Jeff Atwood
8e12846b9c
more copyedits on staff unusual login email
2018-10-27 18:30:45 -07:00
Jeff Atwood
a453643a5b
copyedits on staff unusual login alert
2018-10-27 18:17:40 -07:00
Jeff Atwood
817cf8b229
remove extraneous two factor auth info popup
2018-10-27 14:10:26 -07:00
Jeff Atwood
58b53f7841
update copy for "was this you?" login dialog
2018-10-27 13:57:30 -07:00
Rafael dos Santos Silva
2450f178ca
FEATURE: Allow admins to control PWA display mode per user agent
2018-10-26 13:47:22 -03:00
Joffrey JAFFEUX
b2585524a9
FEATURE: adds a most disagreed flaggers report
2018-10-26 15:59:04 +02:00
Kyle Zhao
a6eca28ec6
CSP - extract all other inline JavaScripts ( #6528 )
...
* wizard page inline js
* print topic inline js
* drop JS for preventing double submission
this is the default behavior with Rails' UJS `disable_with` helper
* omniauth complete redirect JS
* account activate inline js
2018-10-25 09:52:01 -04:00
Bianca Nenciu
6a3767cde7
FEATURE: Warn users via email about suspicious logins. ( #6520 )
...
* FEATURE: Warn users via email about suspicious logins.
* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
Jeff Atwood
54e025225d
minor copyedit
2018-10-24 16:22:29 -07:00
Sam Saffron
64aca0dc1b
FIX: remove duplicate referrer policy
...
Rails already ships with strict-origin-when-cross-origin, no need
to also add no-referrer-when-downgrade
see: https://meta.discourse.org/t/harden-referrer-policy-header/100172
2018-10-24 08:38:39 +11:00
Kyle Zhao
e9a971a2b6
FEATURE: [Experimental] Content Security Policy ( #6514 )
...
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
Régis Hanol
3e232412e3
UX: show error when hitting the rate limit on password reset
2018-10-22 19:00:30 +02:00
Rafael dos Santos Silva
db26fe1527
FIX: Proper naming for the GNU/Linux OS
2018-10-22 13:34:01 -03:00
Bianca Nenciu
99b43f281b
FIX: Fix browser detection for Microsoft Edge. ( #6516 )
...
cool!
2018-10-22 23:15:41 +11:00
David Taylor
37b7afa522
FIX: Sanitize tags before creation
2018-10-22 10:53:42 +01:00
Arpit Jalan
ce0a51665e
FIX: count emoji shortcuts in topic title
...
https://meta.discourse.org/t/max-emojis-in-title-set-to-0-conflicting-with-emoji-shortcuts/98368/3?u=techapj
2018-10-22 13:44:05 +05:30
Kyle Zhao
dca830cb73
Revert "FEATURE: [Experimental] Content Security Policy ( #6504 )"
...
This reverts commit fb8231077a
.
2018-10-19 11:53:29 -04:00
David Taylor
0dd717e641
Revert "FIX: Sanitize tags before creation"
...
This reverts commit 18ae8de9e5
.
2018-10-19 15:49:05 +01:00
David Taylor
18ae8de9e5
FIX: Sanitize tags before creation
2018-10-19 15:43:31 +01:00
Kyle Zhao
fb8231077a
FEATURE: [Experimental] Content Security Policy ( #6504 )
2018-10-19 10:39:22 -04:00
Bianca Nenciu
b69652278f
FEATURE: Add Wiki Editor badge. ( #6511 )
2018-10-19 15:30:27 +02:00
Bianca Nenciu
f60b10d090
UX: Warn users if the post that's currently edited has changed. ( #6498 )
2018-10-17 15:35:32 +02:00
Jeff Atwood
0db3e27ce4
remove windows phone references, it is ☠
2018-10-16 15:11:24 -07:00
Davide Porrovecchio
005e1f5373
Add Cache-Control header to CORS ( #6490 )
2018-10-16 10:46:55 +11:00
Kyle Zhao
99d1ded3b3
rename route `/javascripts` to `/theme-javascripts` ( #6495 )
2018-10-15 11:32:52 -04:00
Maja Komel
c104256991
FIX: SSO provider secrets - check wildcard domains last, toggle secrets visibility
2018-10-15 16:18:29 +02:00
David Taylor
7ac08f936e
FEATURE: Upload tags from CSV ( #6484 )
2018-10-15 09:12:54 +01:00
Maja Komel
27e732a58d
FEATURE: allow multiple secrets for Discourse SSO provider
...
