discourse

History

David Taylor 1fa7a87f86 SECURITY: Remove ember-cli specific response from application routes (#15155 ) Under some conditions, these varied responses could lead to cache poisoning, hence the 'security' label. Previously the Rails application would serve JSON data in place of HTML whenever Ember CLI requested an `application.html.erb`-rendered page. This commit removes that logic, and instead parses the HTML out of the standard response. This means that Rails doesn't need to customize its response for Ember CLI.		2021-12-01 16:10:40 +00:00
..
assets	SECURITY: Remove ember-cli specific response from application routes (#15155 )	2021-12-01 16:10:40 +00:00
controllers	SECURITY: Remove ember-cli specific response from application routes (#15155 )	2021-12-01 16:10:40 +00:00
helpers	SECURITY: Remove ember-cli specific response from application routes (#15155 )	2021-12-01 16:10:40 +00:00
jobs	FIX: Delete unconfirmed AND expired email tokens only (#15089 )	2021-11-25 10:34:30 +02:00
mailers	DEV: Hash tokens stored from email_tokens (#14493 )	2021-11-25 09:34:39 +02:00
models	SECURITY: Only show tags to users with permission (#15148 )	2021-12-01 10:26:56 +08:00
serializers	FEATURE: ability to add description to tags (#15125 )	2021-12-01 09:18:56 +11:00
services	SECURITY: Only show tags to users with permission (#15148 )	2021-12-01 10:26:56 +08:00
views	SECURITY: Remove ember-cli specific response from application routes (#15155 )	2021-12-01 16:10:40 +00:00