Commit Graph

1036 Commits

Author SHA1 Message Date
Jeff Atwood 658cc4d0d0 FEATURE: default block semrushbot crawler 2019-01-23 00:25:01 -08:00
Penar Musaraj 3501533a2b DEV: unpin Prettier version, apply to YAML files
We had Prettier pinned because of https://github.com/prettier/prettier/issues/5529. Since that bug is fixed, unpinning.

Prettier now supports YAML, so this applies Prettier to all .yml except for translations, which should not be edited directly anyway.
2019-01-17 13:05:39 -05:00
Kris 675bf94133 UX: Bump up base font size 1px, add smaller text size option 2019-01-17 10:30:34 -05:00
Guo Xiang Tan c30f78793a Lower default for `SiteSetting.likes_notification_consolidation_threshold`. 2019-01-16 17:56:02 +08:00
Guo Xiang Tan e7b49c42c4 FIX: Allow liked notifications consolidation to be disabled. 2019-01-16 16:17:04 +08:00
Guo Xiang Tan ebe65577ed
FEATURE: Consolidate likes notifications. (#6879) 2019-01-16 10:40:16 +08:00
Penar Musaraj 1c1fd2051f
FEATURE: enable CSP by default on new sites (#6873)
- adds migration to enable CSP for new sites
- removes "EXPERIMENTAL" labels from setting names
- sets CSP violation report to default off
- adds CSP-related note to GTM setting
2019-01-15 08:58:46 -05:00
David Taylor 1ebd3dbbd0
FEATURE: Allow the base font size to be changed on a per-user basis (#6859) 2019-01-14 13:21:46 +00:00
Zach Whitehead 2748822576 FEATURE: Remove option for Google Plus sharing (#6864)
* Remove option for Google Plus sharing

* remove google+ share translations
2019-01-09 10:17:50 +08:00
Rafael dos Santos Silva f73fe36772 FEATURE: PWA compatibility checks in the Dashboard (#6850) 2019-01-09 08:46:11 +08:00
Sam 70269c7c97 FEATURE: tighter limits on per cluster post rebakes
We have the periodical job that regularly will rebake old posts. This is
used to trickle in update to cooked markdown. The problem is that each rebake
can issue multiple background jobs (post process and pull hotlinked images)

Previously we had no per-cluster limit so cluster running 100s of sites could
flood the sidekiq queue with rebake related jobs.

New system introduces a hard limit of 300 rebakes per 15 minutes across a
cluster to ensure the sidekiq job is not dominated by this.

We also reduced `rebake_old_posts_count` to 80, which is a safer default.
2019-01-04 09:24:46 +11:00
Joffrey JAFFEUX 0402f0f357
UX: new site setting to define activity metrics displayed on dashboard 2018-12-26 10:29:07 +01:00
Neil Lalonde a1db15fead FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-12 15:32:38 -05:00
Bianca Nenciu 7cac04e1a8 * FEATURE: Adds site setting to let quotes on direct replies.
* DEV: Added test.
* FIX: Do not bump topic when removing full quotes.
2018-12-12 15:42:53 +01:00
Maja Komel dbbadb5c35 FEATURE: add short_site_description setting to be included in title tag on homepage 2018-12-12 11:46:58 +01:00
Jay Pfaffman cf2e86c763 FEAT: make s3_force_path_style shadowed_by_global
Without this it's impossible to enable S3 backups to Minio (and Digital Ocean Spaces?) using only ENV variables in config.

@tgxworld 

https://meta.discourse.org/t/can-we-make-s3-force-path-style-be-shadowed-by-global/103571
2018-12-07 10:59:15 +11:00
Bianca Nenciu e9bbdef156 FEATURE: Add support for inline emoji translation. 2018-12-05 21:58:55 +01:00
Gerhard Schlager e7b76b319a FEATURE: Setting for short title used by Android on homescreen 2018-11-28 14:59:30 +01:00
Penar Musaraj 03deda2147
Upgrade to FontAwesome 5 (take two) (#6673)
* Add missing icons to set

* Revert FA5 revert

 This reverts commit 42572ff

* use new SVG syntax in locales

* Noscript page changes (remove login button, center "powered by" footer text)

* Cast wider net for SVG icons in settings

- include any _icon setting for SVG registry (offers better support for plugin settings)

- let themes store multiple pipe-delimited icons in a setting

- also replaces broken onebox image icon with SVG reference in cooked post processor

* interpolate icons in locales

* Fix composer whisper icon alignment

* Add support for stacked icons

* SECURITY: enforce hostname to match discourse hostname

This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname

* load SVG sprite with pre-initializers

* FIX: enable caching on SVG sprites

* PERF: use JSONP for SVG sprites so they are served from CDN

This avoids needing to deal with CORS for loading of the SVG

Note, added the svg- prefix to the filename so we can quickly tell in
dev tools what the file is

* Add missing SVG sprite JSONP script to CSP

* Upgrade to FA 5.5.0

* Add support for all FA4.7 icons

- adds complete frontend and backend for renamed FA4.7 icons

- improves performance of SvgSprite.bundle and SvgSprite.all_icons

* Fix group avatar flair preview

- adds an endpoint at /svg-sprites/search/:keyword

- adds frontend ajax call that pulls icon in avatar flair preview even when it is not in subset

