github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-01-16 06:02:41 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
d7aa13328d
discourse/spec/lib
History
Régis Hanol d7aa13328d
FIX: strip unsubscribe links in incoming emails (#30695) 
When we send an email notification to a user, we always include a link
that will allow them unsubscribe to these emails.

If the user reply to the email notification, the link to unsubscribe
might still be present in the final post (often in the elided part).

Since those links do not require authentication to unsubscribe a user
(this is a feature, not a bug), we would like to avoid showing them to
other users on Discourse.

(If such an email is forwarded elsewhere, then it's totally out of our
control.)

This commmit ensures we always strip those unsubscribe links from any
incoming email to avoid making it easier to unsubscribe another user.

Since the format we use for those links might be similar to the ones
used by other applications, the regular expression used to match those
links uses the absolute URL of the Discourse (aka.
`Discourse.base_url`).
2025-01-13 11:33:46 +01:00
..
active_support_type_extensions DEV: Improve array type in service contracts 2024-10-17 17:02:02 +02:00
auth Add dedicated user_api_key_clients table to allow for 1:many use cases (#28119) 2024-11-08 12:05:03 -05:00
backup_restore FIX: Use dualstack S3 endpoint for direct uploads (#29611) 2024-11-07 11:06:39 +10:00
common_passwords DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00
compression
concern FIX: do not use return in block (#26260) 2024-03-20 10:49:28 +01:00
content_security_policy FIX: correctly strip unneeded csp directives under strict-dynamic (#26180) 2024-03-14 18:50:09 +00:00
demon DEV: Fix undefined method check_email_sync_heartbeat in unicorn conf (#30360) 2024-12-19 10:10:11 +08:00
discourse_webauthn DEV: Fix random typos (#26881) 2024-05-06 20:52:48 +02:00
email FIX: strip unsubscribe links in incoming emails (#30695) 2025-01-13 11:33:46 +01:00
file_store FIX: Allow attachments to be opened in a new tab instead of downloading them (#30535) 2025-01-07 10:32:32 +08:00
final_destination SECURITY: Add FastImage SSRF safe freedom patch 2024-07-03 20:49:15 +08:00
freedom_patches DEV: Remove unnecessary freedom patches 2024-08-19 12:06:54 +02:00
guardian FEATURE: allow disabling of anti spam profile hiding feature (#30508) 2024-12-31 15:04:53 +11:00
highlight_js
i18n DEV: Enable Rails 7.1 defaults 2024-08-12 10:41:13 +02:00
imap DEV: Remove old TODOs for message-id formats (#27196) 2024-05-28 13:57:09 +10:00
import
middleware DEV: API to register custom request rate limiting conditions (#30239) 2024-12-23 09:57:18 +08:00
migration DEV: Upgrade Rails to version 7.2 2024-11-27 10:48:47 +01:00
onebox SECURITY: Fixes for main (#28137) 2024-07-30 14:19:01 +08:00
plugin DEV: API to register custom request rate limiting conditions (#30239) 2024-12-23 09:57:18 +08:00
pretty_text FEATURE: Async load of category and chat hashtags (#25526) 2024-02-12 12:07:14 +02:00
rate_limiter
scheduler FIX: handle more thread pool edge cases (#30392) 2024-12-20 11:50:00 +11:00
second_factor DEV: Allow run_second_factor! to be used before login (#25420) 2024-01-29 12:28:47 +00:00
seed_data FIX: "Replace Text" didn't list "Welcome Topic" when "General" category is missing (#27182) 2024-05-27 09:57:30 +02:00
service DEV: Display better output when inspecting service steps 2024-12-12 15:21:10 +01:00
site_settings DEV: Fix flaky deprecated setting specs (#30550) 2025-01-04 12:55:22 +01:00
stylesheet DEV: Split slow test in multiple smaller tests (#28646) 2024-08-30 14:47:29 +10:00
svg_sprite DEV: update more deprecated font awesome icon names (#30123) 2024-12-05 15:20:02 +08:00
theme_settings_manager DEV: Remove experimental_objects_type_for_theme_settings site setting (#26507) 2024-04-04 12:01:31 +08:00
theme_store FEATURE: Theme settings migrations (#24071) 2023-11-02 08:10:15 +03:00
