Commit Graph

544 Commits

Author SHA1 Message Date
Martin Brennan
0b8d0a14d7
DEV: Add markdown_additional_options to Site (#15738)
Sometimes plugins need to have additional data or options available
when rendering custom markdown features/rules that are not available
on the default opts.discourse object. These additional options should
be namespaced to the plugin adding them.

```
Site.markdown_additional_options["chat"] = { limited_pretty_text_markdown_rules: [] }
```

These are passed down to markdown rules on opts.discourse.additionalOptions.

The main motivation for adding this is the chat plugin, which currently stores
chat_pretty_text_features and chat_pretty_text_markdown_rules on
the Site object via additions to the serializer, and the Site object is
not accessible to import via markdown rules (either through
Site.current() or through container.lookup). So, to have this working
for both front + backend code, we need to attach these additional options
from the Site object onto the markdown options object.
2022-01-28 13:02:02 +10:00
Régis Hanol
a582c49601
FIX: possible ReDOS in markdown newline rule (#15646)
Backport ffc49ab46b
2022-01-20 22:32:01 +01:00
Rafael dos Santos Silva
8cfd791e0f
FEATURE: Add missing emojis (#15582)
* FEATURE: Add missing emojis

* More missing emojis
2022-01-14 17:51:13 -03:00
Natalie Tay
dd3ed27930
DEV: Allow utility class domFromString to take in strings with multiple top level elements (#15548)
Previously only `<div>one top element</div>` was allowed because we use `firstChild` instead of `children`.
We also want `<div>one</div><div>two</div>` to work with this method.
2022-01-12 19:49:24 +08:00
Alan Guo Xiang Tan
c2afc3915b FEATURE: Customizable rules and plugins for PrettyText.markdown.
This commit extends the options which can be passed to
`PrettyText.markdown` so that which Markdown-it rules and Discourse
Markdown plugins to be used when rendering a text can be customizable.
Currently, this extension is mainly used by plugins.
2022-01-11 10:39:40 +08:00
Jarek Radosz
2dcad9772f FIX: Don't display duplicated emoji in picker 2022-01-11 10:37:02 +08:00
Rafael dos Santos Silva
06bba76719
DEV: Update emojis constants (#15506)
Follow up to d1cfabd so the new emojis are usable by the app
2022-01-10 14:53:52 -03:00
Alan Guo Xiang Tan
bdc868246f DEV: Removing unused lines of code.
The code had no effect on how the markdown-it is being configured.
2022-01-07 09:06:16 +08:00
Alan Guo Xiang Tan
85e124bae1 DEV: Remove redundant lines of code.
Engines are enabled by default so there is no need to specify Discourse
specific engines in the object.
2022-01-06 09:02:52 +08:00
Joffrey JAFFEUX
cb976ac562
DEV: creates domFromString utility function (#15310) 2021-12-17 09:25:34 +01:00
Penar Musaraj
60851037d8
DEV: Remove unused composer editor preview sync (#15322) 2021-12-16 17:18:54 -05:00
Jarek Radosz
6e8df3d66b
DEV: Deprecate registerOption() (#15209)
It's been a no-op for 5 years now.
2021-12-07 18:33:45 +01:00
Jarek Radosz
de3680eb5c
DEV: Re-allow node 17, with a warning (#15083) 2021-11-24 21:16:33 +01:00
Jarek Radosz
c75224e3d9
DEV: Update supported node versions (#15073)
13 and 15 are no longer supported by node, and issues with discourse dependencies prevent us from using 17. (for now)
2021-11-24 18:18:35 +01:00
Natalie Tay
da9a9a8e65
FIX: Add a confirm and cancel button when editing alt text (#15003) 2021-11-19 10:57:09 +08:00
Jarek Radosz
f414d5eace
DEV: Use method definition syntax consistently (#14915) 2021-11-13 14:01:55 +01:00
Bianca Nenciu
32a174d883
FIX: Use Map instead of Object for caching (#14887)
Objects have default properties, such as "constructor" that can cause
issues when using similar texts as keys.
2021-11-12 15:18:07 +02:00
Natalie Tay
911f9b180a
FIX: Remove xlink:href to favour href due to deprecation (#14854)
Based on docs here https://developer.mozilla.org/en-US/docs/Web/SVG/Element/use#attributes,
the xlink:href attribute is deprecated and we should probably move away from it soon.
2021-11-09 17:49:37 +08:00
Natalie Tay
0b495e9ad4
FEATURE: Allow users to edit alt text from the image preview in the editor (#14480) 2021-11-09 14:34:09 +08:00
Bianca Nenciu
7fb693c8f6
FIX: Generate valid heading ids (#14840) 2021-11-08 20:44:46 +02:00
Bianca Nenciu
19ef6995a8
FIX: Do not replace words in hashtags and mentions (#14760)
Watched words were replaced inside mentions and hashtags when watched
word regular expressions were enabled.
2021-10-29 17:53:09 +03:00
Bianca Nenciu
148ee1d162
FIX: Do not perform link lookup for replaced links (#14742)
A link that was added because a watched word was replaced could create
a notice if the same link was present before.
2021-10-28 13:27:31 +03:00
Joffrey JAFFEUX
76a9ca99a8
DEV: removes jquery usage from onebox (#14683) 2021-10-22 13:15:46 +02:00
Qursch
11763a5e8d
FEATURE: Add reversed and type to allowed attributes (#14626) 2021-10-18 12:11:13 +11:00
Bianca Nenciu
ba81d1853b
FIX: Disable previews if diffhtml is enabled (#14537)
diffhtml should not rerender video and audio elements so there is no
point in having these.
2021-10-08 15:57:08 +03:00
Bianca Nenciu
0532a5a43e
FIX: Do not replace in mentions and hashtags (#14260)
Watched words of type 'replace' or 'link' replaced the text inside
mentions or hashtags too, which broke these. These types of watched
words must skip any match that has an @ or # before it.
2021-09-09 12:03:59 +03:00
Bianca Nenciu
38199424bc
SECURITY: Sanitize d-popover attributes (#13958) 2021-08-05 16:39:17 +03:00
Jarek Radosz
fbd1cd5fe1
DEV: Prevent npm usage (#13945)
We rely on yarn workspaces so we don't want people using npm in the repo by accident.

