Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/app/controllers
History
Sam Saffron 5bfb6830c9
SECURITY: missing security check prior to redirect 
In some rare cases, if a user knows the exact title of a topic
they could possibly determine that it really exists in the system
 		2020-05-27 10:58:22 +10:00
..
admin FIX: Don't responde with error 500 if domain is invalid when adding automatic membership domain (#9655) 2020-05-26 15:40:09 +10:00
users FIX: correctly remove authentication_data cookie on oauth login flow 2020-03-21 14:34:25 -07:00
about_controller.rb Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse"" 2020-05-23 00:56:13 -04:00
application_controller.rb FIX: `rescue_from` doesn't bubble up. 2020-05-26 22:43:29 +08:00
badges_controller.rb FEATURE: add noindex header to badges, groups, and /my pages (#9736) 2020-05-11 15:05:42 +10:00
bookmarks_controller.rb FEATURE: Optionally delete bookmark when reminder sent (#9637) 2020-05-07 13:37:39 +10:00
categories_controller.rb FIX: Pass current_user to TopicQuery in for categories_and_top_topics (#9885) 2020-05-27 10:05:06 +10:00
category_hashtags_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
clicks_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
composer_messages_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
csp_reports_controller.rb DEV: Only include "report-sample" CSP directive when reporting is enabled (#9337) 2020-04-02 11:16:38 -04:00
directory_items_controller.rb FIX: move total rows count & load more URL inside meta. 2020-04-03 07:32:50 +05:30
draft_controller.rb FIX: Raise a 4xx error instead of a 5xx if draft data is invalid 2020-04-25 11:47:22 +03:00
drafts_controller.rb SECURITY: Respect topic permissions when loading draft metadata 2020-03-23 11:30:40 +00:00
email_controller.rb DEV: Implement a faster Discourse.cache 2019-11-27 16:11:49 +11:00
embed_controller.rb FEATURE: Create New Topic button on embed with params (#8280) 2019-11-01 14:19:10 -05:00
exceptions_controller.rb FEATURE: Add site setting to show more detailed 404 errors. (#8014) 2019-10-08 14:15:08 +03:00
export_csv_controller.rb fix the build. 2019-12-24 15:56:44 +05:30
extra_locales_controller.rb FIX: Better error handling for invalid locale bundle versions 2019-11-11 22:30:32 +01:00
finish_installation_controller.rb DEV: update rubocop to version 0.77 2019-12-10 11:48:39 +11:00
forums_controller.rb DEV: shutdown_ok parameter to /srv/status 2020-03-09 14:06:13 -07:00
groups_controller.rb FEATURE: Send a private message when a group membership is accepted (#9822) 2020-05-26 16:28:03 +03:00
highlight_js_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
inline_onebox_controller.rb FIX: Make inline oneboxes work with secured topics in secured contexts (#8895) 2020-02-12 12:11:28 +02:00
invites_controller.rb FEATURE: Add timezone to core user_options (#8380) 2019-11-25 10:49:27 +10:00
list_controller.rb Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse"" 2020-05-23 00:56:13 -04:00
metadata_controller.rb FIX: WebAPK minting was broken due to shortcut icons 2020-05-14 21:56:35 -03:00
notifications_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
offline_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
onebox_controller.rb FIX: Cache failed onebox URL request server-side (#8421) 2019-11-28 07:48:29 +10:00
permalinks_controller.rb FIX: Check for permalinks before showing the 404 page 2020-03-23 16:31:07 -07:00
post_action_users_controller.rb FIX: Do not raise an error if the post action type is nil (#9458) 2020-04-17 14:23:33 -03:00
post_actions_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_readers_controller.rb DEV: '= true' is not necessary 2019-12-03 11:32:45 -03:00
posts_controller.rb FIX: when creating new PM username/groupname should be case-insensitive 2020-05-25 21:34:05 +05:30
published_pages_controller.rb FEATURE: allows to to style published page with themes/plugins (#9570) 2020-04-28 18:24:24 +02:00
push_notification_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
qunit_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
reviewable_claimed_topics_controller.rb FIX: Make reviewable claiming work with deleted topics (#9040) 2020-02-25 15:49:23 +02:00
reviewables_controller.rb FIX: Only show the review page to users that can see it. Do not publish the reviewable count update message to everyone. (#9556) 2020-04-27 14:51:25 -03:00
robots_txt_controller.rb FEATURE: Allow customization of robots.txt (#7884) 2019-07-15 20:47:44 +03:00
safe_mode_controller.rb FEATURE: Always disable customizations on the `/safe-mode` route (#9052) 2020-02-28 10:53:11 +00:00
search_controller.rb FEATURE: unconditionally skip indexing on search controller 2020-02-28 09:21:31 +11:00
session_controller.rb FEATURE: tighten rate limiting rules for forgot password 2020-05-08 13:30:51 +10:00
similar_topics_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
site_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
static_controller.rb FEATURE: add short site description on login page title 2019-10-14 11:40:09 +05:30
steps_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
stylesheets_controller.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
svg_sprite_controller.rb DEV: Allow 3-digit HEX color code in single icon route 2020-05-14 16:37:45 -04:00
tag_groups_controller.rb DEV: Tag group improvements (#8252) 2019-10-30 16:57:13 +01:00
tags_controller.rb FEATURE: add noindex header to tags pages (#9748) 2020-05-12 10:44:46 -04:00
theme_javascripts_controller.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
topics_controller.rb SECURITY: missing security check prior to redirect 2020-05-27 10:58:22 +10:00
uploads_controller.rb UX: Allow secure media URLs to be cached for a short period of time 2020-05-18 15:00:41 +01:00
user_actions_controller.rb FEATURE: Quick access panels in user menu (#8073) 2019-09-09 11:03:57 -04:00
user_api_keys_controller.rb FEATURE: Hash user API keys in the database (#9344) 2020-04-07 16:42:52 +03:00
user_avatars_controller.rb FIX: Return blank avatar when downloading an avatar is not possible due to file size 2019-10-22 12:05:36 -03:00
user_badges_controller.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
users_controller.rb FEATURE: add noindex header to badges, groups, and /my pages (#9736) 2020-05-11 15:05:42 +10:00
users_email_controller.rb FIX: When admin changes another user's email auto-confirm the change (#9001) 2020-02-20 09:52:21 +10:00
webhooks_controller.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
wizard_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00