* Remove FA 4.7 font files
2018-11-26 16:49:57 -05:00
Gerhard Schlager a3f8ef89a6 FIX: Setting DISCOURSE_S3_REGION env variable had no effect 2018-11-21 23:15:28 +01:00
Kyle E. Mitchell 15e793fd3b FEATURE: Terms of Service v1.0.0
Co-authored-by: Gerhard Schlager <mail@gerhard-schlager.at>
2018-11-21 00:45:16 +01:00
Régis Hanol 5852fe7975 FIX: change 'max_consecutive_replies' default to 3 2018-11-14 22:58:05 +01:00
Bianca Nenciu b6576d9473 FEATURE: Add new setting to force user edit last post. (#6571) 2018-11-14 15:48:16 +01:00
Bianca Nenciu fce0a0ccc8 FEATURE: Compute distance between logins to generate login alerts. (#6562) 2018-11-14 13:26:47 +01:00
Guo Xiang Tan 44391ee8ab
FEATURE: Upload Site Settings. (#6573) 2018-11-14 15:03:02 +08:00
Sam 42572ff138 Revert font awesome 5 changes
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
Penar Musaraj 005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs (#6557)
* First take on subsetting svg icons

* FontAwesome 5 svg subset WIP

* Include icons from plugins/badges into svg sprite subset

* add svg icon support to themes

* Add spec for SvgSprite

* Misc. SVG icon fixes

* Use FA5 svgs in local-dates plugin

* CSS adjustments, fix SVG icons in group flair

* Use SVG icons in poll plugin

* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
Régis Hanol 0bf52d422c FEATURE: new 'simultaneous_uploads' site setting 2018-10-31 10:58:09 +01:00
Rafael dos Santos Silva 2450f178ca FEATURE: Allow admins to control PWA display mode per user agent 2018-10-26 13:47:22 -03:00
Bianca Nenciu 6a3767cde7 FEATURE: Warn users via email about suspicious logins. (#6520)
* FEATURE: Warn users via email about suspicious logins.

* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
Kyle Zhao e9a971a2b6
FEATURE: [Experimental] Content Security Policy (#6514)
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
David Taylor 37b7afa522 FIX: Sanitize tags before creation 2018-10-22 10:53:42 +01:00
Kyle Zhao dca830cb73 Revert "FEATURE: [Experimental] Content Security Policy (#6504)"
This reverts commit fb8231077a.
2018-10-19 11:53:29 -04:00
David Taylor 0dd717e641 Revert "FIX: Sanitize tags before creation"
This reverts commit 18ae8de9e5.
2018-10-19 15:49:05 +01:00
David Taylor 18ae8de9e5 FIX: Sanitize tags before creation 2018-10-19 15:43:31 +01:00
Kyle Zhao fb8231077a
FEATURE: [Experimental] Content Security Policy (#6504) 2018-10-19 10:39:22 -04:00
Maja Komel c104256991 FIX: SSO provider secrets - check wildcard domains last, toggle secrets visibility 2018-10-15 16:18:29 +02:00
Maja Komel 27e732a58d FEATURE: allow multiple secrets for Discourse SSO provider
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.

This allows for better auditing of the SSO provider feature
2018-10-15 16:03:53 +11:00
Guo Xiang Tan 84d4c81a26 FEATURE: Support backup uploads/downloads directly to/from S3.
This reverts commit 3c59106bac.
2018-10-15 09:43:31 +08:00
Neil Lalonde 12f132736b FIX: error looking at users in admin when tl3_promotion_min_duration is set to a very high value 2018-10-11 15:11:48 -04:00
Guo Xiang Tan 3c59106bac Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
This reverts commit c29a4dddc1.

We're doing a beta bump soon so un-revert this after that is done.
2018-10-11 11:08:23 +08:00
Gerhard Schlager c29a4dddc1 FEATURE: Support backup uploads/downloads directly to/from S3. 2018-10-11 10:38:43 +08:00
David Taylor 9bf522f227
FEATURE: Mixed case tagging (#6454)
- By default, behaviour is not changed: tags are made lowercase upon creation and edit.

- If force_lowercase_tags is disabled, then mixed case tags are allowed.

- Tags must remain case-insensitively unique. This is enforced by ActiveRecord and Postgres.

- A migration is added to provide a `UNIQUE` index on `lower(name)`. Migration includes a safety to correct any current tags that do not meet the criteria.

- A `where_name` scope is added to `models/tag.rb`, to allow easy case-insensitive lookups. This is used instead of `Tag.where(name: "blah")`.

- URLs remain lowercase. Mixed case URLs are functional, but have the lowercase equivalent as the canonical.
2018-10-05 10:23:52 +01:00
Rafael dos Santos Silva b8d3fbd08b FEATURE: Enable the notification prompt by default 2018-10-03 19:58:24 -03:00
Sam 0e10b47618 UX: make responsive_post_image_sizes a visible site setting
This is useful for sites that want to cut bandwidth by decreasing
fidelity of thumbnails.
2018-10-03 15:06:37 +10:00
Sam ad0e768742 FEATURE: add support for responsive images in posts
When creating lightboxes we will attempt to create 1.5x and 2x thumbnails
for retina screens, this can be controlled with a new hidden site setting
called responsice_post_image_sizes, if you wish to create 3x images run

SiteSetting.responsive_post_image_sizes = "1|1.5|2|3"


