Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/spec
History
Sam Saffron 7e8f0dc967 FIX: attempt to handle ios edge case where token is seen but unsaved 
This relaxes our security in the following way

- prev auth token is always accepted as long as rotation
date is within our window of SiteSetting.maximum_session_age.hours
(previously old token expired within a minute of new one being seen)

- new auth token is marked unseen if we are presented with an old token
after we already saw new one

This attempts to fix an issue where ios webkit is not committing new cookies
 		2017-02-26 17:09:57 -05:00
..
components FIX: eradicate I18n fallback issues 💣 2017-02-24 11:31:21 +01:00
controllers FIX: eradicate I18n fallback issues 💣 2017-02-24 11:31:21 +01:00
fabricators FIX: Don't allow invalid email to be saved. 2016-12-21 17:47:11 +08:00
fixtures FEATURE: new 'max_image_megapixels' site setting 2017-01-11 23:37:12 +01:00
helpers FEATURE: replace emoji with unicode in title and description meta tags 2017-02-22 16:24:13 -05:00
integration No need for special helper to reset SiteSetting state. 2017-01-28 10:55:49 +08:00
integrity FIX: i18n integrity specs 2017-02-24 11:35:33 +01:00
jobs FIX: wasn't extracting links to quoted posts 2017-02-06 14:45:04 +01:00
mailers FIX: allow existing users to be invited to topic/message when must_approve_users is enabled 2017-02-03 13:01:23 +05:30
models FIX: attempt to handle ios edge case where token is seen but unsaved 2017-02-26 17:09:57 -05:00
phantom_js Dump the page's content as well on failure. 2017-01-17 18:40:46 +08:00
serializers FEATURE: Allow group owners to edit group name and avatar flair. 2016-12-05 14:27:46 +08:00
services less stubbing for better clarity and robustness 2017-02-13 14:34:15 -05:00
support No need for special helper to reset SiteSetting state. 2017-01-28 10:55:49 +08:00
tasks Suppress console output when running RSpec 2017-01-28 11:04:47 +05:30
views/omniauth_callbacks FIX: Weird spec 2016-06-10 11:32:32 -04:00
discourse_tagging_spec.rb FIX: prevent creation of tags with invalid characters 2016-10-12 15:44:36 -04:00
rails_helper.rb FIX: token rotation not accounting for overlapping tokens correctly 2017-02-15 10:58:18 -05:00