed to generate blurbs even for cases
when Chinese/Korean/Japanese text was used.

This caused superfluous spaces to show up in excerpts.
2021-04-12 12:46:42 +10:00
jbrw 50252d803e
DEV: stub youtube embed requests (#12637)
* DEV: stub youtube embed requests

* DEV: Ignore redirects on youtube.com when oneboxing
2021-04-07 13:32:27 -04:00
Roman Rizzi 5e4c0e2caa
FEATURE: Treat site settings as plain text and add a new HTML type. (#12618)
To add an extra layer of security, we sanitize settings before shipping them to the client. We don't sanitize those that have the "html" type.

The CookedPostProcessor already uses Loofah for sanitization, so I chose to also use it for this. I added it to our gemfile since we installed it as a transitive dependency.
2021-04-07 12:51:19 -03:00
Ahmed Gagan 2308a58113
DEV: Added support for custom site setting 'emoji_list' (#12414)
Example usage:

```
best_emojis:
    type: emoji_list
    default: laughing|open_mouth|cry|angry|hugs
    client: true
```
2021-04-07 15:32:05 +02:00
Bianca Nenciu e026af11ac
FIX: Simplify send PM to email settings (#12583)
This feature used to be controlled by two site settings 
enable_personal_email_messages and min_trust_to_send_email_messages.
I removed enable_personal_email_messages and unhide 
min_trust_to_send_email_messages to simplify the process of 
enabling / disabling this feature.
2021-04-06 15:39:27 +03:00
Arpit Jalan 6234d7455b
FEATURE: add maximum limit for secondary emails (#12599) 2021-04-05 20:31:42 +05:30
Arpit Jalan c478ffc662
FIX: post merging was failing silently (#12566)
https://meta.discourse.org/t/merging-very-long-posts-removes-them/183597
2021-04-01 06:46:18 +05:30
jbrw 68d0916eb5
FEATURE: Oneboxer cache response body (#12562)
* FEATURE: Cache successful HTTP GET requests during Oneboxing

Some oneboxes may fail if when making excessive and/or odd requests against the target domains. This change provides a simple mechanism to cache the results of succesful GET requests as part of the oneboxing process, with the goal of reducing repeated requests and ultimately improving the rate of successful oneboxing.

To enable:

Set `SiteSetting.cache_onebox_response_body` to `true`

Add the domains you’re interesting in caching to `SiteSetting. cache_onebox_response_body_domains` e.g. `example.com|example.org|example.net`

Optionally set `SiteSetting.cache_onebox_user_agent` to a user agent string of your choice to use when making requests against domains in the above list.

* FIX: Swap order of duration and value in redis call

The correct order for `setex` arguments is `key`, `duration`, and `value`.

Duration and value had been flipped, however the code would not have thrown an error because we were caching the value of `1.day.to_i` for a period of 1 seconds… The intention appears to be to set a value of 1 (purely as a flag) for a period of 1 day.
2021-03-31 13:19:34 -04:00
Bianca Nenciu 52a5c7e438
FIX: Improve error messages if user cannot send PM emails (#12547) 2021-03-30 12:18:57 +03:00
Martin Brennan 8de07181a8
FEATURE: Add new :topic_tags_changed DiscourseEvent (#12530)
This is called in DiscourseTagging.tag_topic_by_names only after
all the validations etc. have been passed, and after topic.tags = X
has been called (because this is when the associations are created/
destroyed). The event has the topic, then a second param with the
old and new tag names in arrays for easy inspection.
2021-03-26 13:53:47 +10:00
Krzysztof Kotlarek c03c85e661
FIX: delete orphan post revisions (#12502)
I was adding specs to ensure that post actions and uploads are removed for permanently deleted posts.