topic_query DEV: Remove full group refreshes from tests (#25414) 2024-01-25 14:28:26 +08:00
turbo_tests/flaky DEV: Include exception details for each test in flaky tests report (#24892) 2023-12-14 11:11:11 +08:00
validators FEATURE: Add option to hide full name input at signup (#30471) 2024-12-30 22:26:20 +03:00
wizard FIX: Wizard improvements post-merge part 1 (#30612) 2025-01-07 17:01:05 +10:00
admin_confirmation_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
admin_user_index_query_spec.rb
archetype_spec.rb DEV: Catch missing translations during test runs (#26258) 2024-05-24 22:15:53 +08:00
bookmark_manager_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
bookmark_query_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
bookmark_reminder_notification_handler_spec.rb FIX: Bookmark reminder was clearing incorrectly (#28506) 2024-08-26 09:17:39 +10:00
bookmarks_bulk_action_spec.rb FIX: Bookmark reminder was clearing incorrectly (#28506) 2024-08-26 09:17:39 +10:00
browser_detection_spec.rb
cache_spec.rb DEV: Use rspec mocks to properly verify a race condition 2024-08-06 15:57:04 +02:00
category_badge_spec.rb FIX: email category badges shouldn't use category text color (#25655) 2024-02-13 10:18:36 -05:00
category_guardian_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
color_math_spec.rb
composer_messages_finder_spec.rb DEV: move post flags into database (#27125) 2024-05-23 12:19:07 +10:00
content_buffer_spec.rb
content_security_policy_spec.rb DEV: add validation on content_security_policy_script_src site setting (#27564) 2024-06-21 17:00:22 +08:00
cooked_post_processor_spec.rb FIX: show lightbox for small images (#29140) 2024-10-18 09:45:08 +04:00
crawler_detection_spec.rb
current_user_spec.rb
db_helper_spec.rb FIX: Truncate bookmarks.name when remapping 2024-12-11 18:53:17 -05:00
directory_helper_spec.rb
discourse_diff_spec.rb
discourse_event_spec.rb
discourse_hub_spec.rb DEV: Don’t replace Rails logger in specs (#29721) 2024-11-13 08:47:39 +08:00
discourse_ip_info_spec.rb DEV: Don’t replace Rails logger in specs (#29721) 2024-11-13 08:47:39 +08:00
discourse_js_processor_spec.rb DEV: Upgrade dependencies to Ember 5.12 (#30131) 2024-12-11 11:09:25 -03:00
discourse_logstash_logger_spec.rb DEV: Log sidekiq job opts as string instead of hash (#28012) 2024-07-23 06:27:43 +08:00
discourse_plugin_registry_spec.rb DEV: Remove sprockets from plugin 'extra js' pipeline (#25502) 2024-02-01 11:48:31 +00:00
discourse_redis_spec.rb DEV: Fix random typos (#29161) 2024-10-10 16:11:55 +02:00
discourse_sourcemapping_url_processor_spec.rb
discourse_spec.rb DEV: Don’t replace Rails logger in specs (#29721) 2024-11-13 08:47:39 +08:00
discourse_tagging_spec.rb FEATURE: Add user to topic_tags_changed event (#28714) 2024-09-06 11:23:30 -03:00
discourse_updates_spec.rb FIX: Calculate experiment_enabled on server for "What's new?" (#30599) 2025-01-07 11:27:24 +10:00
distributed_cache_spec.rb
distributed_memoizer_spec.rb
distributed_mutex_spec.rb
email_cook_spec.rb
email_updater_spec.rb DEV: Change hide_email_address_taken default to true (#30293) 2024-12-17 10:46:04 +08:00
ember_cli_spec.rb FIX: EmberCli cache clearance issue in production (#24343) 2023-11-13 10:34:06 +00:00
encodings_spec.rb
enum_spec.rb
excerpt_parser_spec.rb FIX: proper details / summary excerpt (#30229) 2024-12-12 09:09:49 +01:00
feed_element_installer_spec.rb
feed_item_accessor_spec.rb
file_helper_spec.rb
filter_best_posts_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
final_destination_spec.rb FIX: FinalDestination#get forwarding Authorization header on redirects (#27043) 2024-05-16 08:37:34 +08:00
flag_settings_spec.rb FEATURE: custom flag can require additional message (#27908) 2024-07-18 10:10:22 +10:00
gaps_spec.rb
gc_stat_instrumenter_spec.rb DEV: Seperate concerns of tracking GC stat from MethodProfiler (#22921) 2023-08-02 10:46:37 +08:00