The default should be good for most of the setups as it balances filesize
with quality. 3x thumbs can get big.
2018-10-03 13:44:53 +10:00
Sam a6f0436a29 FEATURE: change default to enable login by email out-of-the-box 2018-10-03 10:16:52 +10:00
Bianca Nenciu e0d7cdac12 UX: Improve error messages for minimum and maximum username lengths. 2018-10-02 13:10:20 +08:00
Arpit Jalan dc960e1a82 Make `enable_mobile_theme` a hidden setting
https://meta.discourse.org/t/default-mobile-view-formatting-error/98063/3
2018-09-29 10:33:17 +08:00
Guo Xiang Tan d4bd04c3a7 Allow `purge_deleted_uploads_grace_period_days` to be shadowed. 2018-09-19 17:49:00 +08:00
Régis Hanol 4481836de2 FEATURE: new 'search_ignore_accents' site setting 2018-09-17 10:42:30 +02:00
Rishabh 4f46aa1ba3 FEATURE: Add SiteSetting for s3_configure_tombstone_policy
Add SiteSetting for s3_configure_tombstone_policy, skip policy generation if turned off (default on)
2018-09-17 10:57:50 +10:00
Bianca Nenciu aca195e4a7 Remove unused site setting. (#6398) 2018-09-14 07:49:32 +00:00
Gerhard Schlager e847bb33d5 Better default settings for Japanese 2018-09-11 11:58:36 +02:00
Arpit Jalan 51edb19aa9 FIX: pop3 polling password and mailgun API key should be secret 2018-09-11 06:40:33 +05:30
Sam 6e3f249aea Disable auth token logging
We have a work in progress feature that required the logging,
This feature is not going to be shipped for a while so disabling this
for now.
2018-09-04 17:05:17 +10:00
Jeff Atwood 690908993f reduce default post deletions per day 2018-08-31 13:27:25 -07:00
Bianca Nenciu 931cffcebe FEATURE: Let users see their user auth tokens. (#6313) 2018-08-31 10:18:06 +02:00
Jay Pfaffman 7b601ff2f8
Add shadows to enable S3 backups to Digital Ocean
With these changes, backups to Digital Ocean spaces can be configured with the following variables:

  DISCOURSE_S3_ACCESS_KEY_ID: 'XXX'
  DISCOURSE_S3_SECRET_ACCESS_KEY: 'YYY'
  DISCOURSE_S3_UPLOAD_BUCKET: 'backups-bucket'
  DISCOURSE_S3_ENDPOINT: 'https://nyc3.digitaloceanspaces.com'
  DISCOURSE_ENABLE_S3_BACKUPS: true
2018-08-29 12:33:05 -07:00
Joffrey JAFFEUX bf9b7f1f25
UX: reserved_usernames should be a compact list (#6330) 2018-08-29 12:12:35 +02:00
Sam 740308675b FEATURE: erode bounce score every time an email is sent
Introduces a hidden setting (default is 0.1) that erodes bounce score
every time we send an email. This means that erratic failures are less
painful cause system auto corrects
2018-08-28 17:02:12 +10:00
Sam 4205c528d0 FEATURE: hide enable_personal_email_messages and min_trust_to_send_email_messages
These site settings are very hard to explain and only applicable for very
specific Discourse setups.

If an admin "enables staged users" which is used in support scenarios then
all staff can send "messages" directly to an "email".

The setting allows you to extend this to TL4 or any trust level.

Actual use case would be a support type setup with restricted staff. It is
quite rare so hiding this for now and re-evaluate keeping the setting in
2019
2018-08-27 11:38:22 +10:00
Kris faf09bb8c8 Replacing default brown category color 2018-08-24 14:18:14 -04:00
Guo Xiang Tan 36a7028f19 FEATURE: Clean up `PostReplyKey` records.
* Default retention of 90 days.
2018-08-23 10:40:02 +08:00
Jeff Atwood 8da2d8df3d reduce default post deletions per day 2018-08-22 15:22:28 -07:00
Bianca Nenciu 860c1c3dcd FEATURE: Automatically expire keys if not used for a configurable amount of time. (#6264) 2018-08-20 17:36:14 +02:00
David Taylor 812add18bd REFACTOR: Serve auth provider information in the site serializer.
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
Joffrey JAFFEUX 47bed23a5f
FIX: set existing lists to compact when appropriate (#6234) 2018-08-03 18:27:57 -04:00
Joffrey JAFFEUX 066010db7d
FEATURE: introduces list/compact_list components 2018-08-03 16:41:37 -04:00
Sam b76d17881b FEATURE: bump default max size of uploads from 3072K to 4096K 2018-08-02 15:06:30 +10:00
Régis Hanol 474a01f338
Support new mailgun's API key format 2018-08-01 19:04:49 +02:00
Vinoth Kannan b89906e194 Enable rich text pasting by default 2018-08-01 16:36:16 +05:30
Arpit Jalan afe3b00c0f FIX: use hidden setting for max export file size 2018-07-31 11:25:28 +05:30
Vinoth Kannan ece3cb73df Rename humburger_menu_categories_count site setting to header_dropdown_category_count 2018-07-31 09:12:30 +05:30
Vinoth Kannan 78d91b1daf
UX: Changes in top categories of hamburger menu (#6200) 2018-07-30 14:13:00 +05:30
Arpit Jalan fc3b904e1f remove "track external right clicks" feature 2018-07-29 15:01:33 +05:30
Dan Ungureanu f540020d1d Add different trigger for the emoji popup of French users. (#6140) 2018-07-25 16:39:06 +10:00
Vinoth Kannan f8e9190617 FEATURE: Retry web hook when it is failed 2018-07-23 10:12:04 +08:00
Régis Hanol 6d6e026e3c FEATURE: selectable avatars 2018-07-18 12:57:43 +02:00
Rishabh a6c589d882 FEATURE: Add custom S3 Endpoint and DigitalOcean Spaces/Minio support for Backups (#6045)
- Add custom S3 Endpoints and DigitalOcean Spaces support
- Add Minio support using 'force_path_style' option and fix uploads to custom endpoint
2018-07-16 14:44:55 +10:00
OsamaSayegh decf1f27cf FEATURE: Groundwork for user-selectable theme components
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Sam 4f41ccd975 FEATURE: MauiBot is abusive and is now blocked
We have now seen multiple forums where MauiBot uses a large amount of
traffic, due to this bad behavior it is blocked out-of-the-box
2018-07-06 16:46:33 +10:00
Neil Lalonde eabc8f7fbd
Merge pull request #6023 from misaka4e21/only-staff-can-create-tag
FEATURE: Support disabling tag creation for non-staff users.
2018-07-05 11:12:44 -04:00
Patrick Gansterer 28dd7fb562 FEATURE: Create hidden posts for received spam emails (#6010)
* Add possibility to add hidden posts with PostCreator