I noticed that post revisions were not permanently destroyed. I added a migration to fix old data.
2021-03-25 12:34:53 +11:00
Martin Brennan ea6f9af08b
FIX: Add topic_diff to PostRevisor (#12518)
The instance of the PostRevisor is passed to the post_edited
event. It is useful to know what has happened to the topic in
this event (we already pass a boolean for topic_changed? but that
is not so helpful by itself).
2021-03-25 10:24:50 +10:00
Penar Musaraj e4f3a04d53
DEV: Move color definition functions to mixins (#12511) 2021-03-24 18:35:52 -04:00
Bianca Nenciu e7fb45cc29
FEATURE: Treat emoji or similar characters as one (#12482)
Long messages consisting only of emojis, dots or commas used to be
valid because character-wise they were over the limit.
2021-03-24 16:47:35 +02:00
Jarek Radosz 6ff888bd2c
DEV: Retry-after header values should be strings (#12475)
Fixes `Rack::Lint::LintError: a header value must be a String, but the value of 'Retry-After' is a Integer`. (see: 14a236b4f0/lib/rack/lint.rb (L676))

I found it when I got flooded by those warning a while back in a test-related accident 😉 (ember CLI tests were hitting a local rails server at a fast rate)
2021-03-23 20:32:36 +01:00
Penar Musaraj 066c59d0e3
FIX: Regression in colors used by non-default theme (#12492)
eb7f0ec caused this regression, where a non-default theme set to use
the base color scheme was resolving to the default theme's color scheme.
2021-03-23 12:46:25 -04:00
Bianca Nenciu 2ad9b3f432
FEATURE: Add anchor links to headings (#12379) 2021-03-23 10:45:06 +02:00
Dan Ungureanu 4e46732346
FEATURE: Implement browser update in crawler view (#12448)
browser-update script does not work correctly in some very old browsers
because the contents of <noscript> is not accessible in JavaScript.
For these browsers, the server can display the crawler page and add the
browser update notice.

Simply loading the browser-update script in the crawler view is not a
solution because that means all crawlers will also see it.
2021-03-22 19:41:42 +02:00
Martin Brennan 6eb0d0c38d
SECURITY: Fix is_private_ip for RateLimiter to cover all cases (#12464)
The regular expression to detect private IP addresses did not always detect them successfully.
Changed to use ruby's in-built IPAddr.new(ip_address).private? method instead
which does the same thing but covers all cases.
2021-03-22 13:56:32 +10:00
Martin Brennan 355d51afde
FEATURE: Allow using invites when DiscourseConnect SSO is enabled (#12419)
This PR allows invitations to be used when the DiscourseConnect SSO is enabled for a site (`enable_discourse_connect`) and local logins are disabled. Previously invites could not be accepted with SSO enabled simply because we did not have the code paths to handle that logic.

The invitation methods that are supported include:

* Inviting people to groups via email address
* Inviting people to topics via email address
* Using invitation links generated by the Invite Users UI in the /my/invited/pending route

The flow works like this:

1. User visits an invite URL
2. The normal invitation validations (redemptions/expiry) happen at that point
3. We store the invite key in a secure session
4. The user clicks "Accept Invitation and Continue" (see below)
5. The user is redirected to /session/sso then to the SSO provider URL then back to /session/sso_login
6. We retrieve the invite based on the invite key in secure session. We revalidate the invitation. We show an error to the user if it is not valid. An additional check here for invites with an email specified is to check the SSO email matches the invite email
7. If the invite is OK we create the user via the normal SSO methods
8. We redeem the invite and activate the user. We clear the invite key in secure session.
9. If the invite had a topic we redirect the user there, otherwise we redirect to /

Note that we decided for SSO-based invites the `must_approve_users` site setting is ignored, because the invite is a form of pre-approval, and because regular non-staff users cannot send out email invites or generally invite to the forum in this case.

Also deletes some group invite checks as per https://github.com/discourse/discourse/pull/12353
2021-03-19 10:20:10 +10:00
Dan Ungureanu 033d6b6437
FEATURE: Obfuscate emails on invite show page (#12433)
The email should not be ever displayed in clear text, except the case
when the user authenticates using another service.
2021-03-18 19:09:23 +02:00
Roman Rizzi da210b6d77
FEATURE: Replace markdown-it replacements rule. (#12417)
We override the default replacements rule to no longer replace "(c)", "(p)", and "(p)". Additionally, we merged the custom arrows rule into the replacement function.
2021-03-18 10:55:41 -03:00
Penar Musaraj eb7f0ec766
FIX: In components, fall back to default theme color variables (#12423)
Component SCSS compilation should use the current theme's SCSS color
variables as a fallback before using the default core colors.

