Sam
ceafcbc898
FEATURE: show added date when looking at group members
2018-11-01 15:33:28 +11:00
Régis Hanol
0bf52d422c
FEATURE: new 'simultaneous_uploads' site setting
2018-10-31 10:58:09 +01:00
Daniel Kessler
8a443e051b
Add base_url to config locales ( #6510 )
2018-10-31 08:19:37 +00:00
Joe
d08cd0b21f
UX: updates category muting instructions
2018-10-31 13:01:22 +08:00
Bianca Nenciu
e0ccd36dbe
FEATURE: Suspicious logins report. ( #6544 )
2018-10-30 22:51:58 +00:00
Bianca Nenciu
e1e392f15b
DEV: Use DiscourseIpInfo for all IP queries. ( #6482 )
...
* DEV: Use DiscourseIpInfo for all IP queries.
* UX: Use latitude and longitude for more precision.
2018-10-30 22:08:57 +00:00
Bianca Nenciu
087b12b40c
FIX: Fix 'New Login Alert' message. ( #6539 )
2018-10-30 19:13:25 +00:00
Gerhard Schlager
e32993f96c
minor copyedit
2018-10-30 13:33:26 +01:00
Maja Komel
5485248fbe
FIX: sso provider copyedit
2018-10-30 10:02:22 +01:00
Jeff Atwood
23ae2023ef
minor copyedit
2018-10-30 00:25:34 -07:00
Jeff Atwood
8e12846b9c
more copyedits on staff unusual login email
2018-10-27 18:30:45 -07:00
Jeff Atwood
a453643a5b
copyedits on staff unusual login alert
2018-10-27 18:17:40 -07:00
Jeff Atwood
817cf8b229
remove extraneous two factor auth info popup
2018-10-27 14:10:26 -07:00
Jeff Atwood
58b53f7841
update copy for "was this you?" login dialog
2018-10-27 13:57:30 -07:00
Rafael dos Santos Silva
2450f178ca
FEATURE: Allow admins to control PWA display mode per user agent
2018-10-26 13:47:22 -03:00
Joffrey JAFFEUX
b2585524a9
FEATURE: adds a most disagreed flaggers report
2018-10-26 15:59:04 +02:00
Kyle Zhao
a6eca28ec6
CSP - extract all other inline JavaScripts ( #6528 )
...
* wizard page inline js
* print topic inline js
* drop JS for preventing double submission
this is the default behavior with Rails' UJS `disable_with` helper
* omniauth complete redirect JS
* account activate inline js
2018-10-25 09:52:01 -04:00
Bianca Nenciu
6a3767cde7
FEATURE: Warn users via email about suspicious logins. ( #6520 )
...
* FEATURE: Warn users via email about suspicious logins.
* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
Jeff Atwood
54e025225d
minor copyedit
2018-10-24 16:22:29 -07:00
Sam Saffron
64aca0dc1b
FIX: remove duplicate referrer policy
...
Rails already ships with strict-origin-when-cross-origin, no need
to also add no-referrer-when-downgrade
see: https://meta.discourse.org/t/harden-referrer-policy-header/100172
2018-10-24 08:38:39 +11:00
Kyle Zhao
e9a971a2b6
FEATURE: [Experimental] Content Security Policy ( #6514 )
...
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
Régis Hanol
3e232412e3
UX: show error when hitting the rate limit on password reset
2018-10-22 19:00:30 +02:00
Rafael dos Santos Silva
db26fe1527
FIX: Proper naming for the GNU/Linux OS
2018-10-22 13:34:01 -03:00
Bianca Nenciu
99b43f281b
FIX: Fix browser detection for Microsoft Edge. ( #6516 )
...
cool!
2018-10-22 23:15:41 +11:00
David Taylor
37b7afa522
FIX: Sanitize tags before creation
2018-10-22 10:53:42 +01:00
Arpit Jalan
ce0a51665e
FIX: count emoji shortcuts in topic title
...
https://meta.discourse.org/t/max-emojis-in-title-set-to-0-conflicting-with-emoji-shortcuts/98368/3?u=techapj
2018-10-22 13:44:05 +05:30
Kyle Zhao
dca830cb73
Revert "FEATURE: [Experimental] Content Security Policy ( #6504 )"
...
This reverts commit fb8231077a
.
2018-10-19 11:53:29 -04:00
David Taylor
0dd717e641
Revert "FIX: Sanitize tags before creation"
...
This reverts commit 18ae8de9e5
.