git_repo_spec.rb FEATURE: display commit hash for each plugin on /admin/plugins page. (#22176) 2023-06-26 10:09:57 +05:30
git_url_spec.rb
global_path_spec.rb
group_lookup_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
guardian_spec.rb FIX: Don't show move topic for private messages for TL4 (#28871) 2024-09-16 11:30:05 +08:00
has_errors_spec.rb
hijack_spec.rb FIX: Reports did not respect user locale (#30524) 2025-01-02 13:05:53 +10:00
homepage_helper_spec.rb DEV: uses context blocks (#28658) 2024-08-30 11:26:15 +02:00
html_prettify_spec.rb
html_to_markdown_spec.rb DEV: Bump rubocop_discourse (#29608) 2024-11-06 06:27:49 +08:00
image_sizer_spec.rb
inline_oneboxer_spec.rb FIX: Inline oneboxes should obey the locale. (#30664) 2025-01-09 17:22:22 +11:00
js_locale_helper_spec.rb DEV: Output failing MF keys when compilation fails 2024-10-15 12:45:23 +02:00
json_error_spec.rb
letter_avatar_spec.rb
message_id_service_spec.rb DEV: Remove old TODOs for message-id formats (#27196) 2024-05-28 13:57:09 +10:00
method_profiler_spec.rb DEV: Seperate concerns of tracking GC stat from MethodProfiler (#22921) 2023-08-02 10:46:37 +08:00
mini_scheduler_long_running_job_logger_spec.rb DEV: Don’t replace Rails logger in specs (#29721) 2024-11-13 08:47:39 +08:00
mini_sql_multisite_connection_spec.rb
mobile_detection_spec.rb
new_post_manager_spec.rb FEATURE: Support designating multiple groups as mods on category (#28655) 2024-09-04 04:38:46 +03:00
new_post_result_spec.rb
onebox_spec.rb
oneboxer_spec.rb FEATURE: Add a onebox_locale site setting. (#30655) 2025-01-09 14:11:37 +11:00
onpdiff_spec.rb
password_hasher_spec.rb
pbkdf2_spec.rb
pinned_check_spec.rb DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00
plain_text_to_markdown_spec.rb
post_action_creator_spec.rb DEV: Call Discourse.redis.flushdb after the end of each test (#29117) 2024-10-09 07:19:31 +08:00
post_action_destroyer_spec.rb DEV: Convert min_trust_to_flag_posts setting to groups (#24864) 2023-12-13 17:18:42 +08:00
post_action_type_view_spec.rb FIX: use a custom prefix for custom flags (#28839) 2024-09-11 15:30:20 +10:00
post_creator_spec.rb Apply the same url normalisation to embed_urls inserted in the PostCreator (#30641) 2025-01-09 14:59:08 -05:00
post_destroyer_spec.rb FIX: update flag reason message with default value (#30026) 2024-12-04 14:46:52 +11:00
post_jobs_enqueuer_spec.rb DEV: Update the rubocop-discourse gem 2023-06-26 11:41:52 +02:00
post_locker_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
post_merger_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
post_revisor_spec.rb FIX: Change create_post_for_category_and_tag_changes setting to use whispers instead of small actions (#29602) 2024-11-06 09:28:28 -03:00
presence_channel_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
pretty_text_spec.rb FIX: proper details / summary excerpt (#30229) 2024-12-12 09:09:49 +01:00
promotion_spec.rb DEV: Add PluginRegistry modifiers to #review and #recalculate (#29128) 2024-10-16 10:26:10 -05:00
quote_comparer_spec.rb DEV: Correct Style/RedundantReturn rubocop issues (#23052) 2023-08-10 02:03:38 +02:00
quote_rewriter_spec.rb DEV: Update display name in new quote format - Part 2 (#22104) 2023-06-26 11:01:59 +08:00
rate_limiter_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
retrieve_title_spec.rb FIX: Don't error out when trying to retrieve title and URL won't encode (#24660) 2023-12-01 15:03:06 +08:00
rtl_spec.rb
s3_cors_rulesets_spec.rb
s3_helper_spec.rb FIX: Use dualstack S3 endpoint for direct uploads (#29611) 2024-11-07 11:06:39 +10:00
s3_inventory_multisite_spec.rb DEV: Introduce hidden s3_inventory_bucket site setting (#27304) 2024-06-10 13:16:00 +08:00
s3_inventory_spec.rb Revert "FEATURE: Mark bad uploads with :invalid_url (#29640)" (#29657) 2024-11-08 13:04:52 +08:00
score_calculator_spec.rb
scss_checker_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
