Commit Graph

298 Commits

Author SHA1 Message Date
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Arpit Jalan 9758857a78 FIX: escape Vimeo iframe URL 2019-05-09 23:01:50 +05:30
Arpit Jalan 66582ed956 FIX: get vimeo URL from `data-original-href` iframe attribute 2019-04-26 17:12:07 +05:30
Bianca Nenciu b5008586c5 DEV: Remove HTML parser from Tautologistics. (#7344) 2019-04-10 11:21:22 +02:00
Tim Lange f7b156ffbd UX: Better emoji escaping for topic title (#7218)
* FIX: Fixed failing discourse-prometheus-alert-receiver plugin specs
2019-03-21 09:11:33 +01:00
Régis Hanol 6fb49e74a1
Revert "UX: Better emoji escaping for topic title (#7176)" (#7201)
This reverts commit 0d9bc0aaa6.
2019-03-19 12:02:47 +01:00
Tim Lange 0d9bc0aaa6 UX: Better emoji escaping for topic title (#7176) 2019-03-19 09:33:10 +01:00
Joffrey JAFFEUX d32557ea32 Revert "FIX: Better emoji escaping for topic title"
This reverts commit 35426b5ad6.
2019-03-13 13:02:56 +01:00
Tim Lange 35426b5ad6 FIX: Better emoji escaping for topic title
This commit also puts emojiVersion in its own erb file.
2019-03-13 11:17:59 +01:00
Tim Lange 3ff0800e50 FIX: Fixed custom emoji circumventing "max emojis in topic title" set… (#7116) 2019-03-06 12:49:17 +01:00
Régis Hanol 664e90bd17 FIX: ensure local images use local CDN when uploads are stored on S3
When the S3 store was enabled, we were only applying the S3 CDN.
So all images stored locally, like the emojis, were never put on the local CDN.

Fixed a bunch of CookedPostProcessor test by adding a call to 'optimize_urls'
in order to get final URLs.

I also removed the unnecessary PrettyText.add_s3_cdn method since this is already
handled in the CookedPostProcessor.
2019-02-20 19:24:38 +01:00
Penar Musaraj 421d47da1e FIX: user and group mentions in subfolder installs 2019-01-29 21:54:29 -05:00
David Taylor afcf149c34 FIX: Fix mentions for mixed case group names 2018-11-26 15:34:56 +00:00
Guo Xiang Tan 57e2f4990d
PERF: Move processing of inline onebox out of V8 context. (#6658) 2018-11-26 09:21:38 +08:00
Guo Xiang Tan 7f7464e3e6 DEV: Remove unused variable. 2018-11-23 08:32:29 +08:00
Guo Xiang Tan 4752ddc908 Avoid DB query when there are no mentions. 2018-11-22 16:44:17 +08:00
Guo Xiang Tan 28a6cf8228 FIX: Mention lookup should be case insensitive. 2018-11-22 16:32:56 +08:00
Guo Xiang Tan 3f636b2d19 FIX: Check whether group is mentionable by user when cooking post. 2018-11-22 16:16:33 +08:00
Guo Xiang Tan 672e95bcb4 FIX: Staged users should not be mentionable. 2018-11-22 15:00:46 +08:00
Guo Xiang Tan c5a70eca6e
PERF: Move mention lookups out of the V8 context. (#6640)
We were looking up each mention one by one without any form of caching and that results
in a problem somewhat similar to an N+1. When we have to do alot of DB
lookups, it also increased the time spent in the V8 context which may
eventually lead to a timeout. The change here makes it such that mention lookups only does a single
DB query per post that happens outside of the V8 context.
2018-11-22 14:28:48 +08:00
Vinoth Kannan 24a14af15a FIX: Respect invalidate_oneboxes option for inline oneboxes 2018-09-03 22:33:43 +05:30
Régis Hanol de92913bf4 FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
Neil Lalonde 4b2e42757d fix indent 2018-06-08 13:56:20 -04:00
Neil Lalonde b8cf0788c6 FIX: broken mailto href's in emails 2018-06-08 13:11:58 -04:00
Gerhard Schlager ea7ffac17e FIX: Paths used by PrettyText were not always initialized 2018-05-23 22:16:59 +02:00
Régis Hanol 6a006b3646 FIX: format posts for embedded comments as we do for emails 2018-05-09 19:24:44 +02:00
Régis Hanol 738f3f5229 Load missing libraries for server-side PrettyText 2018-05-05 11:21:07 +02:00
Joffrey JAFFEUX 45f657336e
FEATURE: adds support for loading existing core asset in pretty text 2018-04-10 08:37:16 +02:00
Arpit Jalan b75b6de982 FIX: respect nofollow settings for onebox links 2018-03-26 18:21:16 +05:30
Neil Lalonde 3313072957 Remove censored_pattern site setting, which is replaced by watched words 2018-02-26 16:29:27 -05:00
Sam ee0d3f15c1 FEATURE: allow better fidelity for auto linkify, disable most tlds based linkify
New site settings:

