Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/app
History
Loïc Guitaut e871865a61 FIX: Sanitize parameters provided to user actions 
Currently, providing things like `filter[%24acunetix]=1` to
`UserActionsController#index` will throw an exception because instead of
getting a string as expected, we get a hash instead.

This patch simply uses `#permit` from strong parameters properly: first
we apply it on the whole parameters, this way it filters the keys we’re
interested in. By doing this, if the value is a hash for example, the
whole key/value pair will be ignored completely.
 		2022-02-23 15:46:40 +01:00
..
assets DEV: Don't check `this.element` in `@afterRender` (#16033) 2022-02-23 11:35:20 +01:00
controllers FIX: Sanitize parameters provided to user actions 2022-02-23 15:46:40 +01:00
helpers FIX: Update application_helper logic now that Ember CLI is default (#15935) 2022-02-14 13:48:18 +00:00
jobs DEV: pull email address validation out to a new EmailAddressValidator 2022-02-17 21:49:22 -05:00
mailers FEATURE: Allow sending group SMTP emails with from alias (#15687) 2022-02-07 13:52:01 +10:00
models PERF: perform all cached counting in background (#15991) 2022-02-22 16:45:25 +00:00
serializers FEATURE: mute subcategory when parent category is muted (#15966) 2022-02-17 00:42:02 +01:00
services DEV: Add chat_quoted notification type (#15968) 2022-02-16 15:22:08 +10:00
views PERF: Update ember-auto-import and webpack (#15919) 2022-02-14 11:21:39 +00:00