Also updated the required node version to 12+.

~~Not sure about the min yarn version – the latest one could be missing in various CI-like envs, so I might change it yet.~~
Downgraded yarn to ">= 1.21.1" (the oldest of "current" versions, tagged "legacy")
2021-08-04 22:04:58 +02:00
Mark VanLandingham
9165f0a0f8
DEV: Export pretty text function for plugin use (#13826) 2021-07-22 14:06:46 -05:00
Joffrey JAFFEUX
5eb6e9281a
FIX: manually adds frowning_face_with_open_mouth for apple (#13528) 2021-07-21 23:27:20 +02:00
Bianca Nenciu
74f7295631
FIX: Add word boundaries to replace and tag watched words (#13405)
The generated regular expressions did not contain \b which matched
every text that contained the word, even if it was only a substring of
a word.

For example, if "art" was a watched word a post containing word
"artist" matched.
2021-06-18 18:54:06 +03:00
Bianca Nenciu
d9484db718
FIX: Split link watched words from replace (#13196)
It was not clear that replace watched words can be used to replace text
with URLs. This introduces a new watched word type that makes it easier
to understand.
2021-06-02 15:36:49 +10:00
Jarek Radosz
e06a206131
DEV: Remove cache option from ajax() (#13142)
1. It defaults to `cache: true` already
2. Setting it to `false` for non-GET request doesn't do anything
3. We were correcting `cache: false` GET requests to use `cache: true`

…so setting it to anything at all, for any type of request doesn't make sense (anymore)
2021-05-31 14:41:35 +02:00
Bianca Nenciu
b56e9ad656
DEV: Simplify watched word code (#13103)
* DEV: Use site setting instead

* DEV: Use .length instead of a different property

* DEV: Simplify watched word code
2021-05-27 19:20:26 +03:00
Josh Soref
59097b207f
DEV: Correct typos and spelling mistakes (#12812)
Over the years we accrued many spelling mistakes in the code base. 

This PR attempts to fix spelling mistakes and typos in all areas of the code that are extremely safe to change 

- comments
- test descriptions
- other low risk areas
2021-05-21 11:43:47 +10:00
Bianca Nenciu
c1dfd76658
FIX: Make replace watched words work with wildcard (#13084)
Watched words are always regular expressions, despite watched_words_
_regular_expressions being enabled or not. Internally, wildcard
characters are replaced with a regular expression that matches any non
whitespace character.
2021-05-18 12:09:47 +03:00
Jarek Radosz
582ec198d8
DEV: Update ember-cli across all in-repo addons (#13048)
…to match the version used in the app.
2021-05-12 21:49:55 +02:00
Jarek Radosz
a7a2887df0
DEV: Remove unnecessary yarn.lock files (#13001)
All in-repo ember addons share the same yarn.lock in the yarn workspace: `/app/assets/javascripts/yarn.lock`
2021-05-11 11:15:07 +02:00
Bianca Nenciu
ecc3c404a0
FIX: Cache missing inline oneboxes (#12953)
* FIX: Cache missing inline oneboxes

Some inline oneboxes were not cached when the server did not return an
answer for an URL and the queried URL and the absolute URL were
different.

For example, if user typed www.example.com, the client asked the server
for http://www.example.com and if the server returned an empty response,
then the client would keep requesting an inline onebox everytime the
composer changed.

In other words, the key used for reading (the absolute URL) and the one
used for writing (the URL as typed by the user) were not the same when
the server returned an empty response.

* DEV: Check cache before making request

There is another cache check in PrettyText, but that is not enough if
multiple requests are pending. This problem was made obvious in tests,
but can happen for users with slow connections.
2021-05-06 19:08:04 +03:00
Penar Musaraj
82ecd9fdd5
DEV: tiny refactor in watched words (#12969) 2021-05-06 11:37:05 -04:00
Penar Musaraj
b61d4663ec
FIX: Prevent infinite loop when replacing watched words (#12967) 2021-05-06 11:06:25 -04:00
Joffrey JAFFEUX
0eeedf307a
DEV: replaces huge generated emoji list by a simpler regex (#11053)
Note that this commit is also fixing various mistakes in emojis.

Some of them have been fixed manually in db.json/data.js/groups.json and will need to be fixed in emoji-db gem.
2021-04-22 08:43:06 +02:00
Bianca Nenciu
96a16123d8
FIX: Generate unique HTML heading names (#12705)
Headings with the exact same name generated exactly the same heading
names, which was invalid. This replaces the old code for generating
names for non-English headings which were using URI encode and resulted
in unreadable headings.
2021-04-16 10:54:19 +03:00
Bianca Nenciu
e4e2c7c66f
FIX: Improve anchor links (#12683)
* FIX: Use theme color for anchor icon

* FIX: Do not count anchor links

* FIX: Do not count hashtags links either

* DEV: Add tests for link_count

* FIX: Disable anchors in quotes and preview

* FIX: Try building some anchor slugs for unicode

* DEV: Fix tests
2021-04-14 10:27:07 +03:00
Bianca Nenciu
d7bd62d9cf
FIX: Replace censored watched word consistently (#12486)
Applying oneboxes and replacing censored watched words does not happen
in a strict order which often lead to inconsistencies. This commit
fixes the behavior and will never censor oneboxes.

