discourse/integration at fc1c76cfccef50ae7bb84ea0d5b7bbdf92f7ee33 - discourse - iSharkFly SRC

Discource-C/discourse

mirror of https://github.com/discourse/discourse.git synced 2025-02-08 04:18:23 +00:00

History

David Taylor f45853676f

SECURITY: Ensure _forum_session cookies cannot be reused between sites (#14950 )

This only affects multisite Discourse instances (where multiple forums are served from a single application server). The vast majority of self-hosted Discourse forums do not fall into this category.

On affected instances, this vulnerability could allow encrypted session cookies to be re-used between sites served by the same application instance.

2021-11-15 15:50:12 +00:00

..

api_keys_spec.rb

DEV: Introduce plugin API to contribute user api key scopes

2020-10-19 10:40:55 +01:00

auto_reject_reviewable_users_spec.rb

FIX: do not send rejection emails to auto-deleted reviewable users (#12160 )

2021-02-22 18:37:47 +05:30

category_tag_spec.rb

FEATURE: Tag synonyms

2019-12-04 13:33:51 -05:00

content_security_policy_spec.rb

FIX: Allow CSP to work correctly for non-default hostnames/schemes (#9180 )

2020-03-19 19:54:42 +00:00

email_style_spec.rb

FIX: Pluralized translation overrides didn't work for en_US

2020-08-29 00:11:46 +02:00

flags_spec.rb

DEV: use #frozen_string_literal: true on all spec

2019-04-30 10:27:42 +10:00

group_spec.rb

UX: Include public groups in mentionable groups set (#8516 )

2019-12-12 13:13:40 +02:00

invite_only_registration_spec.rb

DEV: Use response.parsed_body in specs (#9615 )

2020-05-07 17:04:12 +02:00

message_bus_spec.rb

SECURITY: Restrict message-bus access on login_required sites

2019-08-14 09:43:12 +01:00

multisite_cookies_spec.rb

SECURITY: Ensure _forum_session cookies cannot be reused between sites (#14950 )

2021-11-15 15:50:12 +00:00

multisite_spec.rb

DEV: Improve multisite testing (#14884 )

2021-11-11 16:44:58 +00:00

rate_limiting_spec.rb

FEATURE: Add global admin api key rate limiter (#12527 )

2021-06-03 10:52:43 +01:00

same_ip_spammers_spec.rb

DEV: use #frozen_string_literal: true on all spec

2019-04-30 10:27:42 +10:00

spam_rules_spec.rb

Migrate score settings to use sensitivities

2019-05-24 15:44:24 -04:00

topic_auto_close_spec.rb

FIX: Auto close topic from category settings based on topic created_at (#12082 )

2021-02-17 07:51:39 +10:00

topic_thumbnail_spec.rb

PERF: we don't need to use a huge image to test thumbnails (#11025 )

2020-10-27 12:39:52 +11:00

watched_words_spec.rb

SECURITY: Escape watched word in error message (#14434 )

2021-09-24 11:55:15 +03:00