Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/app/controllers
History
Roman Rizzi 10565e4623
SECURITY: Safely decompress files. (#8124) 
* FEATURE: Adds an extra protection layer when decompressing files.

* Rename exporter/importer to zip importer. Update old locale

* Added a new composite class to decompress a file with multiple strategies

* Set max file size inside a site setting

* Ensure that file is deleted after compression

* Sanitize path and files before compressing/decompressing
 		2019-10-03 10:19:35 -03:00
..
admin SECURITY: Safely decompress files. (#8124) 2019-10-03 10:19:35 -03:00
users DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
about_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
application_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
badges_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
categories_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
category_hashtags_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
clicks_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
composer_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
composer_messages_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
csp_reports_controller.rb allow CSP reports to be sent when header isn't set by Discourse (#6594) 2018-11-14 16:23:29 -05:00
directory_items_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
draft_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
drafts_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
email_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
embed_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
exceptions_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
export_csv_controller.rb FEATURE: Watched words improvements (#7899) 2019-07-22 14:59:56 +03:00
extra_locales_controller.rb FIX: ensure extra locales are only available to staff 2019-08-20 12:38:46 +02:00
finish_installation_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
forums_controller.rb DEV: rename ReadOnly module to ReadOnlyHeader 2019-05-06 16:07:49 +02:00
groups_controller.rb FEATURE: Publish read state on group messages. (Originally introduced in #7989) (#8025) 2019-08-27 09:09:00 -03:00
highlight_js_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
inline_onebox_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
invites_controller.rb DEV: properly require csv dependency 2019-10-02 15:07:37 +10:00
list_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
metadata_controller.rb FIX: PWA install was broken due to missing basic logo 2019-09-22 00:20:25 -04:00
notifications_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
offline_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
onebox_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
permalinks_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_action_users_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_actions_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_readers_controller.rb Fix: Don't show non-members as readers when the post is a whisper 2019-09-13 17:14:31 -03:00
posts_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
push_notification_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
qunit_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
reviewable_claimed_topics_controller.rb Make rubocop happy. 2019-05-13 09:55:44 +08:00
reviewables_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
robots_txt_controller.rb FEATURE: Allow customization of robots.txt (#7884) 2019-07-15 20:47:44 +03:00
safe_mode_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
search_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
session_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
similar_topics_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
site_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
static_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
steps_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
stylesheets_controller.rb FIX: race condition during deploys creating stylesheets 2019-08-29 17:27:07 +10:00
svg_sprite_controller.rb FEATURE: support custom icons in themes (#7155) 2019-03-15 17:16:15 +11:00
tag_groups_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
tags_controller.rb DEV: minor fixes related to zeitwerk 2019-10-02 14:28:18 +10:00
theme_javascripts_controller.rb PERF: include content-length header for CDN 2019-02-22 11:21:07 +11:00
themes_controller.rb Fix string literal when switching theme in dev env 2019-05-13 10:25:51 -04:00
topics_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
uploads_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
user_actions_controller.rb FEATURE: Quick access panels in user menu (#8073) 2019-09-09 11:03:57 -04:00
user_api_keys_controller.rb bug: keep query params present in auth_redirect (#7923) 2019-07-23 12:16:03 -04:00
user_avatars_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
user_badges_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
users_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
users_email_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
webhooks_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
wizard_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00