To make it always censor oneboxes implies significant changes to the
PrettyText pipeline.
2021-03-23 13:09:24 +02:00
Bianca Nenciu
2ad9b3f432
FEATURE: Add anchor links to headings (#12379) 2021-03-23 10:45:06 +02:00
Roman Rizzi
ccc44baa10
FEATURE: Add a typographer rule to replace (pa) with ¶. (#12478) 2021-03-22 15:04:08 -03:00
Roman Rizzi
da210b6d77
FEATURE: Replace markdown-it replacements rule. (#12417)
We override the default replacements rule to no longer replace "(c)", "(p)", and "(p)". Additionally, we merged the custom arrows rule into the replacement function.
2021-03-18 10:55:41 -03:00
Osama Sayegh
d56b2e85aa
FIX: Escape Font Awesome icons (#12421)
This is not a security issue because regular users are not allowed to insert FA icons anywhere in the app. Admins can insert icons via custom badges, but they do have the ability to create themes with JS.
2021-03-17 16:11:40 +03:00
Rafael dos Santos Silva
83f332b5a5
FEATURE: Add a site setting to allow emojis to come from an external URL (#12180) 2021-03-02 16:04:16 -03:00
Bianca Nenciu
533800a87b
Add watched words of type "replace" (#12020)
This commit includes other various improvements to watched words.

auto_silence_first_post_regex site setting was removed because it overlapped
with 'require approval' watched words.
2021-02-25 14:00:58 +02:00
Bianca Nenciu
08acf51be0
FEATURE: Use diffhtml to update composer preview (#11237)
Displaying videos, animated GIFs or any kind of rich content in preview
used to refresh on every keystroke, which could cause performance
problems.
2021-02-18 16:07:26 +02:00
Arpit Jalan
85c4e8fd32
FEATURE: support mark tag (#12088)
This commit adds support for `mark` tag for highlighting text content.
2021-02-15 21:47:30 +05:30
David Taylor
830797a9c3
FEATURE: Allow post/topic thumbnails to be prioritized via markdown (#12044)
Previously we would always take the first image in a post to use as the
thumbnail. On media-heavy sites, users may want to manually select a
specific image as the topic thumbnail. This commit allows this to be
done via a `|thumbnail` attribute in markdown.

For example, in this case, bbb would be chosen as the thumbnail:

```
![alttext|100x100](upload://aaa)
![alttext|100x100|thumbnail](upload://bbb)
```
2021-02-11 15:44:41 +00:00
Robin Ward
61f5d501cb
DEV: Migrate to Ember CLI (#11932)
This encompasses a lot of work done over the last year, much of which
has already been merged into master. This is the final set of changes
required to get Ember CLI running locally for development.

From here on it will be bug fixes / enhancements.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Co-authored-by: romanrizzi <rizziromanalejandro@gmail.com>

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Co-authored-by: romanrizzi <rizziromanalejandro@gmail.com>
2021-02-03 14:22:20 -05:00
Osama Sayegh
6efdeef461
FIX: Emoji search/autocomplete should respect selected skin tone (#11917)
This commit makes our emoji autocomplete in the composer respect the skin tone you select in the emoji picker.
2021-02-01 19:36:35 +03:00
Joffrey JAFFEUX
c6a1042950
DEV: prettier 2.2.1 (#11862) 2021-01-27 12:39:20 +01:00
Roman Rizzi
9e25ab2e96
FEATURE: Replace single dash arrows when the typographer is enabled. (#11730) 2021-01-18 09:03:58 -03:00
Roman Rizzi
118ea89372
FEATURE: Replace arrows when the markdown typographer is enabled. (#11638)
By inserting this rule before markdown-it's replacement rule, we can replace "-->" with "&rarr;", and "<--" with "&larr;".
2021-01-06 12:05:38 -03:00
Rafael dos Santos Silva
c4552e9c10
FIX: Autoplay videos must always be muted (#11533)
This automatically adds the muted attribute if it's missing in a video
tag.

Co-authored-by: David Taylor <david@taylorhq.com>
2020-12-21 14:55:00 -03:00
Roman Rizzi
142e0ae062
Revert "Revert "DEV: Wrap Ember.run.debounce. (#11352)"" (#11509)
* Revert "Revert "DEV: Wrap `Ember.run.debounce`. (#11352)" (#11465)"

This reverts commit aa0d4ea764.

* Correctly debounce onScroll function
2020-12-18 10:18:52 -03:00
Roman Rizzi
aa0d4ea764
Revert "DEV: Wrap Ember.run.debounce. (#11352)" (#11465)
This reverts commit 8b426431a4.
2020-12-10 16:48:25 -03:00
Roman Rizzi
8b426431a4
DEV: Wrap Ember.run.debounce. (#11352)
We want to wrap the `Ember.run.debounce` function and internally call `Ember.run` instead when running tests.

This commit changes discourseDebounce to work the same way as `Ember.run.debounce`.

Now that `discourseDebounce` works exactly like `Ember.run.debounce`, let's replace it and only use `DiscourseDebounce` from now on.

Move debounce to discourse-common to be able to reuse it in different bundles

Keep old debounce file for backwards-compatibility
2020-12-10 11:01:42 -03:00
Roman Rizzi
bbe5d8d5cf
DEV: Sort imports alphabetically (#11382) 2020-12-01 15:31:26 -03:00
Roman Rizzi
1c2358ba16
DEV: Tidy up imports. (#11364)
Only allow one import definition per file and add a new eslint rule to enforce it.
2020-11-27 11:30:16 -03:00
Joffrey JAFFEUX
abb89475a3
FIX: issues with frowning/grinning (#11235)
- frowning was using slighty_frowning
- slightly_frowning was using frowning
- grinning_face_with_smiling_eyes was not defined
- fronwing_face_with_open_mouth was not defined
2020-11-25 09:09:35 +01:00
Krzysztof Kotlarek
dbec3792b7
FIX: pretty text allow list (#10977)
Reword whitelist to allowlist in pretty-text.
This library is used by plugins so we need deprecation notice.
2020-10-28 13:22:06 +11:00
Bianca Nenciu
94cbfa92e1
FEATURE: Show a placeholder instead of videos in preview (#10962)
Adding a video in composer and then continuing to type into it will make the
video element flicker and restart playback on every keystroke, as the preview
is rendered. In certain configurations, this can lead to some performance
problems too.

Onebox already does the same for external videos.
2020-10-20 19:01:32 +03:00
Joffrey JAFFEUX
de94506c1e
FIX: empty highlighted_languages resulted in ["", "auto", "nohighlight"] (#10772) 2020-09-29 14:34:46 +02:00
Joffrey JAFFEUX
c230d2e443
FIX: prevents scrollbar jumping in the emoji picker (#10749)
This was mostly due to `content-visibility: auto;` but setting the width/height is also a good practice.
2020-09-28 13:23:46 +02:00
Robin Ward
ce3fe2f4c4 REFACTOR: Support bundling our admin section as an ember addon 2020-09-22 15:14:29 -04:00
Joffrey JAFFEUX
530d9ab071
DEV: enforces eslint’s curly rule to the codebase (#10720)
eslint --fix is capable of fix it automatically for you, ensure prettier is run after eslint as eslint --fix could leave the code in an invalid prettier state.
2020-09-22 16:28:28 +02:00
Sam Saffron
cba5baa427
FIX: compensate for typographer
typographer can change " to ” leading to breakages in parser

At least codify this. Longer term we want to re-prioritize typographer so
it always runs after bbcode parsing.
2020-09-21 09:44:37 +10:00
Sam Saffron
a91ee45de9
FIX: Nested quotes in BBCode
Previously attributes such as `[test a='a"a' b="a'a"]` were not correctly
handled.