* FEATURE: Create hidden posts for received spam emails

Spamchecker usually have 3 results: HAM, SPAM and PROBABLY_SPAM
SPAM gets usually directly rejected and needs no further handling.
HAM is good message and usually gets passed unmodified.
PROBABLY_SPAM gets an additional header to allow further processing.
This change addes processing capabilities for such headers and marks
new posts created as hidden when received via email.
2018-07-05 11:07:46 +02:00
Guo Xiang Tan b59c17d484 Update title site setting defaults for ja locale.
https://meta.discourse.org/t/updating-title-when-using-japanese-characters-does-not-work/88718/7
2018-06-28 23:23:00 +08:00
Arpit Jalan a6d50d1ff7 FEATURE: new settings to control posts deletions rate limit 2018-06-28 17:03:37 +05:30
misaka4e21 47cb46671a FEATURE: Support disabling tag creation for non-staff users. 2018-06-27 07:15:02 +08:00
Ernesto Serrano f57375a5ce Update site_settings.yml 2018-06-25 16:18:07 +10:00
Jeff Wong 41f76a74f8 FEATURE: send message when a user reaches tl1 2018-06-22 13:20:00 -07:00
Sam f66efc601d FIX: cubot android devices were detected as crawlers 2018-06-21 10:56:46 +10:00
Sam 591512fcb8 adjust defaults for search log retention 2018-06-20 10:46:07 +10:00
riking 38a8e52ca4 FIX: Add time retention limit to search logs
3 years is a very conservative limit that allows for a very wide buffer
for year-over-year analysis. The max is set to 5 years because that is
the policy listed for logging in hosted Discourse.
2018-06-20 10:44:11 +10:00
Robin Ward fd54c92a52 FEATURE: New site setting, whitelisted_link_domains
If provided, users who normally couldn't post links (say, due to a
low trust level), can post links to those specific hosts.
2018-06-13 16:11:22 -04:00
Arpit Jalan f9ab3848ed FEATURE: support disabling emails for non-staff users 2018-06-07 18:31:08 +05:30
Arpit Jalan d069f4ecba Revert "Revert "allow codepen iframe by default""
This reverts commit 174bf98572.
2018-06-06 06:48:08 +05:30
Régis Hanol dc61eaad37 FEATURE: new 'min ratio to crop' site setting 2018-06-05 17:13:00 +02:00
Arpit Jalan 174bf98572 Revert "allow codepen iframe by default"
This reverts commit dc00089ab2.
2018-06-05 18:21:21 +05:30
Arpit Jalan dc00089ab2 allow codepen iframe by default 2018-06-05 18:17:23 +05:30
Arpit Jalan 46fc57222f FEATURE: improve handling of site setting secrets 2018-06-04 21:31:34 +05:30
Sam c677877e4f FIX: Korean needs no word segmentation 2018-05-28 09:37:57 +10:00
Neil Lalonde 30fbf6fe81 Add min and max to digest topic and post settings. Email clients may truncate messages that are too long. 2018-05-24 14:39:28 -04:00
Joffrey JAFFEUX ba0cec2091
UX: minor fixes to new dashboard UI
- adds a link to search log
- display a text if log search queries is disabled
- adds link to trust level and user types
- adds a description for eeach report when browsing a report directly
2018-05-14 14:23:51 +02:00
Guo Xiang Tan 186623acd0 FEATURE: Keep `EmailLogs` records without a `reply_key` for 90 days by default. 2018-05-10 15:33:49 +08:00
Arpit Jalan 83245aa508 FIX: better handling of invite links after they are redeemed
FIX: deprecate invite_passthrough_hours setting
2018-05-08 20:17:57 +05:30
Robin Ward 8262fc5d15
Merge pull request #5807 from discourse/min-flags-by-topic
FEATURE: New site setting `min_flags_staff_visibility`
2018-05-08 09:17:29 -04:00
Robin Ward ac60a84329 FEATURE: New site setting `min_flags_staff_visibility`
When set higher than 1, flags won't show up for staff in the admin
section unless the minimum threshold of flags on a post is reached.
2018-05-07 16:05:13 -04:00
Misaka 0x4e21 ff6be3c2e3 FEATURE: add profile_background fields into SSO (#5701)
Add profile_background and card_background fields into Discourse SSO.
2018-05-07 10:03:26 +02:00
Jeff Wong 91b31860a1
Feature: Push notifications for Android (#5792)
* Feature: Push notifications for Android

Notification config for desktop and mobile are merged.

Desktop notifications stay as they are for desktop views.

If mobile mode, push notifications are enabled.

Added push notification subscriptions in their own table, rather than through
custom fields.

Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Sam 88f5251415 FIX: disallow invalid top_menu and post_menu and share_links
In the past any text could be entered there causing big potential issues
2018-04-26 17:00:56 +10:00
Sam c7a0ced656 FIX: remove facebook_request_extra_profile_details
Since this no longer works
2018-04-26 14:14:35 +10:00
Robin Ward fd14ee4797 FEATURE: Allow safe mode to be disabled 2018-04-24 11:03:33 -04:00
Neil Lalonde 70f2c5d3fd FEATURE: move staff tags setting to tag group settings 2018-04-20 15:34:23 -04:00
Arpit Jalan 91bf10bd12 FIX: create upload record for exported csv files 2018-04-20 00:27:49 +05:30
Guo Xiang Tan 28fbee04df Allow auto close site settings to be shadowed by global. 2018-04-17 14:23:44 +08:00
Sam 6179c0ce51 FEATURE: bingbot heavily throttled till it plays nice 2018-04-13 14:24:22 +10:00
Sam afaeb20f27 FEATURE: Add option to have sso synchronize group membership
In some cases add_groups and remove_groups is too much work, some sites
may wish to simply synchronize group membership based on a list.

