Arpit Jalan
60941f214c
FIX: remove unneeded keys from failed response
2018-11-22 14:59:50 +05:30
Guo Xiang Tan
6111b285d9
DEV: Remove comment that links to a private topic.
...
Not going to be useful for other developers.
2018-11-22 14:55:02 +08:00
Kyle Zhao
8e32aa1483
FEATURE: show post approvals in Moderation History ( #6643 )
2018-11-22 10:22:23 +08:00
Arpit Jalan
61eff22b29
FIX: raise `Discourse::NotFound` unless the user is present
2018-11-21 10:57:42 +05:30
Arpit Jalan
10cc698df3
FIX: respond with proper error message if user not found
2018-11-21 10:47:37 +05:30
Arpit Jalan
539f1c6252
FIX: raise `Discourse::NotFound` unless the topic is present
2018-11-21 09:48:38 +05:30
Sam
20268385a5
FIX: never attempt to log invalid post numbers
...
Previously in some cases we would queue logging of invalid post numbers
The impact would be we would miss logging an incoming link and would leak
an error.
2018-11-21 11:58:47 +11:00
Arpit Jalan
5951e111ad
FIX: handle nil topic value when removing allowed users
2018-11-20 22:55:39 +05:30
Arpit Jalan
22a7f1e7f2
FIX: handle nil user value on password reset
2018-11-20 21:49:47 +05:30
Joffrey JAFFEUX
e860c8b844
FIX: adds support for missing reports from old dashboard ( #6624 )
2018-11-19 12:20:05 +01:00
Sam
6556a87629
FIX: only check for conflict on edit drafts
...
In some unknown cases non edit drafts are being checked for conflict
2018-11-15 13:14:07 +11:00
Leo McArdle
7bc121a065
allow CSP reports to be sent when header isn't set by Discourse ( #6594 )
2018-11-14 16:23:29 -05:00
Régis Hanol
c78dcde973
FIX: only send originalText when we need to
2018-11-14 17:47:59 +01:00
Bianca Nenciu
34e4d82f1a
FEATURE: Report edit conflicts when saving draft. ( #6585 )
2018-11-14 12:56:25 +01:00
Guo Xiang Tan
44391ee8ab
FEATURE: Upload Site Settings. ( #6573 )
2018-11-14 15:03:02 +08:00
David Taylor
17bc82765b
FEATURE: Log password changes in UserHistory ( #6600 )
2018-11-14 08:32:42 +08:00
Robin Ward
467be59d75
FEATURE: Allow expanded posts to return user custom fields
2018-11-13 12:44:54 -05:00
Sam
80ceb57c76
DEV: add API endpoint to destroy_timings only of last post
...
Previously API only allowed you to nuke all timings from a topic,
new API is less punishing and allows you just to remove 1 post.
2018-11-13 16:07:48 +11:00
Vinoth Kannan
dda1824270
Use hijack in inline onebox controller
2018-11-13 02:39:20 +05:30
David Taylor
d89ffbeffd
FEATURE: Add button to delete unused tags ( #6587 )
...
This is particularly useful if you have uploaded a CSV file, and wish
to bulk-delete all of the tags that you uploaded.
2018-11-12 16:24:34 +00:00
Bianca Nenciu
5af9a69a3b
FIX: Do not check for suspicious login when impersonating. ( #6534 )
...
* FIX: Do not check for suspicious login when impersonating.
* DEV: Add 'impersonate' parameter to log_on_user.
2018-11-12 15:34:12 +01:00
Joffrey JAFFEUX
9c616e0679
FIX: handles not found reports in bulk loading ( #6582 )
2018-11-12 13:47:24 +01:00
Gerhard Schlager
7c4d4331bc
FEATURE: Better handling of quotation marks in site text search
...
It also matches 3 dots with the ellipsis symbol.
2018-11-12 13:26:41 +01:00
Sam
64d9be726f
the protection I placed was in the wrong path moved to /session/sso
...
correct previous commit
2018-11-09 17:18:01 +11:00
Sam
3ae4fcd1f7
Improve redirect avoidance for /sso paths
...
e6b3310577
was missing an ege case
where return url included current_hostname
2018-11-09 17:03:58 +11:00
Sam
e6b3310577
FIX: never redirect back to `/sso` it will cause a loop
...