This amends the regex parser to ensure it correctly parses attributes
without breaking incorrectly on the first nested quote
2020-09-21 08:56:25 +10:00
Robin Ward
ba3014f9f9 REFACTOR: Do not rely on module order for discourse-markdown loading
Before this patch, discourse-markdown depended on the modules in its
bundle being defined in a specific order or it wouldn't load properly.

Now, any file in the bundle can export a `priority` const (default 0)
and files will be loaded in order of ascending priority instead. This
allows us to use a bundle packaged in any order we want.
2020-09-18 13:31:55 -04:00
Robin Ward
f3156a6478 REFACTOR: Move the discourse-markdown engine out of the addon repo
The reasoning here is that we want to make a unique bundle for this
folder and the default approach is to include everything in `addon`.
2020-09-18 11:42:22 -04:00
Robin Ward
8c384ae6b8 Create proper shim for xss library - second attempt 2020-09-15 10:42:51 -04:00
Guo Xiang Tan
e3b4632f04
Revert "Create proper shim for xss library"
This reverts commit 30e9112535.
2020-09-15 11:38:40 +08:00
Robin Ward
30e9112535 Create proper shim for xss library 2020-09-14 15:57:32 -04:00
dependabot[bot]
d21119ee4f Build(deps): Bump lodash in /app/assets/javascripts/pretty-text
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20)

Signed-off-by: dependabot[bot] <support@github.com>
2020-09-08 10:25:45 -04:00
dependabot[bot]
27751ca69f
Build(deps): Bump websocket-extensions (#10617)
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:38 +02:00
dependabot[bot]
2cb0f013cc
Build(deps): Bump elliptic in /app/assets/javascripts/pretty-text (#10611)
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:09 +02:00
dependabot[bot]
c119c07fa4
Build(deps): Bump http-proxy in /app/assets/javascripts/pretty-text (#10614)
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:00:10 +02:00
Joffrey JAFFEUX
52672b9eab
DEV: apply new coding standards (#10592) 2020-09-04 13:42:47 +02:00
Robin Ward
3a46e44ed8 Rename merge to deepMerge so it's more clear what it's doing 2020-09-03 10:03:33 -04:00
Robin Ward
c4079780be REFACTOR: Remove _.merge 2020-09-03 10:03:33 -04:00
Robin Ward
0da953b40e REFACTOR: Remove _.compact 2020-09-03 10:03:33 -04:00
Robin Ward
0b098566ff REFACTOR: Remove _.union 2020-09-03 10:03:33 -04:00
Joffrey JAFFEUX
226be994da
REFACTOR: rewrite the emoji-picker (#10464)
The emoji-picker is a specific piece of code as it has very strong performance requirements which are almost not found anywhere else in the app, as a result it was using various hacks to make it work decently even on old browsers.

Following our drop of Internet Explorer, and various new features in Ember and recent browsers we can now take advantage of this to reduce the amount of code needed, this rewrite most importantly does the following:
- use loading="lazy" preventing the full list of emojis to be loaded on opening
- uses InterserctionObserver to find the active section
- limits the use of native event listentes only for hover/click emojis (for performance reason we track click on the whole emoji area and delegate events), everything else is using ember events
- uses popper to position the emoji picker
- no jquery code
2020-08-24 14:20:51 +02:00
Martin Brennan
9022e4516f
FIX: Remove unnecessary audio/video parent element load (#10511)
Meta report: https://meta.discourse.org/t/sending-many-requests-for-video-audio-upload-while-editing-post/161487

When typing in the composer we are sending a lot of unnecessary load() requests for the video/audio elements. This line was added months ago before we improved previewing/video thumbnails, which have improved things, so it is no longer required. After removing this line everything still works and no more additional requests are sent.
2020-08-24 13:18:38 +10:00
Jarek Radosz
be6a73f654 DEV: Fix package.json issues and reroll yarn.lock 2020-08-14 12:00:35 +02:00
Rafael dos Santos Silva
2ea17c06dd
FEATURE: Allow picture HTML element in posts 2020-07-28 20:26:32 -03:00
Rafael dos Santos Silva
c65c3407f8
FIX: Allow playsinline for videos in posts
This is used in webkit browsers mostly.
2020-07-28 19:03:54 -03:00
Jarek Radosz
223b6d17bf DEV: Fix a function name typo 2020-07-27 11:22:57 +02:00
Krzysztof Kotlarek
e0d9232259
FIX: use allowlist and blocklist terminology (#10209)
This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist.
2020-07-27 10:23:54 +10:00
Martin Brennan
62f2e1f971
FIX: Stop double prepending of window.location.origin on media URLs (#10275)
This fixes an issue where sometimes when composing a post and uploading a video/audio file, _loadCachedShortUrls/the uploads controller would return a full URL with origin, instead of just the URL with the host e.g. http://localhost:3000/some/video.mp4 instead of just //localhost:3000/some/video.mp4. We were prepending window.location.origin onto the URL no matter what, and since http://localhost:3000/some/video.mp4 does not match the host URL regex, we were ending up with something like http://localhost:3000http://localhost:3000/some/video.mp4 which broke composer previews. This was only noticed with a video upload in a secure upload environment.
2020-07-22 09:23:55 +10:00
Jarek Radosz
de79f19947
Revert "UX: Style video elements, show descriptions (#10040)" (#10258)
This reverts commit 7d289a4f3e.

Now that 36bad0c31f is in and we have video previews on all platforms, the commit that's being reverted is no longer needed. In the worst case scenario, the video description is clipped under the video poster if the video aspect ratio is other than 16:9. This commit removes descriptions and the custom style for the video elements.