2018-10-19 15:49:05 +01:00
David Taylor
18ae8de9e5
FIX: Sanitize tags before creation
2018-10-19 15:43:31 +01:00
Kyle Zhao
fb8231077a
FEATURE: [Experimental] Content Security Policy ( #6504 )
2018-10-19 10:39:22 -04:00
Bianca Nenciu
b69652278f
FEATURE: Add Wiki Editor badge. ( #6511 )
2018-10-19 15:30:27 +02:00
Bianca Nenciu
f60b10d090
UX: Warn users if the post that's currently edited has changed. ( #6498 )
2018-10-17 15:35:32 +02:00
Jeff Atwood
0db3e27ce4
remove windows phone references, it is ☠
2018-10-16 15:11:24 -07:00
Davide Porrovecchio
005e1f5373
Add Cache-Control header to CORS ( #6490 )
2018-10-16 10:46:55 +11:00
Kyle Zhao
99d1ded3b3
rename route `/javascripts` to `/theme-javascripts` ( #6495 )
2018-10-15 11:32:52 -04:00
Maja Komel
c104256991
FIX: SSO provider secrets - check wildcard domains last, toggle secrets visibility
2018-10-15 16:18:29 +02:00
David Taylor
7ac08f936e
FEATURE: Upload tags from CSV ( #6484 )
2018-10-15 09:12:54 +01:00
Maja Komel
27e732a58d
FEATURE: allow multiple secrets for Discourse SSO provider
...
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.
This allows for better auditing of the SSO provider feature
2018-10-15 16:03:53 +11:00
Kyle Zhao
6acdea37c4
DEV: extract inline js when baking theme fields ( #6447 )
...
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields
This work is needed to support CSP work
2018-10-15 15:55:23 +11:00
Joe
2acb885c72
FEATURE: fullscreen composer mode on desktop
...
Adds keyboard shortcut and icon that allows expanding composer to full screen.
2018-10-15 13:59:49 +11:00
Guo Xiang Tan
84d4c81a26
FEATURE: Support backup uploads/downloads directly to/from S3.
...
This reverts commit 3c59106bac
.
2018-10-15 09:43:31 +08:00
Neil Lalonde
af39624d19
Update translations
2018-10-12 10:40:25 -04:00
Neil Lalonde
12f132736b
FIX: error looking at users in admin when tl3_promotion_min_duration is set to a very high value
2018-10-11 15:11:48 -04:00
Jeff Wong
b5b382dcd6
Feature: add boxes with subcategories option for desktop categories page ( #6471 )
...
* Feature: add boxes with subcategories option for desktop categories page
* only add subclass div when subclasses exist
2018-10-11 15:59:37 +08:00
Guo Xiang Tan
3c59106bac
Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
...
This reverts commit c29a4dddc1
.
We're doing a beta bump soon so un-revert this after that is done.
2018-10-11 11:08:23 +08:00
Gerhard Schlager
c29a4dddc1
FEATURE: Support backup uploads/downloads directly to/from S3.
2018-10-11 10:38:43 +08:00
Robin Ward
a566ed42ae
FEATURE: Option to disable user presence and profile
...
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
2018-10-10 17:34:33 -04:00
Joshua Rosenfeld
fd48ba10b8
Add quotes to site setting HTML links
2018-10-10 16:53:02 -04:00
Joshua Rosenfeld
51029e3884
Revert sendgrid URL change
...
per 2ded524b5a
2018-10-10 09:00:39 -04:00
Joshua Rosenfeld
18e99ddfa9
Link to social login instructions in site settings
2018-10-10 08:46:48 -04:00
Joshua Rosenfeld
cd2b8d40f1
Properly link to URLs in site settings
2018-10-10 08:46:03 -04:00
Joshua Rosenfeld
d35bce96ab
Use https:// when possible
2018-10-10 07:11:58 -04:00
Joshua Rosenfeld
3d8b063c83
Update test_mailer to minimize URL redirects
2018-10-10 06:16:33 -04:00
Bianca Nenciu
1d26a473e7
FEATURE: Show "Recently used devices" in user preferences ( #6335 )
...
* FEATURE: Added MaxMindDb to resolve IP information.
* FEATURE: Added browser detection based on user agent.
* FEATURE: Added recently used devices in user preferences.
* DEV: Added acceptance test for recently used devices.
* UX: Do not show 'Show more' button if there aren't more tokens.
* DEV: Fix unit tests.
* DEV: Make changes after code review.
* Add more detailed unit tests.
* Improve logging messages.
* Minor coding style fixes.
* DEV: Use DropdownSelectBoxComponent and run Prettier.
* DEV: Fix unit tests.
2018-10-09 22:21:41 +08:00
Penar Musaraj
47f19adac8
Remove old bookmark strings
2018-10-09 09:31:08 -04:00
Vinoth Kannan
ac034a6b2c
copyedit on branch field help text
2018-10-09 11:56:51 +05:30
Erin Kosewic
51aba32651
FEATURE: add branch option to remote theme import
...