This is mostly a backwards-compatibility fix, new themes and components
should use CSS custom properties, which offer better support for on-the-fly
color scheme changes (dark mode support, etc.).
2021-03-17 13:34:15 -04:00
Sam 6c57f6f49d
DEV: ensure state is clean prior to spec (#12399)
Corrects flaky spec

Previously we were only clearing state after our spec ran, leaving possible
edge cases where `Discourse.plugins` had data.

Clean-up source of the plugin leak

1 pop was not enough to clear the plugin, plus make specs a bit more
deliberate
2021-03-15 09:11:23 +01:00
Penar Musaraj 52d833472c
DEV: Refactor plugin SCSS compilation (#12359) 2021-03-12 11:17:42 -05:00
Roman Rizzi 56262349a9
FIX: When destroying a topic, destroy its associated published page. (#12358)
Destroying a topic should remove the associated published page so another topic could re-use the slug.
2021-03-11 11:34:54 -03:00
Roman Rizzi 8fcad73b36
FEATURE: Admins can flag posts so they can review them later. (#12311)
Staff can send a post to the review queue by clicking the "Flag Post" button next to "Take Action...". Clicking it flags the post using the "Notify moderators" score type and hides it. A custom message will be sent to the user.
2021-03-11 08:21:24 -03:00
Penar Musaraj 10780d2448
DEV: support json_schema in theme settings (#12294) 2021-03-10 20:15:04 -05:00
Sam 9fb9a2c098
DEV: freeze time when running rate limiter tests (#12315)
This avoids issues around clock skew making retry-after return 9 instead of
10
2021-03-11 10:47:23 +11:00
jbrw aed97c7bab
FIX: Add amazon sites to force_get_hosts (#12341)
It has been observed that doing a HEAD against an Amazon store URL may result in a 405 error being returned.

Skipping the HEAD request may result in an improved oneboxing experience when requesting these URLs.
2021-03-10 14:42:17 -05:00
Penar Musaraj 4071af1d09
DEV: Refactor font and category background importers (#12312) 2021-03-10 11:05:56 -05:00
Bianca Nenciu 9bd436c20b
FIX: Do not add same email multiple times (#12322)
The user and an admin could create multiple email change requests for
the same user. If any of the requests was validated and it became
primary, the other request could not be deleted anymore.
2021-03-10 14:49:26 +02:00
Alan Guo Xiang Tan ce04db8610 FEATURE: Allow invites redemption with Omniauth providers. 2021-03-09 09:27:18 +08:00
Alan Guo Xiang Tan ebe4896e48 FEATURE: Change very high/low search priority to rank at absolute ends.
Prior to this change, we had weights for very_high, high, low and
very_low. This means there were 4 weights to tweak and what weights to
use for `very_high/high` and `very_low/low` pair was hard to explain.
This change makes it such that `very_high` search priority will always
ensure that the posts are ranked at the top while `very_low` search
priority will ensure that the posts are ranked at the very bottom.
2021-03-09 09:20:37 +08:00
Krzysztof Kotlarek 38ab45cb93
FIX: check min tag count requirement when change category (#12252)
When a category is created, we can set `minimum_required_tags` property.

When the topic is created, we are checking that field and ensuring that the minimum amount of tags were added - unless topic created by a staff member.

Problem is that validation is skipped when we change the category from for example category with 0 tags required to the category with 1 tag required.

Changing category is kind of the unicorn as it is a complicated operation:

https://github.com/discourse/discourse/blob/master/lib/post_revisor.rb#L84

https://github.com/discourse/discourse/blob/master/app/models/topic.rb#L911

https://github.com/discourse/discourse/blob/master/app/models/topic.rb#L823

Before we start to try to change the category, we should ensure that the tags requirement is fulfilled.

https://meta.discourse.org/t/the-category-setting-for-tags-is-not-respected/181214
2021-03-03 10:59:23 +11:00
Rafael dos Santos Silva 83f332b5a5
FEATURE: Add a site setting to allow emojis to come from an external URL (#12180) 2021-03-02 16:04:16 -03:00
David Taylor 8fd46c04ea
Drop flash video onebox (#12261)
Flash was discontinued by Adobe at the end of 2020. There is no need to continue OneBox support for it
2021-03-02 17:11:14 +00:00
Osama Sayegh c0e2fdd200
FIX: Components mobile-specific CSS was missing (#12259)
Fix for: https://meta.discourse.org/t/our-components-stop-working/181580?u=osama.