# Conflicts:
#	app/assets/javascripts/pretty-text/addon/engines/discourse-markdown-it.js
#	test/javascripts/lib/pretty-text-test.js
2020-07-17 23:31:01 +02:00
Penar Musaraj
34bbd51350
FIX: regression in secure URL generation, followup to 36bad0c 2020-07-15 18:52:59 -04:00
Penar Musaraj
36bad0c31f
FIX: Preload metadata for audio/video when secure media enabled
Fixes an issue with missing video previews. Should have no side effects now that presigned URLs expire after 5 minutes.
2020-07-15 18:36:51 -04:00
Martin Brennan
af7ce5d6eb
Revert "DEV: Add debug hint in discourse-markdown-it"
This reverts commit 5a4855b992.
2020-07-15 11:23:28 +10:00
Martin Brennan
5a4855b992
DEV: Add debug hint in discourse-markdown-it
This console.debug message ONLY shows if isDevelopment() is
true for the environment
2020-07-15 11:18:41 +10:00
Rafael dos Santos Silva
72534223f3 FEATURE: Allow video tag attributes for video gifs 2020-07-14 13:46:45 -03:00
Bianca Nenciu
275b748016
FIX: Replace links to removed uploads from reviewables with a placeholder (#10180) 2020-07-10 17:57:06 +03:00
Kris
4f12768d10 UX: Remove extra space added by img resize controls in composer preview 2020-07-06 19:11:58 -04:00
Jarek Radosz
7d289a4f3e
UX: Style video elements, show descriptions (#10040)
It's a stop gap – ideally we would generate a thumbnail for uploaded videos. For now, a bit of intentionality in the style and a pinch of context should do.
2020-06-17 12:38:00 +02:00
David Taylor
293467a37a
REFACTOR: Remove jquery usage from resolveAllShortUrls, and fix debounce
- This function now requires an explicit scope. It will never run on the entire document.

- Previously debounce was being used with an anonymous function, which means it was having no effect.
2020-06-05 17:15:14 +01:00
David Taylor
0f09fd22f3
DEV: Remove attachment css handling from resolveAllShortUrls
This was moved inside the markdown processor in 65481858, so there is no longer any need to run this logic after cooking
2020-06-05 15:12:30 +01:00
Joffrey JAFFEUX
77801aa9be
FIX: allows to have custom emoji translation without static file (#9893) 2020-05-27 20:11:52 +02:00
Robin Ward
8311374a5a DEV: Replace version.js.erb with pre generated file 2020-05-11 15:43:09 -04:00
Robin Ward
d2b16a7618
DEV: Generate emoji/data on demand (#9744)
These emoji rarely change and can be re-generated when we make changes
to them.
2020-05-11 15:29:46 -04:00
Joffrey JAFFEUX
00a038d646
REFACTOR: removes various assignments and superfluous params (#9699) 2020-05-08 09:19:48 +02:00
Robin Ward
f9608c0af5 DEV: Remove INLINE_ONEBOX_* constants
There were two constants here, `INLINE_ONEBOX_LOADING_CSS_CLASS` and
`INLINE_ONEBOX_CSS_CLASS` that were both longer than the strings they
were DRYing up: `inline-onebox-loading` and `inline-onebox`

I normally appreciate constants, but in this case it meant that we had
a lot of JS imports resulting in many more lines of code (and CPU cycles
spent figuring them out.)

It also meant we had an `.erb` file and had to invoke Ruby to create the
JS file, which meant the app was harder to port to Ember CLI.

I removed the constants. It's less DRY but faster and simpler, and
arguably the loss of DRYness is not significant as you can still search
for the `inline-onebox-loading` and `inline-onebox` strings easily if
you are refactoring.
2020-05-07 16:14:38 -04:00
Robin Ward
3567a90661 DEV: Ember Addon needs a vendor dir 2020-05-07 15:45:35 -04:00
Robin Ward
79c64eaeff
DEV: Move pretty-text into an ember-addon format (#9689) 2020-05-07 12:37:47 -04:00
Joffrey JAFFEUX
e74170cd9e
REFACTOR: Superfluous arguments passed to function resolveSize (#9678)
resolveSize accepts only one param
2020-05-07 16:36:15 +02:00
Joffrey JAFFEUX
affc79bb68
REFACTOR: removes useless assignment to local variable (#9676) 2020-05-07 16:35:54 +02:00
Joffrey JAFFEUX
a078b086ba
REFACToR: removes useless assignment to local variable (#9675) 2020-05-07 16:34:36 +02:00
Joffrey JAFFEUX
864f48b2e6
REFACTOR: removes useless conditional (#9668)
Given we will return true on the line before if inlineEmoji, this will always be false.
2020-05-07 16:25:23 +02:00
Joffrey JAFFEUX
01272f2085
REFACTOR: removes unreachable code (#9665)
* REFACTOR: removes unreachable code

* this one too
2020-05-07 16:24:54 +02:00
Robin Ward
d615de9139
DEV: Support for import Handlebars from 'handlebars'; (#9600)
* Remove Handlebars.SafeString usage

* DEV: Support for `import Handlebars from 'handlebars'`;

* FIX: Sprockets was broken when `node_modules` was present

By default the old version of sprockets looks for application.js
anywhere, including in a node_modules folder if this exists
(which it will when we move to Ember CLI.)
2020-04-30 16:41:02 -04:00
Roman Rizzi
64ec771dc6
REFACTOR: Resize controls (#9393) 2020-04-09 12:13:15 -03:00
Joffrey JAFFEUX
0996c3b7b3
FEATURE: allows multiple custom emoji groups (#9308)
Note: DBHelper would fail with a sql syntax error on columns like "group".

