discourse/spec/requests
Roman Rizzi 10565e4623
SECURITY: Safely decompress files. (#8124)
* FEATURE: Adds an extra protection layer when decompressing files.

* Rename exporter/importer to zip importer. Update old locale

* Added a new composite class to decompress a file with multiple strategies

* Set max file size inside a site setting

* Ensure that file is deleted after compression

* Sanitize path and files before compressing/decompressing
2019-10-03 10:19:35 -03:00
..
admin SECURITY: Safely decompress files. (#8124) 2019-10-03 10:19:35 -03:00
about_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
application_controller_spec.rb FIX: apply defaults constraints to routes format (take 2) (#7920) 2019-07-23 20:17:44 +03:00
associate_accounts_spec.rb SECURITY: Require POST with CSRF token for OmniAuth request phase 2019-08-08 11:58:00 +01:00
badges_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
categories_controller_spec.rb SECURITY: don't reveal category details to users that do not have access 2019-08-19 12:38:28 +05:30
category_hashtags_controller_spec.rb DEV: avoid double sign-in which can lead to flaky tests 2019-06-03 10:15:49 +10:00
clicks_controller_spec.rb DEV: Fix failling test. 2019-05-07 11:19:13 +03:00
composer_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
composer_messages_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
csp_reports_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
directory_items_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
draft_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
drafts_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
email_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
embed_controller_spec.rb FEATURE: Allow embedding to ignore HTTP REFERER 2019-09-10 12:27:07 -04:00
exceptions_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
export_csv_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
extra_locales_controller_spec.rb FIX: ensure extra locales are only available to staff 2019-08-20 12:38:46 +02:00
finish_installation_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
forums_controller_spec.rb FIX: Don't use DistributedCache to store redis readonly state 2019-06-25 11:20:34 +08:00
groups_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
inline_onebox_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
invites_controller_spec.rb UX: update invite 'not found' message 2019-07-19 16:39:44 +05:30
list_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
metadata_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
notifications_controller_spec.rb DEV: Prefer `public_send` over `send`. 2019-05-07 09:33:21 +08:00
offline_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
omniauth_callbacks_controller_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
onebox_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
permalinks_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
post_action_users_controller_spec.rb More prefabrication 2019-05-10 08:34:04 -04:00
post_actions_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
post_readers_controller_spec.rb Add spec description 2019-09-13 17:16:35 -03:00
posts_controller_spec.rb FIX: first post true if user creates topic first (#8139) 2019-10-02 15:51:40 -04:00
push_notification_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
reviewable_claimed_topics_controller_spec.rb More prefabrication 2019-05-10 08:34:04 -04:00
reviewables_controller_spec.rb FEATURE: Adds a pop up that shows a more detailed score for reviewables (#8035) 2019-09-04 09:56:25 -06:00
robots_txt_controller_spec.rb Revert "FEATURE: add Noindex to robots.txt for disallowed routes" 2019-07-30 11:33:38 +10:00
safe_mode_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
search_controller_spec.rb FEATURE: when under extreme load disable search 2019-07-02 11:22:01 +10:00
session_controller_spec.rb FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099) 2019-10-01 19:08:41 -07:00
similar_topics_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
site_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
static_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
steps_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
stylesheets_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
svg_sprite_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
tag_groups_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
tags_controller_spec.rb FIX: Topics with muted tag didn't show up when filtering by category and tag 2019-09-06 20:38:03 +02:00
theme_javascripts_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
topics_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
uploads_controller_spec.rb FIX: Correctly encode non-ASCII filenames in HTTP header 2019-08-07 19:10:50 +02:00
user_actions_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
user_api_keys_controller_spec.rb bug: keep query params present in auth_redirect (#7923) 2019-07-23 12:16:03 -04:00
user_avatars_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
user_badges_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
users_controller_spec.rb FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099) 2019-10-01 19:08:41 -07:00
users_email_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
webhooks_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
wizard_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00