* FEATURE: add branch option to remote theme import
* FIX: Add missing variable in params
* FIX: Add missing param for import_theme method
* SPEC: Add test methods for branch support in git import
* FIX: Add missing space to scss style
* Do not assume default branch as master
* Change branch field placeholder
* FIX: add missing div start tag
2018-10-09 17:01:08 +11:00
Kyle Zhao
acba7d2a5d
Extract `discourse_javascript.html.erb` to a scrip include
...
* extract omniauth auth complete inline JS
* extract Ember error logging inline JS
* transpile `authentication-complete`
This is CSP related work
2018-10-09 16:50:45 +11:00
Guo Xiang Tan
1c9b5e75e7
DEV: Support post deployment migrations for plugins.
2018-10-09 13:11:45 +08:00
Jeff Wong
e55f220b33
add category style boxes with featured topics option
2018-10-08 16:19:54 -07:00
Gerhard Schlager
97ad9e9d9b
UX: Prompt for custom invite message was hard to translate
2018-10-08 18:01:21 +02:00
Guo Xiang Tan
40fa96777d
FEATURE: Post deployment migrations. ( #6406 )
...
This moves us away from the delayed drops pattern which
was problematic on two counts. First, it uses a hardcoded "delay for"
duration which may be too short for certain deployment strategies.
Second, delayed drop doesn't ensure that it only runs after
the latest application code has been deployed. If the migration runs
and the application code fails to deploy, running the migration after
"delay for" has been met will cause the application to blow up.
The new strategy allows post deployment migrations to be skipped if the
env `SKIP_POST_DEPLOYMENT_MIGRATIONS` is provided.
```
SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
-> deploy app servers
SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
```
To aid with the generation of a post deployment migration, a generator
has been added. Simply run `rails generate post_migration`.
2018-10-08 15:47:38 +08:00
Jeff Atwood
3b6a525e5b
minor copyedit for bookmarks
2018-10-07 04:17:59 -07:00
Arpit Jalan
2a94bf9dfb
UX: change staff actions logs user label
2018-10-06 13:54:46 +05:30
David Taylor
9bf522f227
FEATURE: Mixed case tagging ( #6454 )
...
- By default, behaviour is not changed: tags are made lowercase upon creation and edit.
- If force_lowercase_tags is disabled, then mixed case tags are allowed.
- Tags must remain case-insensitively unique. This is enforced by ActiveRecord and Postgres.
- A migration is added to provide a `UNIQUE` index on `lower(name)`. Migration includes a safety to correct any current tags that do not meet the criteria.
- A `where_name` scope is added to `models/tag.rb`, to allow easy case-insensitive lookups. This is used instead of `Tag.where(name: "blah")`.
- URLs remain lowercase. Mixed case URLs are functional, but have the lowercase equivalent as the canonical.
2018-10-05 10:23:52 +01:00
Vinoth Kannan
8430ea927e
FIX: Generate webhook payloads before destroy events ( #6325 )
2018-10-05 16:53:59 +08:00
Guo Xiang Tan
da39a310c3
Fix missing quotes in unicorn_launcher.
2018-10-05 12:21:07 +08:00
Guo Xiang Tan
07eca289d3
Fix invalid bash syntax.
2018-10-05 12:18:20 +08:00
Guo Xiang Tan
00ae94cb4d
DEV: Prevent `unicorn_launcher` from looping forever.
...
For some reason, the new master unicorn process that we
detect might be replaced with another process causing
the script to loop forever.
2018-10-05 12:12:54 +08:00
Guo Xiang Tan
3400624d70
Log pid of launcher script when logging.
2018-10-05 11:48:32 +08:00
Jeff Atwood
2bdc36bd8c
very minor copyedit on bump date
2018-10-04 17:22:44 -07:00
Maja Komel
361ad7ed2b
FEATURE: add indication if incoming email attachment was rejected and inform sender about it ( #6376 )
...
* FEATURE: add indication if incoming email attachment was rejected and inform sender about it
* include errors for rejected attachments in email
* don't send warning email to staged users
* use user object instead of user_id in add_attachments method
2018-10-04 22:08:28 +08:00
Guo Xiang Tan
16dedb5498
Avoid hardcoded value in `unicorn_launcher` take 2.
2018-10-04 17:13:27 +08:00
Guo Xiang Tan
a8368318fe
Revert "Avoid hardcoded value in `unicorn_launcher`."
...
This seems to be causing problem with the unicorn master pid
tracking so revert for now.
This reverts commit 09d0216e84
.
