github-mirror/discourse
github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-03-29 14:00:24 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
discourse/app
History
Loïc Guitaut e871865a61 FIX: Sanitize parameters provided to user actions 
Currently, providing things like `filter[%24acunetix]=1` to
`UserActionsController#index` will throw an exception because instead of
getting a string as expected, we get a hash instead.

This patch simply uses `#permit` from strong parameters properly: first
we apply it on the whole parameters, this way it filters the keys we’re
interested in. By doing this, if the value is a hash for example, the
whole key/value pair will be ignored completely.
2022-02-23 15:46:40 +01:00
..
assets
DEV: Don't check this.element in @afterRender (#16033)
2022-02-23 11:35:20 +01:00
controllers
FIX: Sanitize parameters provided to user actions
2022-02-23 15:46:40 +01:00
helpers
FIX: Update application_helper logic now that Ember CLI is default (#15935)
2022-02-14 13:48:18 +00:00
jobs
DEV: pull email address validation out to a new EmailAddressValidator
2022-02-17 21:49:22 -05:00
mailers
FEATURE: Allow sending group SMTP emails with from alias (#15687)
2022-02-07 13:52:01 +10:00
models
PERF: perform all cached counting in background (#15991)
2022-02-22 16:45:25 +00:00
serializers
FEATURE: mute subcategory when parent category is muted (#15966)
2022-02-17 00:42:02 +01:00
services
DEV: Add chat_quoted notification type (#15968)
2022-02-16 15:22:08 +10:00
views
PERF: Update ember-auto-import and webpack (#15919)
2022-02-14 11:21:39 +00:00