This fixes an old hidden bug that was exposed in cf0192018e. The bug is that we call the `Stylesheet::Manager.stylesheet_details` method with the `target` arg as `:mobile_theme` when we want to retrieve a theme component's mobile CSS. The problem is that this `target` value will at some point be looked up in the `Theme.targets` enum which doesn't have a `:mobile_theme` key, instead it has `:mobile` key.

This commit adds a step that removes the `_theme` suffix in the `Theme.list_baked_fields` method to fix this problem.
2021-03-02 17:20:43 +03:00
Penar Musaraj 6809cccd88
DEV: Add experimental json_scheme site setting type (#12226) 2021-03-01 09:15:17 -05:00
Penar Musaraj bfa3e24e48
FIX: Update digest when updating color definitions in theme component (#12233) 2021-03-01 09:14:58 -05:00
Penar Musaraj cf0192018e
FIX: Do not output empty style tags for components (#12229) 2021-03-01 09:14:25 -05:00
Penar Musaraj aa1442fdc3
DEV: Use separate files for theme component stylesheets (take 2) (#12225)
This switches to outputting a separate file for each theme component CSS
asset. We have separate CSS plugin files, separate JS files
(for plugins/themes/components), it makes sense to do the same for
component CSS assets.

Benefits:
- easier debugging
- fixes a regression with theme component sourcemaps
- changes to theme components are updated individually

With HTTP/2, there is also no performance downside to having additional
files in the initial request.
2021-02-26 12:30:23 -05:00
Penar Musaraj e74bdfdf8e
Revert "DEV: Use separate files for theme component stylesheets (#12214)" (#12224)
This reverts commit f57a49c2f9.

This had some unexpected side effects, needs some more work.
2021-02-26 08:20:39 -05:00
Penar Musaraj 45c5fd2172
DEV: Remove JoyPixels emoji option (#12197)
- removes the option from site settings
- deletes the site setting on existing sites that have it
- marks posts using emojis as requiring a rebake

Note that the actual image files are not removed here, the plan is to
remove them in a few weeks/months (when presumably the rebaking of old
posts has been completed).
2021-02-26 07:44:52 -05:00
Penar Musaraj f57a49c2f9
DEV: Use separate files for theme component stylesheets (#12214)
This switches to outputting a separate file for each theme component CSS
asset. We have separate CSS plugin files, separate JS files
(for plugins/themes/components), it makes sense to do the same for
component CSS assets.

Benefits:
- easier debugging
- fixes a regression with theme component sourcemaps
- changes to theme components are updated individually

With HTTP/2, there is also no performance downside to having additional
files in the initial request.
2021-02-26 07:44:15 -05:00
jbrw fff8a24f2b
FIX: Don’t display error if only error is a missing image (#12216)
`Onebox.preview` can return 0-to-n errors, where the errors are missing OpenGraph attributes (e.g. title, description, image, etc.). If any of these attributes are missing, we construct an error message and attach it to the Oneboxer preview HTML. The error message is something like:

 “Sorry, we were unable to generate a preview for this web page, because the following oEmbed / OpenGraph tags could not be found: description, image”

However, if the only missing tag is `image` we don’t need to display the error, as we have enough other data (title, description, etc.) to construct a useful/complete Onebox.
2021-02-25 14:30:40 -05:00
Bianca Nenciu 533800a87b
Add watched words of type "replace" (#12020)
This commit includes other various improvements to watched words.