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.
This allows for better auditing of the SSO provider feature
2018-10-15 16:03:53 +11:00
Kyle Zhao
6acdea37c4
DEV: extract inline js when baking theme fields ( #6447 )
...
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields
This work is needed to support CSP work
2018-10-15 15:55:23 +11:00
Joe
2acb885c72
FEATURE: fullscreen composer mode on desktop
...
Adds keyboard shortcut and icon that allows expanding composer to full screen.
2018-10-15 13:59:49 +11:00
Guo Xiang Tan
84d4c81a26
FEATURE: Support backup uploads/downloads directly to/from S3.
...
This reverts commit 3c59106bac
.
2018-10-15 09:43:31 +08:00
Neil Lalonde
af39624d19
Update translations
2018-10-12 10:40:25 -04:00
Neil Lalonde
12f132736b
FIX: error looking at users in admin when tl3_promotion_min_duration is set to a very high value
2018-10-11 15:11:48 -04:00
Jeff Wong
b5b382dcd6
Feature: add boxes with subcategories option for desktop categories page ( #6471 )
...
* Feature: add boxes with subcategories option for desktop categories page
* only add subclass div when subclasses exist
2018-10-11 15:59:37 +08:00
Guo Xiang Tan
3c59106bac
Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
...
This reverts commit c29a4dddc1
.
We're doing a beta bump soon so un-revert this after that is done.
2018-10-11 11:08:23 +08:00
Gerhard Schlager
c29a4dddc1
FEATURE: Support backup uploads/downloads directly to/from S3.
2018-10-11 10:38:43 +08:00
Robin Ward
a566ed42ae
FEATURE: Option to disable user presence and profile
...
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
2018-10-10 17:34:33 -04:00
Joshua Rosenfeld
fd48ba10b8
Add quotes to site setting HTML links
2018-10-10 16:53:02 -04:00
Joshua Rosenfeld
51029e3884
Revert sendgrid URL change
...
per 2ded524b5a
2018-10-10 09:00:39 -04:00
Joshua Rosenfeld
18e99ddfa9
Link to social login instructions in site settings
2018-10-10 08:46:48 -04:00
Joshua Rosenfeld
cd2b8d40f1
Properly link to URLs in site settings
2018-10-10 08:46:03 -04:00
Joshua Rosenfeld
d35bce96ab
Use https:// when possible
2018-10-10 07:11:58 -04:00
Joshua Rosenfeld
3d8b063c83
Update test_mailer to minimize URL redirects
2018-10-10 06:16:33 -04:00
Bianca Nenciu
1d26a473e7
FEATURE: Show "Recently used devices" in user preferences ( #6335 )
...
* FEATURE: Added MaxMindDb to resolve IP information.
* FEATURE: Added browser detection based on user agent.
* FEATURE: Added recently used devices in user preferences.
* DEV: Added acceptance test for recently used devices.
* UX: Do not show 'Show more' button if there aren't more tokens.
* DEV: Fix unit tests.
* DEV: Make changes after code review.
* Add more detailed unit tests.
* Improve logging messages.
* Minor coding style fixes.
* DEV: Use DropdownSelectBoxComponent and run Prettier.
* DEV: Fix unit tests.
2018-10-09 22:21:41 +08:00
Penar Musaraj
47f19adac8
Remove old bookmark strings
2018-10-09 09:31:08 -04:00
Vinoth Kannan
ac034a6b2c
copyedit on branch field help text
2018-10-09 11:56:51 +05:30
Erin Kosewic
51aba32651
FEATURE: add branch option to remote theme import
...
* FEATURE: add branch option to remote theme import
* FIX: Add missing variable in params
* FIX: Add missing param for import_theme method
* SPEC: Add test methods for branch support in git import
* FIX: Add missing space to scss style
* Do not assume default branch as master
* Change branch field placeholder
* FIX: add missing div start tag
2018-10-09 17:01:08 +11:00
Kyle Zhao
acba7d2a5d
Extract `discourse_javascript.html.erb` to a scrip include
...
* extract omniauth auth complete inline JS
* extract Ember error logging inline JS
* transpile `authentication-complete`
This is CSP related work
2018-10-09 16:50:45 +11:00
Guo Xiang Tan
1c9b5e75e7
DEV: Support post deployment migrations for plugins.
2018-10-09 13:11:45 +08:00
Jeff Wong
e55f220b33
add category style boxes with featured topics option
2018-10-08 16:19:54 -07:00