If for any reason our return url is set to `/sso` bypass using it
for login redirect
2018-11-09 14:27:36 +11:00
Sam
15991677d4
FIX: ensure we never cache login redirects by mistake
2018-11-09 11:14:35 +11:00
Robin Ward
242a5fc5ef
Add DiscourseEvents for when users as unsuspended/unsilenced
2018-11-08 16:33:38 -05:00
Sam
42572ff138
Revert font awesome 5 changes
...
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
Penar Musaraj
09dc922b3b
Fix several FontAwesome 5 issues
...
add missing icons, update SvgSprite methods (to fix ruby 2.4 issues), update whisper icon in composer, fix alignment issues
2018-11-07 22:20:53 -05:00
Penar Musaraj
005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs ( #6557 )
...
* First take on subsetting svg icons
* FontAwesome 5 svg subset WIP
* Include icons from plugins/badges into svg sprite subset
* add svg icon support to themes
* Add spec for SvgSprite
* Misc. SVG icon fixes
* Use FA5 svgs in local-dates plugin
* CSS adjustments, fix SVG icons in group flair
* Use SVG icons in poll plugin
* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
Sam
0a442e319c
FIX: correct svg handling for images
...
We regressed and optimized images no longer worked with svg
The following adds the correct logic to simply copy file for svgs
and bypasses resizing for svg avatars
2018-11-07 15:29:26 +11:00
Robin Ward
931c3d165b
Revert "FIX: We shouldn't include topics when mobile view is enabled"
...
This reverts commit 2feadcdafb
.
2018-11-02 10:29:44 -04:00
Robin Ward
2feadcdafb
FIX: We shouldn't include topics when mobile view is enabled
...
This setting was set to be the opposite of what we want
2018-11-01 14:47:06 -04:00
Sam
ceafcbc898
FEATURE: show added date when looking at group members
2018-11-01 15:33:28 +11:00
Sam
aa044623bd
FIX: do not create superflous sessions when logged on
...
In some SSO implementations we may want to issue SSO pipelines for
already logged on users
In these cases do not re-log-in a user if they are clearly logged on
2018-11-01 12:54:01 +11:00
Bianca Nenciu
fa0e421af3
FIX: Do not leak information about post revisions. ( #6536 )
2018-10-31 14:47:00 +00:00
Blake Erickson
589e3fcaa0
FIX: return 400 for missing required params ( #6546 )
...
If a required param is missing return a 400 and show a message
displaying which param was missing. Added this to the application
controller so that we don't have to add this logic to every controller
action.
2018-10-31 13:02:48 +11:00
Sam
32b1f34910
PERF: avoid DNS lookups when getting IP info
...
Also cleans up interface in DiscourseIpInfo
grew cache to 2000 entries
2018-10-31 12:38:57 +11:00
Bianca Nenciu
e1e392f15b
DEV: Use DiscourseIpInfo for all IP queries. ( #6482 )
...
* DEV: Use DiscourseIpInfo for all IP queries.
* UX: Use latitude and longitude for more precision.
2018-10-30 22:08:57 +00:00
Bianca Nenciu
4b7ab97a01
FIX: Add 'log in via link' to email templates. ( #6545 )
2018-10-30 19:15:05 +00:00
Vinoth Kannan
92bf3c667e
FIX: Flash authentication data not rendered in latest iOS safari browser
2018-10-30 04:00:36 +05:30
Rafael dos Santos Silva
84f858fc23
FIX: Remove orientation from the webmanifest
...
We don't really care about orientation, so let the user OS handle it.
2018-10-26 13:48:14 -03:00
Rafael dos Santos Silva
2450f178ca
FEATURE: Allow admins to control PWA display mode per user agent
2018-10-26 13:47:22 -03:00
Joffrey JAFFEUX
8e274f7296
UX: bumps the user-api-key version to 3 ( #6526 )
...
* UX: bumps the user-api-key version to 3
* fix spec
2018-10-25 09:46:34 +00:00
Bianca Nenciu
6a3767cde7
FEATURE: Warn users via email about suspicious logins. ( #6520 )
...
* FEATURE: Warn users via email about suspicious logins.
* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
Kyle Zhao
e9a971a2b6
FEATURE: [Experimental] Content Security Policy ( #6514 )
...
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
Régis Hanol
3e232412e3
UX: show error when hitting the rate limit on password reset
2018-10-22 19:00:30 +02:00
David Taylor
3377f26eba
FIX: Clean tag before searching for matches
2018-10-22 11:09:06 +01:00
Kyle Zhao
dca830cb73
Revert "FEATURE: [Experimental] Content Security Policy ( #6504 )"
...
This reverts commit fb8231077a
.
2018-10-19 11:53:29 -04:00