Gerhard Schlager
2a22b90538
SECURITY: email domain whitelist could be bypassed
2018-01-17 21:45:32 +01:00
Robin Ward
34ed6088b9
FEATURE: New modal to show flags received for a user
2018-01-17 15:08:08 -05:00
Rafael dos Santos Silva
70c5f6ae17
Merge pull request #5489 from discourse/fix-shared-s3-cdn
...
FIX: Allow shared CDN for s3 and assets
2018-01-17 16:32:11 -02:00
Arpit Jalan
e04fb9a877
fix the build
2018-01-17 12:57:33 +05:30
Arpit Jalan
79eb9d7086
FEATURE: show header search results on search log term details page
2018-01-17 12:47:16 +05:30
Sam
b7023da894
PERF: reduce queries required for post timings
...
- also freezes a bunch of strings
- bypass active record for an exists query
2018-01-17 15:50:41 +11:00
Arpit Jalan
1208254961
FIX: validate presence of 'top menu' setting
2018-01-17 01:43:53 +05:30
Neil Lalonde
f274a5234f
FIX: topic and category exporters were only exporting users who created the first post
2018-01-16 12:51:53 -05:00
Sam
d7657d8e47
correct specs, ensure crawler layout only applies to html
2018-01-16 16:28:11 +11:00
Sam
7b562d2f46
FEATURE: much improved and simplified crawler detection
...
- phase one does it match 'trident|webkit|gecko|chrome|safari|msie|opera'
yes- well it is possibly a browser
- phase two does it match 'rss|bot|spider|crawler|facebook|archive|wayback|ping|monitor'
probably a crawler then
Based off: https://gist.github.com/SamSaffron/6cfad7ea3e6df321ffb7a84f93720a53
2018-01-16 15:41:45 +11:00
Neil Lalonde
ce79ec0127
FIX: subfolder: top referred topics report was missing subfolder in links
2018-01-15 17:28:35 -05:00
Arpit Jalan
785d063a6b
Merge pull request #5496 from techAPJ/admin-graphs
...
FIX: graphs should go to zero for missing dates
2018-01-15 11:10:29 +05:30
Arpit Jalan
b7ba490df7
FIX: graphs should go to zero for missing dates
2018-01-15 10:16:34 +05:30
Sam
906f189914
have to clear debounce cache for tests
2018-01-15 15:29:54 +11:00
Sam
d9788a5fb3
missed a spec
2018-01-15 14:51:04 +11:00
Sam
bf68d394f4
PERF: handle debounce in redis cause SQL can be slow
2018-01-15 14:48:28 +11:00
Neil Lalonde
ad58a1743b
rename topic_list.tags to topic_list.top_tags
2018-01-12 16:35:27 -05:00
Neil Lalonde
6d68275ef9
don't show tag groups if they're restricted to categories you can't access
2018-01-12 14:25:42 -05:00
Sam
215c0d5569
FEATURE: allow system api to target users via external id or user id
...
usage ?api_key=XYZ&api_user_external_id=ABC
usage ?api_key=XYZ&api_user_id=123
2018-01-12 17:40:18 +11:00
Vinoth Kannan
988b13ac77
FIX: GitHub auth always asking to verify email for new users ( #5487 )
2018-01-12 15:17:29 +11:00
Sam
49ed382c2a
FIX: return 429 when admin api key is limited on admin route
...
This also handles a general case where exceptions leak out prior to being handled by the application controller
2018-01-12 14:15:26 +11:00
Rafael dos Santos Silva
b9a343afe7
FIX: Allow shared CDN for s3 and assets
2018-01-12 01:08:15 -02:00
Vinoth Kannan
b96ae14261
FEATURE: Display force_https warning in admin problems dashboard
2018-01-11 12:16:10 +05:30
Gerhard Schlager
9f7ae908d8
Add specs to check email domain whitelist/blacklist for To and Cc
2018-01-10 16:57:26 +01:00
Neil Lalonde
8f21c96ea5
FIX: don't downcase watched words on input since it can break the watched_words_regular_expressions setting
2018-01-09 16:51:59 -05:00
Arpit Jalan
672888f526
FIX: handle invalid password reset token
2018-01-09 23:48:17 +05:30
Jan Suchal
bc56d86a63
Support ruby 2.5.0
2018-01-09 16:03:17 +01:00
Arpit Jalan
6c1ebbb95c
add test case for csv BOM handling
2018-01-09 15:49:41 +05:30
Guo Xiang Tan
e90187cbf7
Merge pull request #5469 from tgxworld/add_guard_to_prevent_primary_email_from_being_reassigned
...