auto_silence_first_post_regex site setting was removed because it overlapped
with 'require approval' watched words.
2021-02-25 14:00:58 +02:00
Bianca Nenciu a9a93b15ec
FIX: Strip whitespace from URL before validating (#12174) 2021-02-25 13:31:38 +02:00
Bianca Nenciu 0c8d658ba8
SECURITY: Prefer Loofah for processing cooked HTML 2021-02-24 17:17:49 +02:00
Penar Musaraj c0fd4ab9d6
DEV: Remove deprecated plugins variables importer (#12168) 2021-02-23 16:20:59 -05:00
Penar Musaraj 0620f6298e
UX: Remove emoji step in wizard (#12169) 2021-02-22 12:14:18 -05:00
Penar Musaraj 5604ce70d4
DEV: More refactoring of SCSS importers (#12143) 2021-02-19 11:22:24 -05:00
Penar Musaraj 7ee660a017
FIX: Sort admin dashboard new updates by latest (#12146) 2021-02-19 11:03:36 -05:00
romanrizzi 7aae498e3e DEV: Clear custom API Key scopes after testing. 2021-02-18 14:21:14 -05:00
Bianca Nenciu 3246c3cc92
DEV: Update mail and use fork (#10639)
Version 2.8 brings some changes to how address fields are handled and
this commits updates that and should also include a fix which handles
encoded attachment filenames.

The fork contains a bugfix to correctly decode mail attachments.
2021-02-18 20:15:02 +02:00
jbrw 447ea3f888
FIX: NewPostManager should respect category_group_moderator settings (#12116)
NewPostManager’s `post_needs_approval_in_its_category` method should allow category group moderators to create topics/reply to topics that where they have appropraite permissions.

(ie, if a user has permission to moderate a post, any posts made by them shouldn’t be sent to moderation)
2021-02-18 13:00:06 -05:00
Roman Rizzi 07cf0f9460
FIX: Allow plugins to correctly extend API key scopes. (#12113)
Adding a scope from a plugin was broken. This commit fixes it and adds a test.

It also documents the instance method and renames the serialized "id" attribute to "scope_id" to avoid a conflict when the scope also has a parameter with the same name.
2021-02-17 14:42:44 -03:00
Arpit Jalan 85c4e8fd32
FEATURE: support `mark` tag (#12088)
This commit adds support for `mark` tag for highlighting text content.
2021-02-15 21:47:30 +05:30
Daniel Waterworth df8436cd7f
FIX: Don't add a slug to constructed quote urls (#12052)
A topic with the slug 'topic' might exist and may end up being linked to
by mistake when malformed (i.e. cross-site) quotes are posted.
2021-02-11 12:21:13 -06:00
David Taylor 66151d8056
FIX: Handle empty email address from authentication provider (#12046)
If no email is provided, email_valid should be set false, so that
Discourse can prompt the user for an email and verify it.

This fixes signups via twitter for accounts with no email address.
2021-02-11 16:26:43 +00:00
David Taylor 830797a9c3
FEATURE: Allow post/topic thumbnails to be prioritized via markdown (#12044)
Previously we would always take the first image in a post to use as the
thumbnail. On media-heavy sites, users may want to manually select a
specific image as the topic thumbnail. This commit allows this to be
done via a `|thumbnail` attribute in markdown.

For example, in this case, bbb would be chosen as the thumbnail:

```
![alttext|100x100](upload://aaa)
![alttext|100x100|thumbnail](upload://bbb)
```
2021-02-11 15:44:41 +00:00
Penar Musaraj 544a4e4b48
UX: Changes to new features section in admin dashboard (#12029) 2021-02-10 13:12:04 -05:00
David Taylor 821bb1e8cb
FEATURE: Rename 'Discourse SSO' to DiscourseConnect (#11978)
The 'Discourse SSO' protocol is being rebranded to DiscourseConnect. This should help to reduce confusion when 'SSO' is used in the generic sense.

This commit aims to:
- Rename `sso_` site settings. DiscourseConnect specific ones are prefixed `discourse_connect_`. Generic settings are prefixed `auth_`
- Add (server-side-only) backwards compatibility for the old setting names, with deprecation notices
- Copy `site_settings` database records to the new names
- Rename relevant translation keys
- Update relevant translations

This commit does **not** aim to:
- Rename any Ruby classes or methods. This might be done in a future commit
- Change any URLs. This would break existing integrations
- Make any changes to the protocol. This would break existing integrations
- Change any functionality. Further normalization across DiscourseConnect and other auth methods will be done separately

The risks are:
- There is no backwards compatibility for site settings on the client-side. Accessing auth-related site settings in Javascript is fairly rare, and an error on the client side would not be security-critical.
- If a plugin is monkey-patching parts of the auth process, changes to locale keys could cause broken error messages. This should also be unlikely. The old site setting names remain functional, so security-related overrides will remain working.