When sso_overrides_groups is on all not automatic group membership is
sourced from SSO. Note if you omit to specify groups, they will be cleared
out.
2018-04-10 13:17:23 +10:00
jose-hms b87205831b FEATURE: Staged user moderation (#5721) 2018-04-06 11:41:25 +02:00
Sam cf19982fca ban bingbot 2018-04-06 15:40:03 +10:00
Sam 3a7b696703 FEATURE: allow for setting crawl delay per user agent
Also moved to default crawl delay bing so no more than a req every 5 seconds is allowed

New site settings:

"slow_down_crawler_user_agents" - list of crawlers that will be slowed down
"slow_down_crawler_rate" - how many seconds to wait between requests

Not enforced server side yet
2018-04-06 10:15:23 +10:00
Sam 91a4fee03d FEATURE: block bing from crawling all discourse sites
bing is crawling our properties 10x faster than any other crawler,
until default behavior is improved we are blocking it out-of-the-box

You may enable it by setting the blacklist back to empty
2018-04-05 16:03:02 +10:00
Arpit Jalan 03725c7c8a FIX: add reserved usernames for ‘/u/’ static routes 2018-03-28 11:15:38 +05:30
Neil Lalonde ced7e9a691 FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-22 15:41:02 -04:00
Robin Ward b9abd7dc9e FEATURE: Shared Drafts
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.

* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.

* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.

* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.

* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Arpit Jalan 12706c4b29 FEATURE: support markdown rendering for embedded posts 2018-03-11 08:00:48 +05:30
Sam 5b6e49ae1d FEATURE: split out max diff to 2 settings
We trust staff + tl2 and up to perform edits in grace period.
Allow them significantly more edit room in grace period prior to storing
a revision.

editing_grace_period_max_diff_high_trust applies to users with tl2 and up.

So

tl0 / 1 : we store an extra revision if more than 100 chars change
tl2 and up : we store an extra revision if more than 400 chars change

We may tweak these numbers as we go.
2018-03-09 11:58:50 +11:00
Jeff Atwood 4132c37add increase grace period max diff to 100 chars 2018-03-07 01:45:48 -08:00
Sam e162cd16b6 FEATURE: editing_grace_period_max_diff to force revisions in grace period
If a user performs a substantive edit of 20 chars or more during grace period
we will store a revision to track the change

This allows for better auditing of changes that happen during the grace period
2018-03-07 18:34:34 +11:00
Robin Ward 0f66a99eb2 Setting to prevent logging details when anonymizing 2018-03-05 14:38:18 -05:00
Régis Hanol 6a78669ca3 FIX: 'reply by email addresses' site settings should allow email addresses without a 'reply_key' when 'find related post with key' is disabled 2018-03-02 17:53:18 +01:00
Neil Lalonde 3313072957 Remove censored_pattern site setting, which is replaced by watched words 2018-02-26 16:29:27 -05:00
Guo Xiang Tan 66062ed6d9 Add missing default choice for `SiteSetting.google_oauth2_prompt`. 2018-02-23 11:23:08 +08:00
Robin Ward 9b704b21b5 Don't include `client` when false 2018-02-22 21:22:09 -05:00
Robin Ward 69af881f7f New site setting `trusted_users_can_edit_others`
The default is true to keep with previous discourse behavior. If
disabled, high trust level users cannot edit the topics or posts of
other users.
2018-02-22 20:39:24 -05:00
Guo Xiang Tan 24d0a7a4c7 Take 2 on f74d6bb605.
New options are left out by default when not configured so that an
incorrect default configuration doesn't blow up google oauth for
everyone.
2018-02-23 07:53:01 +08:00
Vinoth Kannan 84867c1c07 Rename site setting to allow_staff_to_tag_pms from allow_staff_to_tag_in_pm 2018-02-22 06:48:34 +05:30
Vinoth Kannan 2b509eaa91
Merge branch 'master' into pm-tags 2018-02-21 23:55:59 +05:30
Vinoth Kannan 84ce1acfef FEATURE: Allow staffs to tag PMs 2018-02-21 20:11:46 +05:30
Gerhard Schlager 210939de68 FEATURE: Use HTML instead of text for incoming emails by default 2018-02-21 11:14:36 +01:00
Robin Ward 3ea272f4f1 New setting: minimum trust level to embed images in a post 2018-02-20 20:00:06 -05:00
Arpit Jalan c419c26f56 FEATURE: new site setting 'max_emojis_in_title' 2018-02-19 18:15:26 +05:30
OsamaSayegh f3815cd785 FEATURE: New site setting for additional allowed filetypes for staff (#5364)
* FEATURE: New site setting for additional allowed filetypes for staff