2018-10-04 16:26:13 +08:00
Guo Xiang Tan
09d0216e84
Avoid hardcoded value in `unicorn_launcher`.
...
On slower instances, spinning up a new master process
can take more than 10 secs.
2018-10-04 15:44:13 +08:00
Rafael dos Santos Silva
b8d3fbd08b
FEATURE: Enable the notification prompt by default
2018-10-03 19:58:24 -03:00
Vinoth Kannan
23b4ab9bf9
DEV: Do not use concatenation in translations
2018-10-03 11:59:21 +05:30
Guo Xiang Tan
4b367dc61e
FIX: `unicorn_launcher` should shut down unicorn gracefully.
2018-10-03 14:27:05 +08:00
Sam
0e10b47618
UX: make responsive_post_image_sizes a visible site setting
...
This is useful for sites that want to cut bandwidth by decreasing
fidelity of thumbnails.
2018-10-03 15:06:37 +10:00
Sam
ad0e768742
FEATURE: add support for responsive images in posts
...
When creating lightboxes we will attempt to create 1.5x and 2x thumbnails
for retina screens, this can be controlled with a new hidden site setting
called responsice_post_image_sizes, if you wish to create 3x images run
SiteSetting.responsive_post_image_sizes = "1|1.5|2|3"
The default should be good for most of the setups as it balances filesize
with quality. 3x thumbs can get big.
2018-10-03 13:44:53 +10:00
Maja Komel
73443d889c
FIX: keep files in order when adding multiple uploads ( #6306 )
...
* FIX: keep files in order when adding multiple uploads
* use filename in the placeholder when uploading files
* add tests
* add consecutive nr to the placeholder when multiple uploads with the same filename
2018-10-03 11:12:36 +10:00
Sam
a6f0436a29
FEATURE: change default to enable login by email out-of-the-box
2018-10-03 10:16:52 +10:00
Bianca Nenciu
e0d7cdac12
UX: Improve error messages for minimum and maximum username lengths.
2018-10-02 13:10:20 +08:00
Arpit Jalan
dc960e1a82
Make `enable_mobile_theme` a hidden setting
...
https://meta.discourse.org/t/default-mobile-view-formatting-error/98063/3
2018-09-29 10:33:17 +08:00
David Taylor
2a8ce0cb04
UX: Improve shared_drafts_category description
2018-09-27 22:39:10 +01:00
Gerhard Schlager
471f9927bb
Fix Bosnian plural rules
2018-09-27 05:43:49 +02:00
Gerhard Schlager
b0a383561e
FEATURE: Add Lithuanian locale
2018-09-27 05:26:38 +02:00
David Taylor
0b2b617483
FIX: Corrected copy on post_edit_time_limit site setting
2018-09-26 18:49:10 +01:00
Rishabh Nambiar
e387adadf8
UX: Improve owner_groups text to fit combo-box in a single line
2018-09-26 17:02:59 +05:30
Neil Lalonde
f8a77cd041
FIX: links in TL1 promotion system message for subfolder installs
2018-09-21 12:20:59 -04:00
Guo Xiang Tan
d4bd04c3a7
Allow `purge_deleted_uploads_grace_period_days` to be shadowed.
2018-09-19 17:49:00 +08:00
Jeff Atwood
b33a623774
very minor copyedit
2018-09-18 15:48:48 -07:00
Vinoth Kannan
4383afb769
Merge pull request #6413 from vinothkannans/log-entity-export
...
FEATURE: Log entity export in staff logs
2018-09-19 03:18:28 +05:30
Vinoth Kannan
9281b72308
FEATURE: Log entity export in staff logs
2018-09-19 03:16:45 +05:30
Jeff Atwood
f43b5bb3c1
considerably simplify copy for change owner
2018-09-18 14:15:08 -07:00
Sam
0e9841b995
SECURITY: remove admin memory diagnostics routes
2018-09-18 08:35:09 +10:00
Neil Lalonde
6f1b8ad16d
FIX: tag groups page should only be visible to staff
...
No security concern here because nothing private was visible,
and no actions could be taken by non-staff users.
2018-09-17 11:41:18 -04:00
Régis Hanol
4481836de2
FEATURE: new 'search_ignore_accents' site setting
2018-09-17 10:42:30 +02:00
Kyle Zhao
7a0232249a
extract inline JS that's used to store preloaded data ( #6370 )
2018-09-17 16:31:46 +08:00
CheshireVillageSoftware
f3214889dc
FEATURE: Updated CORS config to explicitly specifyhttp methods
...
See: https://stackoverflow.com/questions/20478312/default-value-for-access-control-allow-methods
In particular we now explicitly allow DELETE and PUT which is inconsistently allowed depending on browser
2018-09-17 11:01:08 +10:00