A follow-up commit will be made with a post-deploy migration to delete the old `site_settings` rows.
2021-02-08 10:04:33 +00:00
Kris ded0f5b4e5
UX: Remove Helvetica from our font stack (#11876)
Arial is more consistently available across operating systems and aligns better.
2021-02-05 17:01:21 -05:00
Alan Guo Xiang Tan 4b3f65bb26 FIX: Select earliest post when aggregating posts in a topic for search.
This is a revert of
d8c796bc44
and
5bf0a0893b.

Linking to the post within a topic that has the highest rank was
confusing users and hard to explain because ranking is determined via
the PG ranking function. See the following meta topics for the
complaints after we switch to the new ordering:

1. https://meta.discourse.org/t/title-search-not-working-as-expected/157737
2. https://meta.discourse.org/t/search-results-should-prioritize-first-post-in-topic-when-title-matches-search-term/175154
2021-02-05 09:52:53 +08:00
Martin Brennan 4af77f1e38
FEATURE: Allow durations < 1 hour and < 1 day for topic timers where duration is specified (auto delete replies, close based on last post) (#11961)
This PR allows entering a float value for topic timers e.g. 0.5 for 30 minutes when entering hours, 0.5 for 12 hours when entering days. This is achieved by adding a new column to store the duration of a topic timer in minutes instead of the ambiguous both hours and days that it could be before.

This PR has ommitted the post migration to delete the duration column in topic timers; it will be done in a subsequent PR to ensure that no data is lost if the UPDATE query to set duration_mintues fails.

I have to keep the old keyword of duration in set_or_create_topic_timer for backwards compat, will remove at a later date after plugins are updated.
2021-02-05 10:12:56 +10:00
Penar Musaraj 12ffba771c
FIX: Improve SCSS handling in components (#11963)
- ignores errors when including component SCSS in parent theme
- adds support for SCSS `@import`s in components' `color_definitions.scss` files
2021-02-04 08:51:18 -05:00
Krzysztof Kotlarek f39e7fe81d
FEATURE: New way to dismiss new topics (#11927)
This is a try to simplify logic around dismiss new topics to have one solution to work in all places - dismiss all-new, dismiss new in a specific category or even in a specific tag.
2021-02-04 11:27:34 +11:00
Arpit Jalan 7f86a310ef
FEATURE: check `blocked_onebox_domains` setting for inline oneboxes (#11944) 2021-02-03 21:45:22 +05:30
Penar Musaraj e8b82724fd
DEV: Refactor theme SCSS compilation (#11919) 2021-02-02 13:09:41 -05:00
Roman Rizzi e040de0c2c
DEV: New option to always destroy posts. (#11898) 2021-02-01 16:57:31 -05:00
Dan Ungureanu dd175537f3
FIX: Existing shared drafts should be accessible (#11915)
Disabling shared drafts used to leave topics in an inconsistent state
where they were not displayed as shared drafts and thus there was no
way of publishing them. Moreover, they were accessible just to users
who have permissions to create shared drafts.

This commit adds another permission check that is used for most
operations and the old can_create_shared_draft? remains used just when
creating a new shared draft.
2021-02-01 16:16:34 +02:00
Martin Brennan 4af4d36175
FIX: IMAP allow unknown senders to reply to group topics via email (#11877)
Adds a new column/setting to groups, allow_unknown_sender_topic_replies, which is default false. When enabled, this scenario is allowed via IMAP:

* OP sends an email to the support email address which is synced to a group inbox via IMAP, creating a group topic
* Group user replies to the group topic
* An email notification is sent to the OP of the topic via GroupSMTPMailer
* The OP has several email accounts and the reply is sent to all of them, or they forward their reply to another email account
* The OP replies from a different email address than the OP (gloria@gmail.com instead of gloria@hey.com for example)
* The a new staged user is created, the new reply is accepted and added to the topic, and the staged user is added to the topic allowed users

