discourse/app/controllers
Sam Saffron 40ac895ef7 SECURITY: properly validate return URL for SSO
Previously carefully crafted URLs could redirect off site
2019-03-25 09:02:42 +11:00
..
admin FIX: Prevent critical emails bypassing disable, and improve email test logic 2019-03-22 17:28:43 +08:00
users FIX: don't redirect incorrectly after full screen login (#7170) 2019-03-19 12:39:13 +00:00
about_controller.rb FIX: static page title should be consistent on client side and server side 2018-11-27 22:03:52 +05:30
application_controller.rb FIX: Respect permalinks starting with "/category" (#7171) 2019-03-18 10:24:46 -04:00
badges_controller.rb PERF: N+1 queries on badges page. 2018-03-19 14:36:09 +08:00
categories_controller.rb FIX: Respect permalinks starting with "/category" (#7171) 2019-03-18 10:24:46 -04:00
category_hashtags_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
clicks_controller.rb Make rubocop happy again. 2018-06-07 13:28:18 +08:00
composer_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
composer_messages_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
csp_reports_controller.rb allow CSP reports to be sent when header isn't set by Discourse (#6594) 2018-11-14 16:23:29 -05:00
directory_items_controller.rb FEATURE: show avatar flair on group, badges and directory pages (#6732) 2018-12-06 12:18:52 +01:00
draft_controller.rb FIX: only check for conflict on edit drafts 2018-11-15 13:14:07 +11:00
drafts_controller.rb raise error early in drafts controller 2018-09-13 08:40:57 -04:00
email_controller.rb FEATURE: add more granular user option levels for email notifications (#7143) 2019-03-15 10:55:11 -04:00
embed_controller.rb FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
exceptions_controller.rb UX: Replace Google search with Discourse search on not found page 2018-08-15 11:53:04 +10:00
export_csv_controller.rb FEATURE: Log entity export in staff logs 2018-09-19 03:16:45 +05:30
extra_locales_controller.rb FEATURE: Enforce two-factor authentication. (#6348) 2019-03-15 13:09:37 +02:00
finish_installation_controller.rb FEATURE: Make initial admins TL1 2018-08-22 15:45:24 +10:00
forums_controller.rb FIX: `ForumsController` doesn't need to inherit from `ApplicationController`. 2019-01-21 14:37:04 +08:00
groups_controller.rb FIX: user_id handling on remove user from group 2019-01-24 17:40:48 -07:00
highlight_js_controller.rb Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
inline_onebox_controller.rb Use hijack in inline onebox controller 2018-11-13 02:39:20 +05:30
invites_controller.rb FEATURE: remove all expired invitations by default 2019-03-07 15:28:39 +05:30
list_controller.rb FIX: remove slow platform detection from server side 2018-12-13 13:57:05 +11:00
metadata_controller.rb FEATURE: Allow users to fetch a customized manifest on PWA install 2019-03-15 17:10:05 -03:00
notifications_controller.rb Make rubocop happy again. 2018-06-07 13:28:18 +08:00
offline_controller.rb FIX: offline controller regression 2017-10-31 15:44:50 +11:00
onebox_controller.rb FIX: include title in local onebox when linking to a different topic 2018-02-19 22:40:14 +01:00
permalinks_controller.rb FIX: if we have not target available do not redirect 2018-08-20 13:10:59 +10:00
post_action_users_controller.rb UX: cap likes 2 (#5237) 2017-11-15 11:28:54 +11:00
post_actions_controller.rb FIX: Properly display error when post action fails to create. 2018-06-20 21:20:23 +08:00
posts_controller.rb FEATURE: defer flags when deleting child replies (#7111) 2019-03-06 14:32:25 +05:30
push_notification_controller.rb Feature: Push notifications for Android (#5792) 2018-05-04 15:31:48 -07:00
queued_posts_controller.rb Update Rubocop to 0.60 2018-12-04 10:48:16 +01:00
qunit_controller.rb DEV: Don't require login for QUit test path. 2018-11-23 13:50:19 +08:00
robots_txt_controller.rb FIX: simplify so we ban all auth paths 2018-08-16 19:16:47 +10:00
safe_mode_controller.rb Allow staff members to enable safe mode, even if disabled 2018-04-25 11:49:57 -04:00
search_controller.rb FIX: do not show PM topics when moving posts to an existing public topic (#6876) 2019-01-14 15:00:45 +05:30
session_controller.rb SECURITY: properly validate return URL for SSO 2019-03-25 09:02:42 +11:00
similar_topics_controller.rb display 'similar to' earlier when composing a post 2017-09-16 01:03:29 +02:00
site_controller.rb Update Rubocop to 0.60 2018-12-04 10:48:16 +01:00
static_controller.rb Fix favicon not updating on the client side when changed. 2019-03-14 15:37:43 +08:00
steps_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
stylesheets_controller.rb FEATURE: backend support for user-selectable components 2018-08-08 14:46:34 +10:00
svg_sprite_controller.rb FEATURE: support custom icons in themes (#7155) 2019-03-15 17:16:15 +11:00
tag_groups_controller.rb FIX: tag groups page should only be visible to staff 2018-09-17 11:41:18 -04:00
tags_controller.rb FIX: Disable 'Create Topic' button if tag is staff-only. (#6984) 2019-03-12 19:23:36 +11:00
theme_javascripts_controller.rb PERF: include content-length header for CDN 2019-02-22 11:21:07 +11:00
themes_controller.rb fix theme previewing (#6245) 2018-08-08 10:58:45 +03:00
topics_controller.rb FIX: ensures tag-groups are used to allow category edit on topics (#7141) 2019-03-11 15:02:27 +01:00
uploads_controller.rb UX: Lightbox support for image uploader. (#7034) 2019-02-21 10:13:37 +08:00
user_actions_controller.rb FEATURE: Consolidate likes notifications. (#6879) 2019-01-16 10:40:16 +08:00
user_api_keys_controller.rb FEATURE: Allow wildcard in allowed_user_api_auth_redirects setting (#6779) 2019-02-26 17:03:20 +01:00
user_avatars_controller.rb REFACTOR: Proxy letter avatars in rails instead of nginx 2019-02-18 08:46:56 +11:00
user_badges_controller.rb FIX: use discourse route_for function to check url route 2019-01-11 14:58:45 +08:00
users_controller.rb [FEATURE] Disallow ignoring self, admins or moderators users (#7202) 2019-03-20 11:18:46 +01:00
users_email_controller.rb FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
webhooks_controller.rb FEATURE: AWS SNS bounce notifications webhooks 2019-02-13 21:26:40 +01:00
wizard_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00