enable_markdown_linkify: which is default on, auto links https:// and http:// and mail://

markdown_linkify_tlds: which allows control of what tlds get autolinked for cases such as www.site.com, default is com|net|gov
2018-02-01 13:22:38 +11:00
Robin Ward f8164956dd Add quote and mention support for username formatters 2017-11-20 16:28:03 -05:00
ckeboss 93633865d9 Adds primary user group as a class to quote (#5285)
* Adds primary user group as a class to quote

This feature addition will add the class `group-PRIMARY_USER_GROUP` to
the quote `aside`. `PRIMARY_USER_GROUP` will be the primary user group
of the user being quoted. This is similar to the class that is added to
a `topic-post`.

* Remove trailing whitespace

* Fix avatar in test

* Address PR comments

* Fix trailing whitespace
2017-11-03 09:51:40 -04:00
Sam 70bb2aa426 FEATURE: allow specifying s3 config via globals
This refactors handling of s3 so it can be specified via GlobalSetting

This means that in a multisite environment you can configure s3 uploads
without actual sites knowing credentials in s3

It is a critical setting for situations where assets are mirrored to s3.
2017-10-06 16:20:01 +11:00
Guo Xiang Tan 23b787e0a6 Require dependency otherwise it causes Sidekiq to lock up in development. 2017-09-25 13:48:59 +08:00
Sam bcf7dc38c2 FEATURE: server side support for upload:// markdown
This allows uploads to be specified using short sha1 hash instead of full
URL

Client side change is pending
2017-08-22 11:46:23 -04:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Neil Lalonde 24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Sam e1ce47a901 Pass the full CommonMark spec 2017-07-21 13:20:52 -04:00
Robin Ward 3882722195 FEATURE: Inline (Mini) Oneboxing
see:
https://meta.discourse.org/t/mini-inline-onebox-support-rfc/66400?source_topic_id=66066
2017-07-20 15:38:04 -04:00
Guo Xiang Tan ac9c8ccf3b Fix broken specs. 2017-07-20 13:17:45 +09:00
Guo Xiang Tan 0edb0018ff Dispose of heap when we reset the context. 2017-07-20 13:10:56 +09:00
Sam Saffron d0c5205a52 Feature: Change markdown engine to markdown it
This commit removes the old evilstreak markdownjs engine.