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2020-03-30 20:16:10 +02:00
Jarek Radosz
67b34600d5
DEV: Use type instead of method in ajax calls (#8974)
Even though `type` is an alias for `method`, we have custom logic in `/discourse/lib/ajax` that checks only `type`, and ~200 other ajax calls in the codebase already use `type` param.
2020-03-26 21:00:10 +01:00
Robin Ward
c150566506
Migrate pretty-text to .js extensions (#9243) 2020-03-20 09:55:42 -04:00
Joffrey JAFFEUX
d2bb127e2c
FIX: prevents crash when to be unescaped emoji is not a string (#9189)
I couldn't get a repro so this is a shot in the dark and doesn't solve the root issue, but should prevent topic view from crashing.
2020-03-12 13:59:43 +01:00
Martin Brennan
3e54e0191e
FIX: Use full URL for secure attachments when secure media enabled (#9037)
When secure media is enabled and an attachment is marked as secure we want to use the full url instead of the short-url so we get the same access control post protections as secure media uploads.
2020-03-04 10:11:08 +11:00
Martin Brennan
0df72a51b8
FIX: Stop infinite lookup-urls issue for video/audio on page (#9096)
Meta report: https://meta.discourse.org/t/excessive-requests-to-uploads-lookup-urls-leading-to-429-response/143119

* The data-orig-src attribute was not being removed from cooked
video and audio so the composer was infinitely trying to get the
URLs for them, which would never resolve to anything
* Also the code that retrieved the short URL was unscoped, and was
getting everything on the page. if running from the composer we
now scope to the preview window
* Also fixed a minor issue where the element href for the video
and audio tags was not being set when the short URL was found
2020-03-03 15:44:01 +11:00
Dan Ungureanu
ec40242b5c
FIX: Make inline oneboxes work with secured topics in secured contexts (#8895) 2020-02-12 12:11:28 +02:00
Martin Brennan
7ff58f1787
FIX: Disable preloading audio + video when secure media enabled (#8922)
Meta topic: https://meta.discourse.org/t/secure-media-uploads-expire/140894

This fixes the issue where if secure media was enabled, audio
and video files would do an initial load using the presigned
URL for the media to get metadata information e.g. duration of
track/video. However this started the expiry countdown for the
URL, so when a user pressed play on the media after 15 seconds
the media would be expired and AWS would return a 403 error.

We do not preload media if secure media is enabled. Otherwise
we just set the preload type to "metadata" which is the browser
default anyway.
2020-02-11 11:49:58 +10:00
Penar Musaraj
8009d7bda2
FEATURE: Support video caption tags/attributes (#8914) 2020-02-10 13:37:32 -05:00
Dan Ungureanu
2a884e25be
DEV: Make image resize controls more resilient (#8867)
Commit aa24be1 made it possible to build data attributes from image's
Markdown and this changes ensure that the resize controls still work
when data attributes are present.
2020-02-06 17:19:24 +02:00
Jarek Radosz
53529a3427
DEV: Upgrade Ember to version 3.12.2 (#8753)
* DEV: Use Ember 3.12.2
* Add Ember version to ThemeField's DEPENDENT_CONSTANTS
* DEV: Use `id` instead of `elementId` (See: https://github.com/emberjs/ember.js/issues/18147)
* FIX: Don't leak event listeners (bug introduced in 999e2ff)
2020-02-05 14:51:00 +01:00
Martin Brennan
397adfd128
FIX: Wrap markdown videos with video-container class to stop post height jumping (#8806)
This will lock video aspect ratio to 16:9 and stop them from making posts jump around on load.

See also discourse/onebox@6f58545 and fe20cb4.
2020-01-29 15:52:02 +10:00
Martin Brennan
65481858c2
FEATURE: Use upload:// short URL for videos and audio in composer (#8760)
For consistency this PR introduces using custom markdown and short upload:// URLs for video and audio uploads, rather than just treating them as links and relying on the oneboxer. The markdown syntax for videos is ![file text|video](upload://123456.mp4) and for audio it is ![file text|audio](upload://123456.mp3).

This is achieved in discourse-markdown-it by modifying the rules for images in mardown-it via md.renderer.rules.image. We return HTML instead of the token when we encounter audio or video after | and the preview renders that HTML. Also when uploading an audio or video file we insert the relevant markdown into the composer.
2020-01-23 09:41:39 +10:00
Bianca Nenciu
7b7e1717f2
FIX: Quoting a quote preserves the original post information (#8746)
Let's say post #2 quotes post number #1. If a user decides to quote the
quote in post #2, it should keep the information of post #1
("user_1, post: 1, topic: X"), instead of replacing with current post
info ("user_2, post: 2, topic: X").
2020-01-22 16:10:23 +02:00
Joffrey JAFFEUX
3b5a6c9895
REFACTOR: unify naming of only emoji (#8741) 2020-01-17 17:21:08 +01:00
Jarek Radosz
fe588cc7f8
DEV: Fix function prototype deprecations (#8681)
* DEV: Fix the function prototype observers deprecation

DEPRECATION: Function prototype extensions have been deprecated, please migrate from function(){}.observes('foo') to observer('foo', function() {}). [deprecation id: function-prototype-extensions.observes] See https://deprecations.emberjs.com/v3.x/#toc_function-prototype-extensions-observes for more details.

* DEV: Fix the function prototype event listeners deprecation

DEPRECATION: Function prototype extensions have been deprecated, please migrate from function(){}.on('foo') to on('foo', function() {}). [deprecation id: function-prototype-extensions.on] See https://deprecations.emberjs.com/v3.x/#toc_function-prototype-extensions-on for more details.

* DEV: Simplify `default as` imports

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2020-01-16 18:56:53 +01:00
Joffrey JAFFEUX
948bd00340
FEATURE: line with only 1 to 3 emojis will now display as large emojis 2020-01-16 09:54:26 +01:00
Roman Rizzi
2db7b3d9c7
FIX: Correctly wrap image and resize controls inside paragraph (#8718) 2020-01-15 14:01:14 -03:00
Dan Ungureanu
aa24be1a9a
DEV: Extend plugin API for uploads (#8440)
* DEV: Add API to alter uploads Markdown

* DEV: Extract data attributes from image / download Markdown

For example '[test|attachment|hello=world]' will generate an 'a' element
with a data attribute: 'data-hello=world'.

This commit also makes MarkdownIt to transform '|attachment' into
'class="attachment"'. This transformation used to be a part of the
process which resolves short URLs (i.e. upload://).