* Problematic variable name

* feedback

* small issues

* fix indentation

* failing tests

* Remove message bus and fix minor issues

* Missed this message bus
2018-02-19 10:44:24 +01:00
Leo McArdle 5d9d0fcb4f FEATURE: add setting which adds group name to PM email subject (#5475) 2018-02-19 10:20:17 +01:00
Sam 7af9ed6674 FEATURE: add goanna rendering engine to non crawler list
Goanna the fork of Gecko which is used by Pale Moon browser is not a crawler.
2018-02-16 06:30:47 +11:00
Erick Guan 03b3e57a44 FEATURE: login by a link from email
Co-authored-by: tgxworld <tgx@discourse.org>
2018-02-13 16:14:39 +08:00
Robin Ward 4dfe659189 Rename `allow staff flags` to `allow flagging staff` 2018-02-12 15:27:26 -05:00
Robin Ward 6287631745 FEATURE: New site setting, `allow staff flags`, false by default
For some large communities, it makes sense to disable flagging of
staff posts.
2018-02-12 14:56:21 -05:00
Robin Ward 1bab15c757 FEATURE: A site setting for a minimum TL to post links 2018-02-06 18:07:58 -05:00
Robin Ward b2b6dc68a6 FEATURE: a setting to customize the minimum TL to flag a post 2018-02-06 17:12:27 -05:00
Kane York cd19d546a8
Update default linkify TLDs to top 15
Also kept gov, but moved it to the end because it was in the previous version.
2018-02-02 17:45:42 -08:00
Joshua Rosenfeld e262939590
Add .org to default linkified TLDs 2018-02-02 16:31:40 -05:00
Robin Ward 96710754d9
Merge pull request #5540 from discourse/mixed-text-direction-support
FEATURE: Mixed text direction support
2018-02-01 07:29:15 -08:00
Arpit Jalan f88b8a8945 rename 'default_email_private_messages' to 'default_email_personal_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan 6be536ca50 rename 'max_private_messages_per_day' to 'max_personal_messages_per_day' 2018-02-01 13:25:29 +05:30
Arpit Jalan 7cda3a37af rename 'private_email_time_window_seconds' to 'personal_email_time_window_seconds' 2018-02-01 13:25:29 +05:30
Arpit Jalan 7e48c47d37 rename 'enable_private_email_messages' to 'enable_personal_email_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan ff0376a80b rename 'enable_private_messages' to 'enable_personal_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan 25ec077eca rename 'min_private_message_{post/title}_length' to 'min_personal_message_{post/title}_length' 2018-02-01 13:25:29 +05:30
Sam ee0d3f15c1 FEATURE: allow better fidelity for auto linkify, disable most tlds based linkify
New site settings:

enable_markdown_linkify: which is default on, auto links https:// and http:// and mail://

markdown_linkify_tlds: which allows control of what tlds get autolinked for cases such as www.site.com, default is com|net|gov
2018-02-01 13:22:38 +11:00
Arpit Jalan 1f6adbea5c FEATURE: log private message views 2018-01-29 08:08:08 +05:30
scossar caa38aaaad Add support for mixed text directions 2018-01-28 18:33:55 -08:00
Robin Ward 44e2038b53 Setting to automatically lock posts when edited by staff 2018-01-26 14:01:30 -05:00
Sam 95ac1655bc revert settings 2018-01-24 13:21:23 +11:00
Sam 3492a91056 FEATURE: allow site operators to disable emoji shortcuts 2018-01-24 12:21:44 +11:00
Sam 7ba06de0d6 FEATURE: disable service worker for all browsers except for android
Service worker is still quite experimental, only enable on android
where it provides many benefits
2018-01-24 12:03:08 +11:00
Robin Ward 782d75069e FIX: UX improvements for system messages when PMs are disabled 2018-01-23 13:12:11 -05:00
Arpit Jalan 1208254961 FIX: validate presence of 'top menu' setting 2018-01-17 01:43:53 +05:30
Sam 7b562d2f46 FEATURE: much improved and simplified crawler detection
- phase one does it match 'trident|webkit|gecko|chrome|safari|msie|opera'
    yes- well it is possibly a browser

- phase two does it match 'rss|bot|spider|crawler|facebook|archive|wayback|ping|monitor'
    probably a crawler then

Based off: https://gist.github.com/SamSaffron/6cfad7ea3e6df321ffb7a84f93720a53
2018-01-16 15:41:45 +11:00
Neil Lalonde 4d50feb6bd FEATURE: add setting to display tags by tag groups 2018-01-12 11:03:02 -05:00
Neil Lalonde edb3a7f646 FIX: support for watched_words_regular_expressions when censoring words 2018-01-10 14:11:23 -05:00
Régis Hanol e3f8182125 FIX: Google Calendar oneboxes weren't working 2018-01-07 19:15:11 +01:00
Arpit Jalan 6ce422feab FIX: respect 'topic page title includes category' client side 2017-12-30 09:06:02 +05:30
Arpit Jalan 0514ac4ee2 FIX: verify presence of 'sso url' before enabling 'enable sso' 2017-12-23 13:30:49 +05:30
Robin Ward 69a90f31fb FEATURE: Allow Forums to disable the Backups feature 2017-12-21 15:22:04 -05:00
Sam f18dda2adc FEATURE: full rebake of all old posts
This limits to 100 post per 15 minutes, so it will take a while.

This will pick up CommonMark and a large amount of onebox fixes.
2017-12-15 10:28:25 +11:00
Gerhard Schlager 76e8a28420 Ignore winmail.dat in incoming emails 2017-12-13 22:03:31 +01:00
Arpit Jalan 6acf0693a5 make crawler_user_agents a hidden setting 2017-12-11 11:10:15 +05:30
Sam 68d3c2c74f FEATURE: add global rate limiter for admin api 60 per minute
Also move configuration of admin and user api rate limiting into global
settings. This is not intended to be configurable per site
2017-12-11 11:07:22 +11:00
Vinoth Kannan b9c0488687 New site setting to enable or disable rich text pasting 2017-12-08 14:09:39 +05:30
Joffrey JAFFEUX fd99e1ef56 FEATURE: site setting enable_mentions to turn on/off mentions 2017-12-07 16:27:58 -05:00
Arpit Jalan 5003f07b2c FEATURE: new site setting show_inactive_accounts 2017-12-07 19:22:41 +05:30
Guo Xiang Tan 4531563717 Hide new advanced editor and preview sync behind a hidden site settings. 2017-12-06 12:34:58 +08:00
Robin Ward 77f90876d3 REFACTOR: Track manual locked user levels separately from groups 2017-11-27 11:23:44 -05:00
Robin Ward ad07e6e172 FEATURE: `group_removes_trust_level` setting
By default in Discourse, if a group grants a user a particular trust
level that is locked even if they are removed from the group.