- Adds specs to WhiteLister and changes it to stop using globals
    (Fixes large memory leak)
- Fixes edge cases around bbcode handling
- Removes mdtest which is no longer valid (to be replaced with
    CommonMark)
- Updates MiniRacer to correct minor unmanaged memory leak
- Fixes plugin specs
2017-07-17 11:41:34 -04:00
Sam 79a084dd58 Revert "remove old markdown engine work-in-progress"
This reverts commit ee470b5317.
2017-07-12 18:10:51 -04:00
Sam bcbb9f208d Revert "Integrate new engine, correct old specs"
This reverts commit f1b38ba4fb.
2017-07-12 18:10:07 -04:00
Sam f1b38ba4fb Integrate new engine, correct old specs
corrects edge cases with

- full quotes
- [url] with nested tags
- engine overrides
- onebox applying to non http srcs
2017-07-12 17:44:40 -04:00
Sam Saffron ee470b5317 remove old markdown engine work-in-progress 2017-07-12 17:44:40 -04:00
Sam 98e03b04b5 Don't depend on imports for md extensions 2017-07-11 16:48:25 -04:00
Sam cfbda863e8 implement unicode emoji replacements 2017-06-28 13:47:30 -04:00
Sam da5ccd2000 correctly hunt for console.log 2017-06-23 15:24:20 -04:00
Sam 234694b50f Feature: CommonMark support
This adds the markdown.it engine to Discourse.
https://github.com/markdown-it/markdown-it

As the migration is going to take a while the new engine is default
disabled. To enable it you must change the hidden site setting:
enable_experimental_markdown_it.

This commit is a squash of many other commits, it also includes some
improvements to autospec (ability to run plugins), and a dev dependency
on the og gem for html normalization.
2017-06-23 12:01:33 -04:00
Robin Ward 564eb8c20f Allow plugins to add vendored files for the text pipeline 2017-04-18 17:59:05 -04:00
Régis Hanol ba115480ba FIX: wasn't extracting links to quoted posts 2017-02-06 14:45:04 +01:00
Sam f932cb51f3 FIX: stop stripping local onebox links from tracker
When a onebox was made to a local topic it was not tracked using link
tracker
2017-02-01 14:21:01 -05:00
Arpit Jalan 2d0c99636a do not add rel noreferrer 2016-11-20 18:19:14 +05:30
Arpit Jalan 7cb76f7333 FIX: add rel noopener and noreferrer in addition to nofollow 2016-11-20 17:07:27 +05:30
Régis Hanol a0f1090d79 FIX: custom emojis leaking over multisites 2016-11-17 19:35:39 +01:00
Robin Ward 0f9e45f283 Allow the loader to understand when files are moved 2016-11-15 11:41:16 -05:00
Neil Lalonde 86522a52b7 FEATURE: add censored_pattern setting to censor posts using regex 2016-11-08 16:39:26 -05:00
Régis Hanol 78cd42943f FEATURE: add 'emoji-custom' class to custom emojis 2016-11-08 16:36:09 +01:00
Robin Ward 3c12dd6549 FIX: Consider lazyYT divs as links when extracting 2016-09-22 16:50:24 -04:00
Vinoth Kannan 648c8d27a6 chomp before regex manifest 2016-08-25 17:15:29 +05:30
Robin Ward 414388b94f FIX: Allow disabling of sanitization (for email customiaztions) 2016-08-11 14:59:20 -04:00
Robin Ward d763ce08c0 FIX: Travis failure 2016-08-10 13:20:39 -04:00
Guo Xiang Tan c3cab98998 FEATURE: Admins should be able to create polls even when plugin is disabled. 2016-07-13 18:05:19 +08:00
Robin Ward a546395397 REFACTOR: Migrate markdown functionality in ES6 2016-07-11 12:57:05 -04:00
Régis Hanol 5169bcdb6e FIX: httpshttps ultra secure URLs 2016-06-30 16:55:01 +02:00
Sam b15f6bd211 FIX: s3 cdn urls not remapped correctly 2016-06-30 18:58:38 +10:00
Régis Hanol f3905fd99a FIX: S3 CDN wasn't applied to lightboxed images 2016-06-27 22:08:49 +02:00
James Kiesel 7a6bc3f1d7 Apply notification styles to mailing list email manually (#4283)
* Apply notification styles to mailing list email manually

* Fix failing spec
2016-06-21 20:42:30 +05:30
Neil Lalonde f13470b96b Use db schema for tags instead of plugin store and custom fields 2016-05-26 14:29:48 -04:00
Arpit Jalan 36ba5f6716 FIX: broken onebox avatar image 2016-05-26 07:57:42 +05:30
Sam 695773db1c FEATURE: upgrade from therubyracer to mini_racer
This pushes our internal V8 JavaScript engine from Chrome 32 to 50.