Without allow_unknown_sender_topic_replies enabled the new reply creates an entirely new topic (because the email address it is sent from is not previously part of the topic email chain).
2021-01-29 09:59:10 +10:00
Martin Brennan f49e3e5731
DEV: Add security_last_changed_at and security_last_changed_reason to uploads (#11860)
This PR adds security_last_changed_at and security_last_changed_reason to uploads. This has been done to make it easier to track down why an upload's secure column has changed and when. This necessitated a refactor of the UploadSecurity class to provide reasons why the upload security would have changed.

As well as this, a source is now provided from the location which called for the upload's security status to be updated as they are several (e.g. post creator, topic security updater, rake tasks, manual change).
2021-01-29 09:03:44 +10:00
Robert d8846e4fcd
FEATURE: add contact emails metadata entry to optional plugin meta (#11879) 2021-01-28 11:17:00 -05:00
Penar Musaraj 568bad75c1
FIX: Support version in new feature payload (#11841)
Followup to 4f01ca87e3
2021-01-25 16:30:43 -05:00
Joffrey JAFFEUX 21d6603245
DEV: followup to 8edd2b38cb to use existing spec (#11830)
This commit also better explains in spec why max_values might be off by one.
2021-01-25 12:04:27 +01:00
Régis Hanol aa1138ff71
FIX: reindex_search job should work on model with no search data (#11819)
Lots of changes but it's mostly a refactoring.

The interesting part that was fix are the 'load_problem_<model>_ids' methods.
They will now return records with no search data associated so they can be properly indexed for the search.
This "bad" state usually happens after a migration.
2021-01-25 11:23:36 +01:00
Penar Musaraj 4f01ca87e3
FEATURE: Add new features section in admin dashboard (#11731) 2021-01-22 10:09:02 -05:00
Robin Ward 53ab3dda5d
FIX: Embedded comments should only return regular posts (#11773)
There shoudln't be a situation where you'd want to see moderator actions
or small posts.
2021-01-21 12:47:03 -05:00
Gerhard Schlager 3b2f6e129a
FEATURE: Add English (UK) as locale (#11768)
* "English" gets renamed into "English (US)"
* "English (UK)" replaces "English"

@discourse-translator-bot keep_translations_and_approvals
2021-01-20 21:32:22 +01:00
Martin Brennan fb184fed06
DEV: Add created_via column to IncomingEmail (#11751)
This should make it easier to track down how the incoming email was created, which is one of four locations:

The POP3 poller (which picks up reply via email replies)
The admin email controller #handle_mail (which is where hosted mail is sent)
The IMAP sync tool
The group SMTP mailer, which sends emails when replying to IMAP topics, pre-emptively creating IncomingEmail records to avoid double syncing
2021-01-20 13:22:41 +10:00
Dan Ungureanu 1f2f84a6df
FIX: Add Retry-Header to rate limited responses (#11736)
It returned a 429 error code with a 'Retry-After' header if a
RateLimiter::LimitExceeded was raised and unhandled, but the header was
missing if the request was limited in the 'RequestTracker' middleware.
2021-01-19 11:35:46 +02:00
Martin Brennan 87961534ea
FEATURE: IMAP detect spammed email and delete associated Discourse topic (#11654)
This PR adds functionality for the IMAP sync code to detect if a UID that is missing from the mail group mailbox is in the Spam/Junk folder for the mail account, and if so delete the associated Discourse topic. This is identical to what we do for emails that are moved for Trash.

If an email is missing but not in Spam or Trash, then we mark the incoming email record with imap_missing: true. This may be used in future to further filter or identify these emails, and perhaps go hunting for them in the email account in bulk.

Note: This adds some code duplication because the trash and spam email detection and handling is very similar. I intend to do more refactors/improvements to the IMAP sync code in time because there is a lot of room for improvement.
2021-01-14 09:54:18 +10:00
Andrew Prigorshnev e25dd41aee
FIX: sliding window end time in rate limiter (#11691)
If the sliding window size is N seconds, then a moment at the Nth second
should be considered as the moment outside of the sliding window.

