Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
34,562 Commits 181 Branches 500 Tags 920 MiB
Commit Graph

24 Commits

Author SHA1 Message Date
Jarek Radosz d407bcab36 FIX: Correctly escape category description text (#8107) 
* FIX: Correctly escape category description text

This bug has been introduced in db14e10943.

* Remove unnecessary `html_safe`

`Theme.lookup_field` already returns html-safe strings: 7ad338e3e6/app/models/theme.rb (L237-L242)

* Rename `description` where it's acutally `descriptionText`
 2019-10-01 12:04:39 -04:00
David Taylor 213b7d19d9 UX: Fallback to unlocalized auth provider name if required 2019-08-13 01:22:02 +01:00
David Taylor 3b8c468832 SECURITY: Require POST with CSRF token for OmniAuth request phase 2019-08-08 11:58:00 +01:00
Kyle Zhao a6eca28ec6
CSP - extract all other inline JavaScripts (#6528) 
* wizard page inline js

* print topic inline js

* drop JS for preventing double submission

this is the default behavior with Rails' UJS `disable_with` helper

* omniauth complete redirect JS

* account activate inline js
 2018-10-25 09:52:01 -04:00
Vinoth Kannan f08995c390 Remove unused code lines 2017-12-29 12:32:18 +05:30
Neil Lalonde 66e53f449a UX: Auth complete page/modal has a link to continue to the site to accomodate auth methods that can't automatically redirect to Discourse 2017-11-21 13:56:19 -05:00
Robin Ward cef64e8f03 UX: Use `no_ember` styling for omniauth error page 2017-11-15 14:04:26 -05:00
Robin Ward f7c303c82e FIX: If there's no `window.opener` use the localStorage method for login 2016-07-08 14:45:34 -04:00
Robin Ward eff2865278 FIX: Support create account on facebook browser 2016-06-10 11:12:46 -04:00
Robin Ward 171dbd4b09 Allow redirects on Facebook Browser 2016-06-09 15:51:46 -04:00
Robin Ward f6eb5e823b Temporarily remove FB browser redirect 2016-06-09 15:35:17 -04:00
Robin Ward ba5993ae79 FIX: Invalid escaping of URL 2016-06-09 15:10:21 -04:00
Robin Ward 4730c82b3a FIX: Detect `window.opener` 2016-06-09 14:51:38 -04:00
Robin Ward eee15dfe7f FIX: On facebook browser, don't close the window but redirect instead 2016-06-09 14:20:44 -04:00
Sam b6c2aa13e6 clean up implementation of non frame login / registration 2015-10-13 14:49:09 +11:00
Sam fab51496cb correct full screen login feature 2015-10-13 13:11:49 +11:00
Sam b3aebca406 FEATURE: allow auto provider to specify "full screen login" 
this feature means we attempt to log in without opening a frame.
 2015-10-13 12:23:34 +11:00
Sam 57e3323663 redirect back to base uri if there is no window opener. 2015-10-13 12:03:43 +11:00
Robin Ward b4960d48b4 Better support for passing up errors when OmniAuth fails after auth 2015-06-24 12:12:43 -04:00
Neil Lalonde 4762b4ac24 FIX: on completion of external auth, window.close may fail because of iOS Safari bug. Prompt user to manually close the window. 2014-10-15 11:00:34 -04:00
Sam 075002a6d5 refactoring the plugin interfaces to allow for better extensible 2013-08-26 12:59:17 +10:00
Kuba Brecka 9bf5e31f94 some more extracted strings for translation 2013-03-03 23:00:16 +01:00
Jesse Pollak ad5a5b4866 This commit adds a callback route to handle omniauth failure and removes a few unneccessary entries in en.yml 2013-02-14 18:08:40 -08:00
xdite 9189d937f7 move all logic to omniauth 
implement omniauth-facebook / omniauth-twitter
 2013-02-13 15:08:38 +08:00