With this new setting, when a user is removed from a group their
trust level is set to either the next highest trust level based on group
membership, or they are unlocked and promoted based on the default
mechanisms.
2017-11-23 13:03:24 -05:00
Robin Ward 8d98752b57 Allow sites to bootstrap the error page.
This will display working dropdowns and such even if the page is a 404.
2017-11-21 16:13:09 -05:00
Robin Ward 1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Guo Xiang Tan 6090994cdf FEATURE: Retain the latest 30 days of WebHookEvent records by default. 2017-11-08 14:11:01 +08:00
Sam 56412adad5 FEATURE: custom setting for large square site icon
This icon is used for android splash screen
2017-11-03 16:19:31 +11:00
Neil Lalonde 7dc3671490 FEATURE: remove obsolete settings ga_tracking_code and ga_domain_name. Use ga_universal_tracking_code and ga_universal_domain_name instead. 2017-11-01 11:41:51 -04:00
Gordon Mohr da72ecc3fc add alt 'archive.org_bot' user-agent (#5273)
add `archive.org_bot' – another user-agent used by Internet Archive when crawling for Wayback Machine
2017-10-29 10:30:29 +01:00
Neil Lalonde bbf48d395e FIX: set minimum values for topic title length settings 2017-10-27 14:08:37 -04:00
Guo Xiang Tan 90d6677d97 EXPERIMENTAL: Allow lograge to be selected as the logging library. 2017-10-27 17:54:45 +08:00
Robin Ward e9159e49f3 FEATURE: Site Setting to determine whether flags defaults to topics 2017-10-20 12:37:20 -04:00
Neil Lalonde 1faae3c765 rename forgot_password_strict to hide_email_address_taken 2017-10-03 15:28:31 -04:00
Sam 8f7062bd7b FEATURE: reduce API key permission to TL0 2017-10-02 10:59:55 +11:00
Sam f6fdc1ebe8 FEATURE: flexible crawler detection
You can use the crawler user agents site setting to amend what user agents
are considered crawlers based on a string match in the user agent

Also improves performance of crawler detection slightly
2017-09-29 12:31:50 +10:00
Robin Ward 41c3941c4c FEATURE: Support regular expressions for watched words 2017-09-27 15:48:57 -04:00
Robin Ward 561fa7d0cd FEATURE: Site Setting to hide suspension reason on the public profile 2017-09-25 12:25:14 -04:00
Régis Hanol 8ed318c4fe display 'similar to' earlier when composing a post 2017-09-16 01:03:29 +02:00
Neil Lalonde 16fe7aa307 FEATURE: automatically handle flags and posts that have been waiting in a queue for a long time. Flags will be deferred. Posts waiting for approval will be rejected. Control how old the records need to be with the auto_handle_queued_age site setting. 2017-09-14 12:01:06 -04:00
Sam Saffron e283e6aea0 FEATURE: allowed_iframes site setting for allowing iframes
This allows you to whitelist custom iframes if needed in posts
2017-09-01 10:15:44 -04:00
Bianca Nenciu bb3a5910d7 Support for sending PMs to email addresses (#4988)
* Added support for sending PMs to email addresses.

* Made changes after review.

* Added settings validator.

* Fixed tests.
2017-08-28 12:07:30 -04:00
Erick Guan 1646bc0031 FIX: fails loud if default setting is not set
Noted:
- `push_api_secret_key` is set in initializer. Shimed with ''
- `default_theme_key` is set in seeding. Shimed with ''
2017-08-15 12:07:25 +02:00
Robin Ward 6ecb7cdff4 UX: Support for `none` style of category badge 2017-08-07 12:49:19 -04:00
Guo Xiang Tan 3f24ed2b3e Can't revert due to incompatibility of new site setting types.
Revert "Revert "FEATURE: Site settings defaults per locale""

This reverts commit 439fe8ba24.
2017-08-07 10:43:09 +09:00
Guo Xiang Tan 439fe8ba24 Revert "FEATURE: Site settings defaults per locale"
This reverts commit 468a8fcd20.
2017-08-07 10:31:50 +09:00
Robin Ward a3ef814245 UX: Show proper HTML for category preview in site settings 2017-08-04 13:56:27 -04:00
Neil Lalonde d1576298ef add shadowed_by_global to allow_restore 2017-08-03 15:10:11 -04:00
Sam f6bc572fb8 FEATURE: option to enable inline oneboxes for all domains
Also, change to prefer title over open graph which is often way too sparse
2017-08-02 14:27:31 -04:00
Erick Guan 468a8fcd20 FEATURE: Site settings defaults per locale
This change-set allows setting different defaults for different locales. 

It also:

- Adds extensive testing around site setting validation

- raises deprecation error if site setting has the default property based on env

- relocated site settings for dev and tests in the initializer

- deprecated client_setting in the site setting's loading process

- ensure it raises when a enum site setting being set

- default_locale is promoted to `required` category.

- fixes incorrect default setting and validation

- fixes ensure type check for site settings

- creates a benchmark for site setting

- sets reasonable defaults for Chinese
2017-08-02 12:24:19 -04:00
Régis Hanol 88ba052446 secure default for the 'find_related_post_with_key' site setting 2017-08-01 00:03:04 +02:00
Neil Lalonde 24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Régis Hanol c7c93e7159 FEATURE: new 'strip image metadata' site setting 2017-07-25 11:48:39 +02:00
Robin Ward 2f8f2aa1dd FEATURE: Whitelists for inline oneboxing 2017-07-21 15:41:47 -04:00
Sam Saffron d0c5205a52 Feature: Change markdown engine to markdown it
This commit removes the old evilstreak markdownjs engine.

