discourse/spec
Roman Rizzi d78357917c SECURITY: Onebox templates' HTML injections.
The use of triple-curlies on Mustache templates opens the possibility for HTML injections.
2023-11-09 13:39:11 +11:00
..
fabricators DEV: Move shared_drafts_min_trust_level to group setting (#24257) 2023-11-07 14:03:25 +10:00
fixtures SECURITY: Onebox templates' HTML injections. 2023-11-09 13:39:11 +11:00
helpers DEV: Remove legacy `/brotli_asset` workaround (#24243) 2023-11-06 15:57:00 +00:00
import_export DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
initializers DEV: Fix test (#22018) 2023-06-08 16:12:13 -05:00
integration DEV: Prevent videos from preloading metadata (#23807) 2023-10-12 13:47:48 -06:00
integrity DEV: Remove enable_experimental_hashtag_autocomplete logic (#22820) 2023-08-08 11:18:55 +10:00
jobs SECURITY: escape display names 2023-11-09 13:39:06 +11:00
lib SECURITY: Onebox templates' HTML injections. 2023-11-09 13:39:11 +11:00
mailers FIX: Order tags shown in email subject by topics count and name (#22586) 2023-07-13 15:39:58 +08:00
migrations DEV: Switch over category settings to new table - Part 3 (#20657) 2023-09-12 09:51:49 +08:00
models SECURITY: SSRF vulnerability in TopicEmbed 2023-11-09 13:39:08 +11:00
multisite DEV: Add S3 upload system specs using minio (#22975) 2023-08-23 11:18:33 +10:00
requests DEV: Standardize session confirmation prompt (#24212) 2023-11-07 11:26:10 -05:00
script/import_scripts DEV: Fix flaky core backend spec (#22650) 2023-07-18 07:01:19 +08:00
serializers DEV: Add UI for passkeys (3/3) (#23853) 2023-10-13 12:24:06 -04:00
services DEV: Email notification filter plugin API (#24271) 2023-11-08 10:29:00 -06:00
support FEATURE: Theme settings migrations (#24071) 2023-11-02 08:10:15 +03:00
system FEATURE: Add theme-components route for admin (#24264) 2023-11-08 13:42:27 +10:00
tasks DEV: Remove the transpilation message (#23998) 2023-10-19 01:00:15 +02:00
views DEV: Fix random typos (#22078) 2023-06-13 22:02:21 +02:00
rails_helper.rb DEV: Allow Capybara's server port to be configurable (#23606) 2023-09-15 11:46:03 +08:00
regenerate_swagger_docs DEV: Add API docs for uploads and API doc watcher (#15387) 2021-12-23 08:40:15 +10:00
swagger_helper.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00