Arpit Jalan
fadcd36f92
FIX: do not treat ignore_redirects domains as blacklisted
...
This fix prevents domains present in `ignore_redirects` to be treated as
blacklisted domains and makes sure that onboxing happens for those domains.
Issue reported here: https://meta.discourse.org/t/steam-store-oneboxing-no-longer-works/97266
2018-09-18 10:38:02 +05:30
Bianca Nenciu
b6963b8ffb
FIX: Ignore OneBox blacklisted domains.
2018-08-27 20:40:55 +02:00
Guo Xiang Tan
ad5082d969
Make rubocop happy again.
2018-06-07 13:28:18 +08:00
Régis Hanol
3c8b43bb01
FIX: non-oneboxed links on separate lines should stay on separate lines
2018-04-11 21:33:45 +02:00
Vinoth Kannan
58bb3967e5
SECURITY: Oneboxer should escape the URL before processing
2018-03-15 19:57:55 +05:30
Régis Hanol
3be0294465
FIX: local post onebox was always pointing to 1st post
2018-02-26 16:05:35 +01:00
Régis Hanol
7d7f6faf40
FIX: properly render emojis in local oneboxes
2018-02-26 11:16:53 +01:00
Régis Hanol
0799831dbe
FIX: use the avatar of the post rather than the topic in local oneboxes
2018-02-20 19:49:39 +01:00
Régis Hanol
60ec483caa
FIX: include title in local onebox when linking to a different topic
2018-02-19 22:40:14 +01:00
Régis Hanol
93b1829f04
tiny refactor
2018-02-16 11:21:11 +01:00
Sam
cda3f72ab8
SECURITY: don't onebox whispers
2018-02-16 08:57:20 +11:00
Sam
57e140dc07
FIX: oneboxing to private messages
2018-02-16 08:00:22 +11:00
Régis Hanol
8e0da35857
FIX: allow local oneboxes to public topics/posts in PM
2018-02-15 18:14:41 +01:00
Sam
f028ffaf29
SECURITY: correct local onebox category checks
...
Also removes ugly "source_topic_id" from cooked posts
Patch was authored by @zogstrip
Signed-off-by: Sam <sam.saffron@gmail.com>
2018-02-14 10:40:46 +11:00
Régis Hanol
8e55400392
FIX: add 'SiteSetting.port' to 'Onebox.allowed_ports' in development mode
2017-12-18 18:31:41 +01:00
Joffrey JAFFEUX
6cd8203686
FIX: allows onebox to force GET hosts returning wrong headers on HEAD
2017-08-08 11:44:27 +02:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Blake Erickson
6fc5ece628
FIX: onebox for dropbox video links not working
...
add dropbox to the list of ignore redirects for onebox links
2017-07-26 14:37:54 -06:00
Régis Hanol
9e03fae26c
FIX: internal oneboxing wasn't working when login was required
2017-07-17 17:33:10 +02:00
Robin Ward
db485ae0da
FIX: Support for skipping redirects on certain domains (like steam)
2017-06-26 15:38:43 -04:00
Robin Ward
0de5d01d79
FIX: Onebox wasn't using correct uri
2017-06-06 16:39:15 -04:00
Robin Ward
369bb78f8e
FIX: Support for cookies in onebox redirects
2017-06-06 15:02:11 -04:00
Robin Ward
4c690f7089
Use `FinalDestination` to ensure public redirects for onebox
2017-05-22 16:42:49 -04:00
David McClure
b188c30925
FIX: Import scripts were failing to load onebox sanitize config
2017-02-25 09:27:42 -08:00
Régis Hanol
ba115480ba
FIX: wasn't extracting links to quoted posts
2017-02-06 14:45:04 +01:00
Guo Xiang Tan
d10fe51b72
Fix broken specs since all urls will be oneboxed.
2017-01-06 10:05:51 +08:00
Régis Hanol
b12b2b1911
change onebox preview key for me consistency
2016-12-20 11:18:47 +01:00
Régis Hanol
52cd9972bb
FIX: prevent DDoS with lots of _oneboxable_ links
...
FIX: ensure the onebox route is only allowed to logged in users
FIX: only allow 1 outgoing onebox preview per user
FIX: client should only do 1 preview at a time
2016-12-20 00:31:10 +01:00
Régis Hanol
a655e4b092
ensure we allow self oneboxing of login required sites
2016-11-03 22:48:32 +01:00
Régis Hanol
08d53b32ca
let's try loading onebox engines this way
2016-10-25 01:25:44 +02:00
Régis Hanol
3841cd9a7f
FEATURE: onebox everything by default
...
