Previous to this fix we were leaking methods on the internal action view
template class per render.
This caused email generation to be very low and a steady memory leak in the
application in sidekiq when sending out emails
The behavior change is new to Rails 6 so this fix does not need to be
backported into stable.
* FEATURE: Added input for name when creating a new authenticator in user preferences
* FEATURE: Added placeholders to authenticator inputs
* Ran prettier on second-factor-add-totp.js.es6
AppEvents was always a service object in disguise, so we should move it
to the correct place in the application. Doing this allows other service
objects to inject it easily without container access.
In the future we should also deprecate `this.appEvents` without an
explicit injection too.
Added on Aug 21, 2015 in bef80633b1
The only usage removed on Aug 26, 2015 in 4ba89eec27
As far I can tell it isn't used by core or any official plugins.
* FEATURE: Adds an extra protection layer when decompressing files.
* Rename exporter/importer to zip importer. Update old locale
* Added a new composite class to decompress a file with multiple strategies
* Set max file size inside a site setting
* Ensure that file is deleted after compression
* Sanitize path and files before compressing/decompressing
This fix is needed due to what feels like an iOS Safari bug. The CSS rule `margin-bottom: env(safe-area-inset-bottom);` should not apply to the topic progress element when the composer is visible, because the element is not near the bottom of the viewport.
* Fix broken security key 2FA on mobile login.hbs
* Show nicer error message when a security key already exists
* [COPY] Disable -> Delete for security key editing
* Standardize UI elements in 2FA prefs password confirmation
* Minor fixes to label location for resetPasswordProgress
Partially reverts 94ab48c by using Safari hacks on iPad again.
This brings parity in the composer UI between iPhones and iPads
Hides grippie and fullscreen toggle button when the keyboard is visible on iPads
Clicking fast on the "top", "unread", or "latest" button when browsing a parent category page with subcategories and the setting `Show subcategory list above topics in this category` enabled would cause an exception:
```
Uncaught Error: Nothing handled the action 'triggerRefresh'. If you did handle the action, this error can be caused by returning true from an action handler in a controller, causing the action to bubble.
```
Zeitwerk simplifies working with dependencies in dev and makes it easier reloading class chains.
We no longer need to use Rails "require_dependency" anywhere and instead can just use standard
Ruby patterns to require files.
This is a far reaching change and we expect some followups here.
Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API).
Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).
Currently, the topic is only validated for censored words and should be validated for blocked words as well.
Blocked word validation is now used by both Post and Topic. To avoid code duplication, I extracted blocked words validation code into separate Validator, and use it in both places.
The only downside is that even if the topic contains blocked words validation message is saying "Your post contains a word that's not allowed: tomato" but I think this is descriptive enough.
Some site settings (e.g. `unicode_username_character_whitelist`) depend on the default locale, so we need to reset the watched settings when the locale changes.
Keeps element 1em away from the right edge of screen
Takes DiscourseHub app nav position into account on iPad
Uses outerHeight to calculate element height including padding/borders
Per new lifecycle https://developers.google.com/web/updates/2018/07/page-lifecycle-api
On Android and latest Chrome when an app transitions from "frozen" to
active the new "resume" event fires with no accompanying "visibilitychange"
event.
This means that often background tabs may be stuck thinking that discourse
has no focus when, indeed, it has.
This leads to cases where no posts are marked read anymore.
This applies to iPhones running iOS 13+.
Previous technique remains in place for iOS 12 and below.
Note that this does not apply to iPads on iOS 13 due to Apple no longer
identifying iPads in the user agent string.
Sam Saffron
Penar Musaraj
Kris
Mark VanLandingham
Robin Ward
Jarek Radosz
Kyle Zhao
Osama Sayegh
Jeff Wong
Roman Rizzi
Joffrey JAFFEUX
Mark VanLandingham
Martin Brennan
Krzysztof Kotlarek
Ryan Boder
Gerhard Schlager