discourse/app/controllers
Sam 9361d9a587
FIX: stop logging blank and invalid CSP reports (#17144)
Certain rogue bots such as Yandex may send across invalid CSP reports
when CSP report collection is enabled.

This ensures that invalid reports will not cause log floods and simply
returns a 422 error.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-06-20 16:57:46 +10:00
..
admin UX: Change wording for 'regular' categories to 'normal' (#17134) 2022-06-20 06:49:33 +03:00
users DEV: New readonly mode. Only applies to non-staff (#16243) 2022-05-17 13:06:08 -05:00
about_controller.rb Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse"" 2020-05-23 00:56:13 -04:00
application_controller.rb SECURITY: banner-info (#17071) 2022-06-13 11:10:21 -06:00
associated_groups_controller.rb FEATURE: Experimental support for group membership via google auth (#14835) 2021-12-09 12:30:27 +00:00
badges_controller.rb UX: Add image uploader widget for uploading badge images (#12377) 2021-03-17 08:55:23 +03:00
bookmarks_controller.rb DEV: Add save_user_preferences option to BookmarkManager (#16894) 2022-05-24 11:13:21 +10:00
bootstrap_controller.rb DEV: Make wizard an ember addon (#17027) 2022-06-17 14:50:21 +02:00
categories_controller.rb FIX: Do not show visibility topic if visible (#16478) 2022-04-18 11:16:30 +03:00
clicks_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
composer_messages_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
csp_reports_controller.rb FIX: stop logging blank and invalid CSP reports (#17144) 2022-06-20 16:57:46 +10:00
directory_columns_controller.rb DEV: Plugin API to add directory columns (#13440) 2021-06-22 13:00:04 -05:00
directory_items_controller.rb FIX: unable to filter user directory when sorted by user field. (#15951) 2022-02-16 07:57:35 +05:30
do_not_disturb_controller.rb DEV: Replace 'processed' column on notifications with new table (#11864) 2021-01-27 10:29:24 -06:00
drafts_controller.rb DEV: do not return no_result_help from the server (#15220) 2021-12-08 21:46:54 +04:00
edit_directory_columns_controller.rb FIX: Always serialize the correct attributes for DirectoryItems (#13510) 2021-06-23 14:55:17 -05:00
email_controller.rb FIX: set mailing_list_mode to false when unsubscribing from all (#10354) 2020-08-03 16:59:54 +10:00
embed_controller.rb FEATURE: Block indexing the embed topic list (#16495) 2022-04-19 18:24:38 -03:00
exceptions_controller.rb FEATURE: Add site setting to show more detailed 404 errors. (#8014) 2019-10-08 14:15:08 +03:00
export_csv_controller.rb DEV: Switch to new ExportUserArchive job 2020-08-28 11:46:53 -07:00
extra_locales_controller.rb Replace `base_uri` with `base_path` (#10879) 2020-10-09 12:51:24 +01:00
finish_installation_controller.rb DEV: Hash tokens stored from email_tokens (#14493) 2021-11-25 09:34:39 +02:00
forums_controller.rb DEV: New readonly mode. Only applies to non-staff (#16243) 2022-05-17 13:06:08 -05:00
groups_controller.rb FIX: Add `errors` field if group update confirmation (#16260) 2022-03-24 14:50:44 +02:00
hashtags_controller.rb DEV: Merge category and tag hashtags code paths (#10216) 2020-07-13 19:13:17 +03:00
highlight_js_controller.rb DEV: apply allow origin response header for CDN requests. (#11893) 2021-01-29 07:44:49 +05:30
inline_onebox_controller.rb FIX: Make inline oneboxes work with secured topics in secured contexts (#8895) 2020-02-12 12:11:28 +02:00
invites_controller.rb FIX: Apply 'hide email account' for invites 2022-05-17 09:56:06 +02:00
list_controller.rb FIX: Users with unicode usernames unable to load more topics in activity (#16627) 2022-05-05 09:48:22 +08:00
metadata_controller.rb FIX: Remove svg icons from webmanifest shortcuts (#15765) 2022-02-01 15:26:58 -03:00
notifications_controller.rb REFACTOR: Improve support for consolidating notifications. (#14904) 2021-11-30 13:36:14 -03:00
offline_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