FEATURE: new 'max_oneboxes_per_post' site setting
FEATURE: change onebox whitelist to a blacklist
PERF: debounce the loading of oneboxes
PERF: improve perf of mention links in preview
FIX: sort loading of custom oneboxer
2016-10-24 12:46:22 +02:00
Robin Ward
0396b14b70
FEATURE: New "First Onebox" badge
2016-04-12 15:31:14 -04:00
Arpit Jalan
f38abbe279
FIX: onebox links should respect nofollow settings
2015-12-04 01:59:12 +05:30
Sam
57870b970d
correct hack and move to oneboxer
2015-09-25 20:14:53 +10:00
Sam
18a8853181
FIX: don't crash out searching for parent in oneboxer
2015-09-22 12:42:13 +10:00
Sam
88a5a676a7
lower error level on onebox failures
2015-08-24 10:43:07 +10:00
riking
5657006aca
Rename handle_exception to handle_job_exception
2015-02-09 12:47:46 -08:00
riking
d90404e830
Change 'code' to 'message'
2014-07-17 15:19:58 -07:00
Robin Ward
fc20332c0f
Lift all oneboxes out of `<p>` tags.
2014-07-04 16:09:51 -04:00
Robin Ward
7bb33c28c2
Add new `max_width` feature for oneboxes. Allows vimeo oneboxes to not
...
look like total garbage.
2014-06-05 13:18:18 -04:00
Sam
0bc3525b10
BUGFIX: more robust onebox implementation
2014-05-28 17:15:10 +10:00
Robin Ward
b0405d7cfa
Adds a Site Setting to whitelist onebox domains
2014-04-09 16:57:45 -04:00
Sam
239bcd19df
BUGFIX: protect ourselved against rogue onebox gem
2014-04-01 15:29:14 +11:00
Sam
00a46253ae
BUGFIX: Don't resolve oneboxes when cooking
...
Defer to post save job
2014-03-18 15:22:53 +11:00
Robin Ward
cd7ef6b49a
Revert "FIX: Bunch of Onebox issues"
...
This reverts commit ccbe671e4a
.
2014-02-25 13:35:08 -05:00
Robin Ward
ccbe671e4a
FIX: Bunch of Onebox issues
2014-02-25 13:29:05 -05:00
Neil Lalonde
d343e9f360
Add DiscourseLocalOnebox
2014-01-29 14:14:07 -05:00
Robin Ward
e453bfa073
Work in progress: Swap out onebox code for onebox gem
2014-01-29 14:14:07 -05:00
Neil Lalonde
86647f0a54
Add ScreenedUrl. Rename BlockedEmail to ScreenedEmail.
2013-08-14 16:08:23 -04:00
Sam
e4a76812a6
this is a slightly round about way of making our self oneboxes sane
...
shrunk avatar to 60px, added global whitelisting
2013-05-01 16:38:13 +10:00
Sam Saffron
94a578e4b2
ignore assets
...
fix runner so it works on mac
get rid of some test warnings
2013-04-30 12:43:59 +10:00
Sam
33e3ad1603
clean up onebox application so it uses a single code path
...
use fragments for oneboxes
strip parent <p> if <div> is in it
clean some tests
2013-04-10 17:52:38 +10:00
Robin Ward
ee5213be5f
Fixes regression with video embeds
2013-03-21 20:53:12 -04:00
Robin Ward
babcfe6234
Cache oneboxes in Redis now instead of postgres.
2013-03-21 13:11:54 -04:00
Robin Ward
9d4ecd7ef8
Oneboxes should use a sorted array for ordering, not a hash.
2013-03-21 11:47:01 -04:00
Robin Ward
1221c393a3
Merge branch 'whitespace-cleanese' of git://github.com/goshakkk/discourse
...
Conflicts:
lib/oneboxer.rb
lib/oneboxer/whitelist.rb
spec/controllers/robots_txt_controller_spec.rb
2013-02-26 10:42:49 -05:00
Gosha Arinich
cafc75b238
remove trailing whitespaces ❤️
2013-02-26 07:31:35 +03:00
tms
2e230d2661
Be more selective about when we allow oembed discovery
2013-02-25 20:48:17 -05:00
Robin Ward
ba238f92c2
Revert "Merge branch 'onebox-safety' of git://github.com/tms/discourse"
...
This reverts commit 7ca57db97a
, reversing
changes made to b7e027cfd1
.
2013-02-19 14:22:13 -05:00
tms
6d06420583
Be more selective about when we allow oembed discovery
2013-02-19 11:46:36 -05:00
tms
702fbcdfa8
Oneboxes shouldn't explode when the remote causes an HTTPError
2013-02-17 04:10:17 -05:00
Jaime Iniesta
6995e75d41
Replace Hpricot with Nokogiri
2013-02-14 11:35:50 +01:00
Sam Saffron
0f88947279
fix onebox for your own site
2013-02-06 16:22:11 +11:00
Robin Ward
21b5628528
Initial release of Discourse
2013-02-05 14:16:51 -05:00