It also resolves some long standing issues we had with the old wrapper.
2016-05-23 09:57:15 +10:00
Régis Hanol c012b18601 FIX: sending email wasn't working anymore when a plugin used 'reduce_cooked' (cc @gdpelican) 2016-05-21 20:13:00 +02:00
James Kiesel feffe23cc5 FEATURE: More granular mailing list mode (#4068)
* Rearrange frontend to account for mailing list mode

* Allow update of user preference for mailing list frequency

* Add mailing list frequency estimate

* Simplify frequency estimate; disable activity summary for mailing list mode

* Remove combined updates

* Add specs for enqueue mailing list mode job

* Write mailing list method for mailer

* Fix linting error

* Account for stale topics

* Add translations for default mailing list setting

* One query for mailing list topics

* Fix failing spec

* WIP

* Flesh out html template

* First pass at text-based mailing list summary

* Add user avatar

* Properly format posts for mailing list

* Move make_all_links_absolute into Email::Styles

* Apply first_seen_at to user

* Send mailing list email summary hourly based on first_seen_at

* Branch and test cleanup

* Use existing mailing list mode estimate

* Fix failing specs
2016-05-21 15:17:54 +02:00
Sam 3f9ed76dad no need to use discourse event here 2016-05-02 12:01:15 +10:00
Sam d25dc126f7 FIX: Post does not save if it contains a tag link 2016-05-02 11:36:09 +10:00
Neil Lalonde e5918c7d00 FEATURE: Merge tagging plugin into core 2016-04-27 11:58:53 -04:00
Jeff Atwood ed446ca487 increase transpiler timeout to 15 sec 2016-04-21 16:52:25 -07:00
Régis Hanol 1a621f3393 FIX: don't extract links to anchors 2016-04-15 20:02:18 +02:00
Robin Ward e91379916b
FIX: Provide the ability to `reduce` cooked content
This allows us to strip polls from the group posts page.
2016-04-13 13:25:18 -04:00
Jeff Atwood 8f59917f6b increase es6 transpiler timeout from 5 to 10 sec 2016-03-29 16:43:04 -07:00
Régis Hanol 7acdbc8448 FIX: don't extract links from elided parts 2016-03-16 22:35:08 +01:00
Robin Ward 0167f6bb57 FIX: Don't substitute emojis within code blocks 2016-03-02 14:32:00 -05:00
Sam 833af461ab FIX: stop using regex to detect mentions 2016-02-24 17:47:55 +11:00
Robert Riemann 9c39647cd2 fix: support for hyphens in group name
The group mention @ORG-team triggers notifications for the group @ORG. This fix changes the RegExp, so that the group name is correctly extracted.