onebox_controller.rb DEV: Add more debugging context to onebox generation 2020-10-22 12:50:22 +08:00
permalinks_controller.rb FIX: Check for permalinks before showing the 404 page 2020-03-23 16:31:07 -07:00
post_action_users_controller.rb FEATURE: Allow category group moderators to delete topics (#11069) 2020-11-05 12:18:26 -05:00
post_actions_controller.rb FEATURE: Admins can flag posts so they can review them later. (#12311) 2021-03-11 08:21:24 -03:00
post_readers_controller.rb DEV: '= true' is not necessary 2019-12-03 11:32:45 -03:00
posts_controller.rb FEATURE: Promote polymorphic bookmarks to default and migrate (#16729) 2022-05-23 10:07:15 +10:00
presence_controller.rb FIX: Ensure presence endpoints don't break the session (#17108) 2022-06-16 14:38:43 +01:00
published_pages_controller.rb FIX: Do not enable published page if secure media enabled (#11131) 2020-11-06 10:33:19 +10:00
push_notification_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
qunit_controller.rb DEV: Allow Ember CLI assets to be used by development Rails app (#16511) 2022-04-21 16:26:34 +01:00
reviewable_claimed_topics_controller.rb FEATURE: Allow group moderators to close/archive topics 2020-07-14 12:36:19 -04:00
reviewables_controller.rb FEATURE: Show stale reviewable to other clients (#13114) 2021-05-26 09:47:35 +10:00
robots_txt_controller.rb FEATURE: Replace `Crawl-delay` directive with proper rate limiting (#15131) 2021-11-30 12:55:25 +03:00
safe_mode_controller.rb FEATURE: Always disable customizations on the `/safe-mode` route (#9052) 2020-02-28 10:53:11 +00:00
search_controller.rb FIX: Limits for PM and group header search (#16887) 2022-05-24 11:31:24 -04:00
session_controller.rb SECURITY: Remove auto approval when redeeming an invite (#16974) 2022-06-02 16:10:48 +02:00
similar_topics_controller.rb PERF: Avoid parsing `Post#cooked` with Nokogiri for every search. 2020-07-24 10:43:09 +08:00
site_controller.rb DEV: Include `login_required` attribute in basic info endpoint (#14064) 2021-08-17 14:05:51 -04:00
sitemap_controller.rb FEATURE: Let sites add a sitemap.xml file. (#16357) 2022-04-12 10:33:59 -03:00
static_controller.rb DEV: Ensure service-worker sourcemap logic works with brotli/gzip (#16718) 2022-05-11 13:42:34 +01:00
steps_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
stylesheets_controller.rb DEV: Fix stylesheet manager flaky spec (#13846) 2021-07-26 14:22:54 +10:00
svg_sprite_controller.rb DEV: Upgrade to Rails 7 2022-04-28 11:51:03 +02:00
tag_groups_controller.rb FIX: Allow finding non-lowercase tag groups (#12787) 2021-04-21 19:15:53 +02:00
tags_controller.rb FIX: Remove tags from experimental sidebar on notification level changed (#17083) 2022-06-14 15:39:56 +08:00
theme_javascripts_controller.rb FEATURE: Allow theme tests to be run in production (take 2) (#12845) 2021-04-28 23:12:08 +03:00
topics_controller.rb FEATURE: Promote polymorphic bookmarks to default and migrate (#16729) 2022-05-23 10:07:15 +10:00
uploads_controller.rb FEATURE: Make S3 presigned GET URL expiry configurable (#16912) 2022-05-26 09:53:01 +10:00
user_actions_controller.rb FIX: Sanitize parameters provided to user actions 2022-02-23 15:46:40 +01:00
user_api_keys_controller.rb DEV: Upgrade to Rails 7 2022-04-28 11:51:03 +02:00
user_avatars_controller.rb DEV: allow plugins to override max file size for avatar downloads (#16970) 2022-06-01 17:12:06 -07:00
user_badges_controller.rb FIX: simplify and improve choosing favorite badges (#13743) 2021-07-16 11:13:00 +08:00
user_status_controller.rb FEATURE: user status (#16875) 2022-05-27 13:15:14 +04:00
users_controller.rb FEATURE: user status (#16875) 2022-05-27 13:15:14 +04:00
users_email_controller.rb DEV: Hash tokens stored from email_tokens (#14493) 2021-11-25 09:34:39 +02:00
webhooks_controller.rb FIX: Skip CSRF token check on webhook routes (#16982) 2022-06-13 15:36:45 +01:00
wizard_controller.rb DEV: Make wizard an ember addon (#17027) 2022-06-17 14:50:21 +02:00