Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/spec
History
Sam Saffron 57a3d4e0d2
FEATURE: whitelist theme repo mode (experimental) 
In some restricted setups all JS payloads need tight control.

This setting bans admins from making changes to JS on the site and
requires all themes be whitelisted to be used.

There are edge cases we still need to work through in this mode
hence this is still not supported in production and experimental.

Use an example like this to enable:

`DISCOURSE_WHITELISTED_THEME_REPOS="https://repo.com/repo.git,https://repo.com/repo2.git"`

By default this feature is not enabled and no changes are made.

One exception is that default theme id was missing a security check
this was added for correctness.
 		2020-06-03 13:19:57 +10:00
..
components FEATURE: whitelist theme repo mode (experimental) 2020-06-03 13:19:57 +10:00
fabricators Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse"" 2020-05-23 00:56:13 -04:00
fixtures FIX: Allow post migrations using `#change` to carry out unsafe migration 2020-05-15 14:23:27 +08:00
helpers DEV: Fix some more flaky tests (#9384) 2020-04-08 12:46:43 +02:00
import_export FEATURE: Rake task to export groups (#9450) 2020-04-17 14:59:54 -07:00
initializers FIX: We need to skip users with associated reviewables when auto-approving (#9080) 2020-03-02 14:33:52 -05:00
integration FIX: If creating a flag for a watched word, include the reason 2020-06-02 11:49:02 -04:00
integrity DEV: Skip interpolation key specs until build scripts can be fixed 2020-06-02 19:51:47 +02:00
jobs FIX: Support exporting reports which reference topics (#9957) 2020-06-01 18:23:58 +01:00
lib new S3 backup layout (#9830) 2020-05-29 00:28:23 +05:30
mailers DEV: Add rubocop-rspec (#9288) 2020-03-27 17:35:40 +01:00
models FIX: `EmailValidator` needs to validate format of email. 2020-06-03 10:34:37 +08:00
multisite FIX: returns false if the upload url is an invalid mailto link (#9877) 2020-05-26 10:32:48 -03:00
requests FEATURE: whitelist theme repo mode (experimental) 2020-06-03 13:19:57 +10:00
script/import_scripts FIX: Change base importer to create new Bookmark records (#9603) 2020-05-01 11:34:55 +10:00
serializers Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse"" 2020-05-23 00:56:13 -04:00
services Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse"" 2020-05-23 00:56:13 -04:00
support DEV: Use `response.parsed_body` in specs (#9615) 2020-05-07 17:04:12 +02:00
tasks DEV: Clean up some Redis leaks in test env. 2020-05-18 17:27:37 +08:00
views/omniauth_callbacks FEATURE: Use full page redirection for all external auth methods (#8092) 2019-10-08 12:10:43 +01:00
rails_helper.rb Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse"" 2020-05-23 00:56:13 -04:00
swagger_helper.rb DEV: Add rswag to aid in api documention (#9546) 2020-04-27 16:40:07 -06:00