see: https://meta.discourse.org/t/group-mentions-that-begin-with-the-same-characters-may-be-incorrect/39892/12?u=rriemann
2016-02-23 23:55:31 +01:00
Régis Hanol 3bf931ce54 FIX: should have been 'category_slug' 2016-02-11 16:04:40 +01:00
Guo Xiang Tan 39aaa181e1 FIX: Category hashtag is cooked incorrectly. 2016-02-10 17:08:57 +08:00
Régis Hanol 56a16a0e89 we still need md5 2016-02-05 15:27:24 +01:00
Sam Saffron e3747f654b SECURITY: hoist blocks using guids, not md5 hashes 2016-02-06 01:02:48 +11:00
Guo Xiang Tan 28ac5fb17c FEATURE: DiscourseEvent hook for server side markdown context. 2016-01-29 22:59:15 +08:00
Régis Hanol 7d5fdd0997 temporarily fix the build (cc @tgxworld) 2016-01-29 11:53:03 +01:00
Guo Xiang Tan e8c5127865 Convert to link as long as a valid link is received. 2016-01-29 13:31:11 +08:00
Guo Xiang Tan 190345ba20 Add DiscourseEvent hook when converting raw post to markdown. 2016-01-29 13:30:12 +08:00
Guo Xiang Tan a055c37939 Merge pull request #3956 from tgxworld/fix_clashing_slug
FIX: Clashing category slug.
2016-01-18 10:15:13 +08:00
Guo Xiang Tan c60e360c90 FIX: Clashing category slug. 2016-01-13 15:32:29 +08:00
Régis Hanol 96aa5b865f FIX: mentions regex server-side (ie. don't count email addresses) 2016-01-12 09:53:09 +01:00
Guo Xiang Tan c1dbf5c1c4 FEATURE: Autolinking to category using hashtags. 2016-01-05 00:12:24 +08:00
Robin Ward b17e5c99cc PERF: Use a regexp for unicode replacements 2015-12-30 14:35:25 -05:00
Robin Ward c064dc1322 FEATURE: Perform a server side replacement of unicode emoji 2015-12-29 16:28:27 -05:00
Robin Ward df19a27753 FIX: Don't sanitize `header_instructions` 2015-12-10 18:15:32 -05:00
Sam ad3dd161e7 FEATURE: first class group mentions built in
If you allow a group to be mentioned it can be mentioned with the @ symbol.

Keep in mind as a safety mechanism max_users_notified_per_group_mention is set to 100
2015-11-30 17:08:43 +11:00
Robin Ward 434deb1bd3 SECURITY: Backported XSS fixes from Handlebars 2015-11-24 16:08:08 -05:00
Robin Ward 8ba7c06b7d Merge pull request #3735 from riking/patch-4
FIX: Discourse.BaseUri should not default to /
2015-11-06 14:52:19 -05:00
Régis Hanol 86f76e5b4d FIX: better plugin emojis API 2015-11-06 15:02:40 +01:00
Régis Hanol 7fbf902d09 FIX: prevent cross-contamination of emojis in multisites 2015-10-30 23:26:34 +01:00
Régis Hanol 73e345fe8f FIX: unescape emojis in digests 2015-10-15 09:59:29 +02:00
Sam e5234b38b8 FEATURE: add title expansion for off topic quotes 2015-09-25 13:35:14 +10:00
Kane York aca70805f1 FIX: Discourse.BaseUri should not default to / 2015-09-10 17:34:08 -07:00
Guo Xiang Tan 6a31a5d52b Extract logic for censored-words so that it can be reused. 2015-08-25 22:26:01 +08:00
Robin Ward e2e3e7c0e0 Add ES6 support to more files 2015-08-13 10:49:08 -04:00
Régis Hanol c17f8d1769 keep pretty_text in sync with client code 2015-07-16 00:01:00 +02:00
Robin Ward b52e5d1536 FIX: `default_avatars` wasn't being used for some server side templates 2015-06-26 13:38:09 -04:00
Régis Hanol 189cb3ff12 FEATURE: move migrate_to_new_scheme into a background job
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
Sam Saffron b7a0a295c0 FIX: s3 cdn would break cooking if <img> tag had no src 2015-06-10 19:28:21 +10:00
Sam 93ab03966e FIX: no-follow not handled correctly for sub domains
if a.com was whitelisted aa.com would pass through
2015-05-27 14:31:01 +10:00
Sam 90eaad336d FEATURE: allow users to pick a CDN for s3 assets 2015-05-26 11:13:12 +10:00
Robin Ward 2e4d43364a Server side quote templates don't seem to be used? 2015-05-11 11:20:45 -04:00
Régis Hanol a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Régis Hanol 4a9587fa23 FIX: auto-load all plugin locales so that they can be used in PrettyText 2015-04-09 17:04:14 +02:00
Sam a82530012a FEATURE: Allow selection of highlight js languages
PERF: stop loading highlight js on load