* DEV: Export imageNameFromFileName
2019-12-09 16:20:03 +02:00
Gerhard Schlager
9ebb69e8eb FIX: Respect enable_inline_emoji_translation setting in titles 2019-12-03 20:39:11 +01:00
Martin Brennan
d0246104ee
FIX: oneboxer.js infinitely retrying failed requests (#8414)
* setFailedCache was used like a variable object, when it was in fact a function
2019-11-26 15:49:58 +10:00
romanrizzi
01e2d5a670 UX: Set selected scale to 100% if scale is undefined 2019-11-22 18:19:35 -03:00
Penar Musaraj
cc8baa1a7c Fix Prettier using correct version (1.19.1) 2019-11-15 10:34:26 -05:00
Roman Rizzi
1c179177e7
REFACTOR: Attach resize controls to images from the markdown pipeline (#8314) 2019-11-12 17:32:37 -03:00
Jarek Radosz
5d4b240453
DEV: Provide radix argument to parseInt (#8281)
* DEV: Provide radix 10 argument to parseInt

* DEV: Provide radix 16 argument to parseInt

* DEV: Remove unnecessary parseInt calls

* Fix year formatting

parseInt was used here to convert decimals to ints
2019-11-12 10:47:42 +01:00
Mark VanLandingham
6275c05c0d
DEV: Move computed to discourseComputed (#8312) 2019-11-07 15:38:28 -06:00
Mark VanLandingham
11f50eee3b
DEV: Remove pretty_text import hack & still work server-side (#8266)
* FIX: move attachment_css_class constant out of upload-short-url for discourse-markdown-it

* Use setTimeout instead of ember later

* WIP. Not sure if this worked.

* oneboxer cache in separate file

* Reset onebox cache still

* set functions for oneboxers cache
2019-10-31 11:54:46 -05:00
Robin Ward
8d34f4bbd9 Revert "Revert Ember.run refactors"
This reverts commit fcb1ca52f9.
2019-10-30 09:48:24 -04:00
Robin Ward
fcb1ca52f9 Revert Ember.run refactors
This reverts commit 5ca60fcb6b.
2019-10-29 17:10:47 -04:00
Robin Ward
5ca60fcb6b REFACTOR: Use imports for Ember.run 2019-10-29 15:31:56 -04:00
romanrizzi
9845963105 FEATURE: Use the 'ugc' rel attribute alongside 'nofollow' 2019-10-14 15:21:48 -03:00
Rishabh
d93586c63f FEATURE: Whitelist the allowfullscreen iframe attribute (#8086)
Adding this to core allows showing the fullscreen button on external iframe videos like Vimeo.
https://meta.discourse.org/t/full-screen-videos-plugin/90869 will not be needed anymore.
2019-09-11 16:49:54 +02:00
Joffrey JAFFEUX
e94f67e2da
prettier (#8031) 2019-08-22 15:27:45 +02:00
Régis Hanol
1e4f0ac216 FIX: infinite loop when mentioning in IE11 2019-08-22 14:47:25 +02:00
Joffrey JAFFEUX
5d72561f4f
FIX: allows replacement of digits and symbols emojis (#7978) 2019-08-07 11:38:58 +02:00
David Taylor
39e0442de9 FIX: Various watched words improvements
- Client-side censoring fixed for non-chrome browsers. (Regular expression rewritten to avoid lookback)
- Regex generation is now done on the server, to reduce repeated logic, and make it easier to extend in plugins
- Censor tests are moved to ruby, to ensure everything works end-to-end
- If "watched words regular expressions" is enabled, warn the admin when the generated regex is invalid
2019-08-02 15:29:12 +01:00
Joffrey JAFFEUX
67650328b4
FIX: allows to specify camelCased attributes in wrap component (#7919) 2019-07-22 09:24:27 +02:00
Gerhard Schlager
4a095b286b Follow-up for 9a11a8b3 to fix qunit tests 2019-07-11 23:56:22 +02:00
Gerhard Schlager
9a11a8b33b FEATURE: Site setting for typographic quotation marks
Adds locale defaults for German and French
2019-07-11 23:19:28 +02:00
Guo Xiang Tan
06d974d55c FEATURE: Add base62 sha1 to cooked data attribute
* FEATURE: Add base62 sha1 to data attribute in `Post#cooked`.

* FIX: Use `Upload#short_url` when quoting an image.
2019-06-11 11:15:45 +10:00
Guo Xiang Tan
bd538f7437 FIX: Composer preview not caching inline onebox. 2019-06-11 09:14:53 +08:00
Guo Xiang Tan
1991af2abb DEV: Switch InlineUploads to a regexp based implementation. 2019-06-04 15:54:25 +08:00
Guo Xiang Tan
f0620e7118 FEATURE: Support [description|attachment](upload://<short-sha>) in MD take 2.
Previous attempt was missing `post_uploads` records.
2019-05-29 09:26:32 +08:00
Penar Musaraj
7c9fb95c15 Temporarily revert "FEATURE: Support [description|attachment](upload://<short-sha>) in MD. (#7603)"
This reverts commit b1d3c678ca.

We need to make sure post_upload records are correctly stored.
2019-05-28 16:37:01 -04:00
Guo Xiang Tan
b1d3c678ca FEATURE: Support [description|attachment](upload://<short-sha>) in MD. (#7603) 2019-05-28 11:18:21 -04:00
Gerhard Schlager
e224100023 FIX: Don't convert :) into Emoji when emojis or emoji shurtcuts are disabled 2019-05-22 11:44:39 +02:00
Joffrey JAFFEUX
7334362b77
FEATURE: generic theme component bbcode wrapper (#7400)
Usage:

```
[wrap=name foo=bar]
hello world
[/wrap]
```
2019-04-24 10:37:34 +02:00
Gerhard Schlager
a7bc1ecbae FEATURE: Add support for Unicode usernames and group names
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2019-04-23 13:00:27 +02:00
Tim Lange
2c4b3c21a9 UX: Unified emoji escape regex 2019-03-29 12:17:11 -04:00
Tim Lange
f7b156ffbd UX: Better emoji escaping for topic title (#7218)
* FIX: Fixed failing discourse-prometheus-alert-receiver plugin specs
2019-03-21 09:11:33 +01:00
Régis Hanol
6fb49e74a1
Revert "UX: Better emoji escaping for topic title (#7176)" (#7201)
This reverts commit 0d9bc0aaa6.
2019-03-19 12:02:47 +01:00
Tim Lange
0d9bc0aaa6 UX: Better emoji escaping for topic title (#7176) 2019-03-19 09:33:10 +01:00
Tim Lange
37c613dde2 FIX: Outsourced erb part from emoji.js.es6 (#7168) 2019-03-15 15:44:49 +11:00
Joffrey JAFFEUX
d32557ea32 Revert "FIX: Better emoji escaping for topic title"
This reverts commit 35426b5ad6.
2019-03-13 13:02:56 +01:00
Tim Lange
35426b5ad6 FIX: Better emoji escaping for topic title
This commit also puts emojiVersion in its own erb file.
2019-03-13 11:17:59 +01:00
Maja Komel
7d2ea2d4dd FEATURE: image resizing discoverability (#6804) 2019-02-27 11:46:16 +01:00
Penar Musaraj
2a007bafa2 FEAT: Allow image resize by width or height
`|150x` resizes to 150px wide + auto-height. `x150` resizes to 150px tall and auto-width.