search_spec.rb DEV: Remove deprecated search_tokenize_chinese_japanese_korean setting (#30549) 2025-01-03 23:21:18 +01:00
secure_session_spec.rb DEV: Fix various rubocop lints (#24749) 2023-12-06 23:25:00 +01:00
service_spec.rb DEV: Fix policy classes delegating their #call method in services 2024-12-18 09:59:40 +01:00
shrink_uploaded_image_spec.rb DEV: Move min_trust_to_post_embedded_media to group setting (#25238) 2024-01-25 09:50:59 +10:00
sidebar_section_links_updater_spec.rb DEV: Limit the number of category sidebar links a user can have (#26756) 2024-04-25 13:21:39 -05:00
sidekiq_long_running_job_logger_spec.rb DEV: Don’t replace Rails logger in specs (#29721) 2024-11-13 08:47:39 +08:00
signal_trap_logger_spec.rb DEV: Move spec file to right folder (#27449) 2024-06-13 06:38:03 +08:00
site_icon_manager_spec.rb
site_setting_extension_multisite_spec.rb
site_setting_extension_spec.rb DEV: Ensure all site settings have a keyword entry (#30485) 2024-12-30 12:22:55 +11:00
slug_spec.rb
spam_handler_spec.rb DEV: Remove full group refreshes from tests (#25414) 2024-01-25 14:28:26 +08:00
statistics_spec.rb FIX: participating users statistics... (#29293) 2024-10-21 18:18:42 +02:00
suggested_topics_builder_spec.rb DEV: Add modifier to SuggestedTopicsBuilder#add_results (#29164) 2024-10-10 10:03:26 -05:00
system_message_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
text_cleaner_spec.rb
text_sentinel_spec.rb FIX: Allow all caps within CJK text (#28018) 2024-07-22 17:35:52 +02:00
theme_flag_modifier_spec.rb
theme_javascript_compiler_spec.rb DEV: Compile theme raw-hbr to modules (#30299) 2024-12-16 17:31:49 +00:00
theme_settings_manager_spec.rb DEV: Refactor subclasses in ThemeSettingsManager to individual files (#25605) 2024-02-08 12:59:52 +08:00
theme_settings_object_validator_spec.rb DEV: Add isValidUrl helper function to theme migrations (#26817) 2024-04-30 16:45:07 +08:00
theme_settings_parser_spec.rb DEV: Fix various rubocop lints (#24749) 2023-12-06 23:25:00 +01:00
theme_settings_validator_spec.rb DEV: Correctly pluralize error messages (#26469) 2024-04-04 15:02:09 +02:00
timeline_lookup_spec.rb
tiny_japanese_segmenter_spec.rb
topic_creator_spec.rb FIX: prevents PM to large groups (#28681) 2024-09-03 12:08:14 +02:00
topic_publisher_spec.rb DEV: Allow fab! without block (#24314) 2023-11-09 16:47:59 -06:00
topic_query_spec.rb FIX: use relations for new_in_category (#30313) 2024-12-17 16:39:07 +11:00
topic_retriever_spec.rb
topic_upload_security_manager_spec.rb DEV: Update the rubocop-discourse gem 2023-06-26 11:41:52 +02:00
topic_view_spec.rb DEV: Apply modifier for topic_view link_counts (#29883) 2024-11-22 14:49:39 -06:00
topics_bulk_action_spec.rb DEV: Convert min_trust_level_to_tag_topics to groups (#25273) 2024-01-26 13:25:03 +08:00
topics_filter_spec.rb DEV: Extend /filter's ability to order (#28242) 2024-08-07 16:37:00 +08:00
trashable_spec.rb
truncate_logs_formatter_spec.rb SECURITY: Add a default limit as to when logs should be truncated 2023-10-16 10:34:38 -04:00
trust_level_spec.rb
twitter_api_spec.rb
unread_spec.rb
upload_creator_spec.rb DEV: depend less on pngquant version (#26906) 2024-05-07 16:56:05 +02:00
upload_markdown_spec.rb
upload_recovery_spec.rb DEV: Move min_trust_to_post_embedded_media to group setting (#25238) 2024-01-25 09:50:59 +10:00
upload_security_spec.rb DEV: Fix various spec linting issues (#24672) 2023-12-04 13:45:19 +01:00
url_helper_spec.rb DEV: Add isValidUrl helper function to theme migrations (#26817) 2024-04-30 16:45:07 +08:00
user_comm_screener_spec.rb DEV: Update the rubocop-discourse gem 2023-06-26 11:41:52 +02:00
user_lookup_spec.rb
user_name_suggester_spec.rb FIX: Don't error out on empty reserved_usernames setting (#29305) 2024-10-21 14:38:37 +08:00
version_spec.rb SECURITY: Add limits for themes and theme assets 2023-09-12 15:31:31 -03:00
work_queue_spec.rb PERF: Don't allow a single user to monopolize the defer queue (#25593) 2024-02-07 13:47:50 -06:00