To get latest highlight js run bin/rake highlightjs:update
2015-03-13 16:18:59 +11:00
Robin Ward 893c1aa067 FIX: Quoting an avatar when `default_avatars` was set was broken. 2015-03-12 15:51:28 -04:00
Régis Hanol 6a68e8c272 FIX: use CDN for user card/profile background and user avatars (for real this time) 2015-01-29 22:53:48 +01:00
Régis Hanol 22adb682d8 revert - FIX: use CDN for user card/profile background and user avatars 2015-01-29 20:42:05 +01:00
Régis Hanol 07d5d8faac fix the build... 2015-01-29 20:28:50 +01:00
Régis Hanol 3a24df6956 FIX: adding a custom emoji needed an application restart to work on the server-side rendering 2015-01-29 17:35:52 +01:00
Gerhard Schlager 361b3fb07a FIX: Loading of Emoji files depended on working directory
The importer scripts could not be used unless the working directory was
the Discourse root directory.
2015-01-24 00:07:39 +01:00
Régis Hanol 118d33798a FIX: load custom emoji API before the plugins 2014-12-23 11:06:55 +01:00
Régis Hanol 5d33dee817 FIX: custom emoji weren't properly baking 2014-12-23 02:22:10 +01:00
Sam a79b1807d7 FEATURE: attempt to recover from corrupt markdown engine 2014-11-14 17:51:04 +11:00
Régis Hanol a5616146eb FIX: remove meta data from lightbox in both excerpt (html & text) 2014-11-05 20:37:00 +01:00
Jens Maier 3198c3333a Fix pretty_text translation helper again, this time for real 2014-10-02 22:08:40 +02:00
Jens Maier b6bbfb907c FIX: quoting non-existing messages would break SMF2 importer 2014-10-02 00:44:03 +02:00
Robin Ward d0fb8bbcfc Instead of `.js.handlebars` use `.hbs` for handlebars templates 2014-09-26 15:23:15 -04:00
Robin Ward 19b4364d79 SECURITY: Stripping links could unescape html fragments 2014-09-17 12:08:00 -04:00
Robin Ward f67f34d889 FIX: Load order of Javascript files 2014-08-22 19:27:20 -04:00
Sam 84836944e8 FIX: crash on invalid uri component 2014-07-30 17:09:55 +10:00
Sam 89fc989adb FEATURE: First Quote badge 2014-07-11 14:17:43 +10:00
Régis Hanol 27f7730fe8 fix the build 2014-07-09 17:39:38 +02:00
Robin Ward 64355c989e FIX: Don't extract links from empty quotes 2014-05-20 17:20:52 -04:00
Louis Rose 1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Robin Ward 87682f7539 FIX: Don't include image meta data when embedded in an email 2014-04-17 12:32:51 -04:00
Régis Hanol 2505d18aa9 FEATURE: support email attachments 2014-04-14 22:55:57 +02:00
riking 9c4dd1cb35 Change comma-delim site settings to pipe-delim 2014-04-08 14:17:55 -07:00
Régis Hanol f25bcc5067 couple of bugfixes identified while importing from VB 2014-03-07 10:44:04 +01:00
Robin Ward 91ff3451c3 FIX: Include `html` helpers in the server rendering. This allows plugins
to easily register HTML fragments without breaking posting.
2014-02-26 10:09:17 -05:00
Sam a28a0bbeeb PERF: stop messing with strings that come back from I18n.t
allows better caching
2014-02-18 14:10:03 +11:00
Sam d54f6faa35 minor style fix 2014-02-04 12:57:16 +11:00
Sam 1556548ff6 BUGFIX: JS errors could crash our process 2014-02-04 11:14:04 +11:00
Neil Lalonde 4f6b208e8d Posts by trust level 3 users do not have nofollow on their external links. 2014-01-15 11:40:51 -05:00