- Adds specs to WhiteLister and changes it to stop using globals
    (Fixes large memory leak)
- Fixes edge cases around bbcode handling
- Removes mdtest which is no longer valid (to be replaced with
    CommonMark)
- Updates MiniRacer to correct minor unmanaged memory leak
- Fixes plugin specs
2017-07-17 11:41:34 -04:00
Robin Ward 6b6ad9391b Clean up job for search logs 2017-07-14 14:30:58 -04:00
Robin Ward 97e211f837 FEATURE: Log Search Queries 2017-07-14 14:30:58 -04:00
Neil Lalonde 3ebd8838af FEATURE: cross-domain tracking for Google universal analytics 2017-07-13 15:21:44 -04:00
Sam 79a084dd58 Revert "remove old markdown engine work-in-progress"
This reverts commit ee470b5317.
2017-07-12 18:10:51 -04:00
Sam Saffron ee470b5317 remove old markdown engine work-in-progress 2017-07-12 17:44:40 -04:00
Jeff Atwood 5be9bee230 safe to default to read only off during backups 2017-07-12 04:52:17 -07:00
Sam d29a0eeedf allow global shadow for new markdown engine 2017-07-10 12:22:15 -04:00
Guo Xiang Tan 2255724637 UX: Add validator for `SiteSetting#sso_overrides_email`. 2017-07-10 10:08:55 +09:00
Arpit Jalan 5b67cd1937 Merge pull request #4956 from techAPJ/pm-recipients
FEATURE: new site setting to limit message recipients
2017-07-06 22:57:33 +05:30
Arpit Jalan 7cffbc8ba8 FEATURE: new site setting to limit message recipients
New site setting `max_allowed_message_recipients` to limit message
recipients

https://meta.discourse.org/t/one-of-my-users-just-group-messaged-100-other-user-with-a-spam-offer/65612/7?u=techapj
2017-07-06 22:52:49 +05:30
Robin Ward 4f66083121 Allow version_checks to be shadowed by global 2017-07-06 10:41:53 -04:00
Sam fbb5600c8e expose enable_experimental_markdown_it
expose the site setting that enables the CommonMark engine
2017-06-28 16:51:49 -04:00
Sam 4c5109ff5b FEATURE: site setting for Markdown typographer
It ships anyway with markdown.it so we might as well expose it
2017-06-27 16:50:13 -04:00
Sam e6cc07fc43 FEATURE: twitter is the new default emoji set 2017-06-26 16:51:55 -04:00
Sam 234694b50f Feature: CommonMark support
This adds the markdown.it engine to Discourse.
https://github.com/markdown-it/markdown-it

As the migration is going to take a while the new engine is default
disabled. To enable it you must change the hidden site setting:
enable_experimental_markdown_it.

This commit is a squash of many other commits, it also includes some
improvements to autospec (ability to run plugins), and a dev dependency
on the og gem for html normalization.
2017-06-23 12:01:33 -04:00
Leo McArdle 5e0efb3410 FEATURE: setting to only use the key when finding the related post of an email reply
this fixes email-in threading problems when using a SMTP server which modifies the message_id
header, like Amazon SES
2017-06-19 12:22:44 +01:00
Robin Ward 009f0921dc FEATURE: Whitelist hosts for internal crawling 2017-06-13 12:59:54 -04:00
Guo Xiang Tan c5caa9cf71 Revert "FIX: Disable request membership button if user does not have sufficient trust level."
This reverts commit 5f441a2614.
2017-06-13 17:49:21 +09:00
Régis Hanol 54e8fb0d89 FEATURE: new 'allow_staff_to_upload_any_file_in_pm' site setting 2017-06-12 22:41:29 +02:00
Arpit Jalan a1ebd67237 Revert "FEATURE: new setting to prioritize open topics in search" 2017-06-03 01:54:35 +05:30
Arpit Jalan b8a87a0996 FEATURE: new setting to prioritize open topics in search 2017-06-03 00:33:53 +05:30
Guo Xiang Tan 5f441a2614 FIX: Disable request membership button if user does not have sufficient trust level. 2017-06-02 16:06:25 +09:00
Arpit Jalan 796a2967af hide invites_per_page site setting 2017-05-24 11:30:43 +05:30
Robin Ward 93a5fc62bf FEATURE: A site setting to prevent crawling on private IP blocks 2017-05-23 11:56:06 -04:00
Sam 2a5a01af2e improve error on theme upload, add gif to allowed uploads 2017-05-17 16:29:09 -04:00
Sam 47ce674798 PERF: bypass wizard check after 15 topics are created 2017-05-12 10:18:43 -04:00
Régis Hanol 9641d2413d REFACTOR: upload workflow creation into UploadCreator
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
2017-05-11 00:16:57 +02:00
Sam bc0b9af576 FEATURE: support uploads for themes
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Robin Ward 4db76796b9 FEATURE: Setting to poll feeds more frequently 2017-05-10 14:30:12 -04:00
Robin Ward 57a2042ef6 FIX: Quiet server side errors for requesting json for account-created 2017-05-04 12:30:13 -04:00
Régis Hanol 1706036f2b Allow a `post_edit_time_limit` of up to 1 year 2017-05-03 16:06:55 +02:00
Neil Lalonde 0722ffadf1 Remove site settings enforce_global_nicknames and discourse_org_access_key 2017-05-01 14:53:16 -04:00
Jeff Atwood a26483bfd6 missed a file again 2017-04-27 16:39:27 -07:00
Jeff Atwood 52007222fc more realistic maximum password values 2017-04-27 16:38:50 -07:00
Régis Hanol 0ec15af970 restore the 'incoming_email_prefer_html' site setting 2017-04-27 14:31:11 +02:00
Robin Ward bf9c4a7828 FEATURE: secure_email site setting to prevent data going out in email 2017-04-26 13:05:56 -04:00