Otherwise, if the sliding window is already full, at the Nth second,
a new call wouldn't be allowed, but a time to wait before the next call
would be equal to zero, which is confusing.

In other words, the end of the time range shouldn't be included in the
sliding window.

Let's say we start at the second 0, and the sliding window size is 10
seconds. In the current version of rate limiter, this sliding window will
be considered as a time range [0, 10] (including the end of the range),
which actually is 11 seconds in length.

After this fix, the time range will be considered as [0, 10)
(excluding the end of the range), which is exactly 10 seconds in length.
2021-01-12 13:26:43 -05:00
Bianca Nenciu ec0212e56b
FIX: Make category slugs lowercase (#11277)
Admins could specify category slug with upper case characters and same slug,
but with different cases could be used simultaneously.
2021-01-12 17:28:33 +02:00
jbrw b1f32f2f57
DEV: TopicTrackingState calls should happen in the background (#11682)
* DEV: TopicTrackingState calls should happen in the background

It was observed that calling TopicTrackingState on popular topics could result in a large number of calls to redis, resulting in slow response times when posting replies.

These calls should be moved to a background job.

* DEV: PostUpdateTopicTrackingState should execute on default queue
2021-01-11 15:58:27 -05:00
Krzysztof Kotlarek efaa63bd1d
FIX: always truncate uncomplete emojis in excerpts (#11678)
Additional fix after https://github.com/discourse/discourse/pull/11667

Always truncate "broken" emojis from excerpts.
2021-01-11 13:43:11 +11:00
Krzysztof Kotlarek 7f78b6ec10
FIX: broken emojis in topic excerpt (#11667)
When a post is truncated into the excerpt, sometimes we are breaking code of emoji
2021-01-11 10:40:41 +11:00
Arpit Jalan 25b4e82601
FEATURE: allow disabling self-deletions of posts (#11668)
https://meta.discourse.org/t/restoring-deleted-messages/173647/6?u=techapj
2021-01-08 20:35:13 +05:30
Roman Rizzi e696cba071
FIX: Don't count HTML comments when calculating reply length. (#11658)
We'll remove them when we sanitize the post raw content.
2021-01-07 15:44:17 -03:00
Osama Sayegh 558e9dd310
FIX: Inline Onebox should use encoding from Content-Type header when present (#11625)
* FIX: Inline onebox should use encoding from Content-Type header when present

* Use Regexp.last_match(1)

Signed-off-by: OsamaSayegh <asooomaasoooma90@gmail.com>
2021-01-04 22:32:08 +03:00
Joffrey JAFFEUX 258888b7c4
FIX: ensures defined expired_in is passed from write to write_entry (#11622)
This commit also makes `Cache#namespace` readable to help writing tests easier and make them more robust.
2021-01-04 10:34:44 +01:00
Penar Musaraj 303f229e98
DEV: Use indexes when importing SCSS from a folder (#11591)
By default, SCSS does not support globbing. This removes our magic and uses index files to import all files in a folder.
2020-12-30 15:29:10 -05:00
David Taylor 13e39d8b9f
PERF: Improve cook_url performance for topic thumbnails (#11609)
- Only initialize the S3Helper when needed
- Skip initializing the S3Helper for S3Store#cdn_url
- Allow cook_url to be passed a `local` hint to skip unnecessary checks
2020-12-30 18:13:13 +00:00
Penar Musaraj 79fe97c2bc
DEV: Fix precompile SCSS specs (#11590) 2020-12-28 15:28:37 -05:00
Sam adf8539f64
FIX: allow for final sigma in suggested usernames (#11540)
Final sigma is not lower cased correctly in Ruby causing issues with routing.

This works around the issue by downcasing all usernames containing a sigma using JS.
2020-12-23 08:51:36 +11:00
Daniel Waterworth a4fb28ccd8
FIX: Disallow zero-width and other non-printing characters in tags (#11546) 2020-12-22 09:27:37 -06:00
Guo Xiang Tan d10d296e92 FIX: Search topic title headline being truncated.
Need to apply the `HighlightAll` option in order to avoid topic titles
from truncated in headlines when displaying search results.
2020-12-22 09:09:47 +08:00