FIX: Add guard to prevent a primary `UserEmail` from being reassigned.
2018-01-09 13:35:08 +08:00
Sam
8ff5f5f2ef
FIX: cache admin locale file for 24 hours
2018-01-09 10:23:49 +11:00
Sam
cecd7d0d07
FEATURE: global rate limiter can bypass local IPs
2018-01-08 08:39:17 +11:00
Vinoth Kannan
e5affdf230
FIX: URI must be ascii only for URI.parse command
2018-01-07 02:31:35 +05:30
Joffrey JAFFEUX
642645ba9a
FIX: broken select badge as user title ( #5474 )
...
* FIX: broken select badge as user title
* selected id wasn’t pass to underlying component
* <none> was rendered as an html tag <none></none>
* overriding a badge name wouldn’t work as it was using badge.name and not badge.display_name
* adds a spec to ensure this behavior is correct
2018-01-05 16:58:15 +01:00
Gerhard Schlager
f086d28b30
FIX: Do not validate messages sent to mailing list mirror
2018-01-05 11:21:53 +01:00
Gerhard Schlager
e0d73a957d
FEATURE: Allow posting via email to read-only mailing list mirror category
2018-01-05 11:21:53 +01:00
Gerhard Schlager
d7cd7e4dc7
FIX: Never mark emails sent to mailing list mirror as auto-generated
2018-01-05 11:21:53 +01:00
Arpit Jalan
9030d3ef63
FIX: do not create duplicate topics
...
https://meta.discourse.org/t/duplicate-http-https-topics-are-randomly-created/77190
2018-01-04 23:53:52 +05:30
Guo Xiang Tan
8a3bbcb19a
FIX: Add guard to prevent a primary `UserEmail` from being reassigned.
2018-01-04 19:40:50 +08:00
Gerhard Schlager
ceb7590bcb
FIX: bounced email can contain multiple status codes
2018-01-03 17:59:20 +01:00
Guo Xiang Tan
9644569a28
FIX: Wildcard webhooks could send duplicated events.
2018-01-03 17:00:44 +08:00
Guo Xiang Tan
647cf7545d
Fix randomly failing spec.
2018-01-03 14:42:16 +08:00
Gerhard Schlager
38269c416d
FIX: return regular notification level for categories when not set by user
2017-12-30 20:36:58 +01:00
Guo Xiang Tan
805d1c25d3
Merge pull request #5451 from tgxworld/treat_non_ascii_urls_as_valid
...
Treat non-ascii URLs in `UrlValidator`.
2017-12-27 14:14:20 +08:00
Sam
a9e2fc59c4
FIX: [constructor] bbcode would cause markdown crash
2017-12-27 16:11:30 +11:00
Arpit Jalan
ef4c6c67ba
fix the build
2017-12-23 14:42:40 +05:30
Arpit Jalan
0514ac4ee2
FIX: verify presence of 'sso url' before enabling 'enable sso'
2017-12-23 13:30:49 +05:30
Régis Hanol
d6b22e6cc1
FIX: whitelist oneboxed iframes
2017-12-23 01:56:33 +01:00
Robin Ward
69a90f31fb
FEATURE: Allow Forums to disable the Backups feature
2017-12-21 15:22:04 -05:00
Gerhard Schlager
7b58afe677
FIX: ProcessPost job failed for posts that have no user
2017-12-21 14:45:59 +01:00
Guo Xiang Tan
4b51871f6a
Treat non-ascii URLs in `UrlValidator`.
2017-12-21 14:22:55 +08:00