Resize value can be from 1 to 999 (incl. for percentages).
2019-02-07 15:04:39 -05:00
Régis Hanol
5ac1e3d4cd FIX: emojis are hard 🤷 2019-01-04 17:21:16 +01:00
Régis Hanol
95e5f8380d FEATURE: Allow plugins to add custom emoji translations
FIX: buildTranslationTree was erroring when translations overlapped (ie. ":-)" and ":-))")
FIX: emoji translations wasn't working properly when translations overlapped
2019-01-04 15:27:46 +01:00
Vinoth Kannan
2076f371b3 FIX: Hashtags should work for non-english characters 2018-12-26 22:12:40 +05:30
Sam Saffron
69aa8f18c2 FEATURE: allow for custom excerpt BBCODE
This allows fidelity in controlling excerpt (text that shows up when you pin a topic or link to it externally):

```
I am some text

[excerpt]
This is some **custom** markdown that should be the excerpt
[/excerpt]

More text
```

Previous solution relied on DIVs, unfortunately DIVs do not play well,
by design with mixing markdown unless you have a preceding newline eg:

```
<div class='hello'>

this will be treated properly as markdown

</div>
```

This extra newline is not desirable.

I am also considering adding

```
[div class=excerpt]
[/div]
```

This would offer lots of flexibility to themes and plugins that do not want the extra annoying newline.
2018-12-25 17:02:28 +02:00
Bianca Nenciu
a8e8473ea5 DEV: Apply code review. 2018-12-05 21:58:55 +01:00
Bianca Nenciu
e9bbdef156 FEATURE: Add support for inline emoji translation. 2018-12-05 21:58:55 +01:00
Sam
5c17e46274 FEATURE: allow advanced specification of excerpts for posts
Previously users could control excerpt with `<span class='excerpt'>`
in Markdown, this is somewhat limited for plugins that need to define this
across a section. This adds support for DIV as well
2018-12-04 15:13:34 +11:00
Guo Xiang Tan
a1e77aa2ed
FEATURE: Reimplement SiteSetting.max_oneboxes_per_post. (#6668)
Previously, the site setting was only effective on the client side of
things. Once the site setting was been reached, all oneboxes are not
rendered. This commit changes it such that the site setting is respected
both on the client and server side. The first N oneboxes are rendered and
once the limit has been reached, subsequent oneboxes will not be
rendered.
2018-11-27 16:00:31 +08:00
Guo Xiang Tan
57e2f4990d
PERF: Move processing of inline onebox out of V8 context. (#6658) 2018-11-26 09:21:38 +08:00
Guo Xiang Tan
c5a70eca6e
PERF: Move mention lookups out of the V8 context. (#6640)
We were looking up each mention one by one without any form of caching and that results
in a problem somewhat similar to an N+1. When we have to do alot of DB
lookups, it also increased the time spent in the V8 context which may
eventually lead to a timeout. The change here makes it such that mention lookups only does a single
DB query per post that happens outside of the V8 context.
2018-11-22 14:28:48 +08:00
Joffrey JAFFEUX
58c795ef30 DEV: adds test for image-short-url (#6642) 2018-11-22 07:48:52 +11:00
Sam
0a86ef69bb FIX: browser infinite recursion when editing post
This was a result of:

c4ed353fae

jQuery map on a jQuery object, returns a jQuery object http://api.jquery.com/map/

So you need to convert it to an array prior to mapping
2018-11-21 12:51:14 +11:00
Joffrey JAFFEUX
c4ed353fae DEV: removes _.map from codebase (#6616) 2018-11-19 10:46:46 +01:00
Vinoth Kannan
44d95ad5ab FIX: Cache url data for failed inline oneboxes 2018-11-13 01:44:20 +05:30
David Taylor
3c2608d41c
FIX: Correctly censor strings starting or ending with non-word characters (#6445) 2018-10-04 15:15:10 +01:00
Vinoth Kannan
fe6c3b7d2e Make prettier happy 2018-09-04 00:31:41 +05:30
Vinoth Kannan
24a14af15a FIX: Respect invalidate_oneboxes option for inline oneboxes 2018-09-03 22:33:43 +05:30
Sam
280c318c49 FEATURE: allow ruby tags in Markdown 2018-08-03 11:47:36 +10:00
Sam
0b3d51a8bc FEATURE: whitelist lang attribute 2018-08-02 16:53:08 +10:00
OsamaSayegh
f13a7226db FIX: display tables in posts history diff (#6032) 2018-07-12 14:13:52 +10:00
Sam
b54ba4c952 FIX: mentions broken after adding an <abbr> tag
A previous shortcut used was not allowing for <abbr and other tags starting with a

If <abbr> appeared anywhere in the text all mentions would fail to link
2018-07-05 09:27:11 +10:00
Joffrey JAFFEUX
03a7d532cf
DEV: introduces prettier for es6 files 2018-06-15 17:03:24 +02:00
Joffrey JAFFEUX
dd76ba90b3
FIX: bbcode regex was greedy and preventing quotes 2018-05-23 11:55:02 +02:00
Joffrey JAFFEUX
691174fa8f
FEATURE: adds emoji search aliases 2018-05-01 15:43:49 +02:00
Sam
a0cd54750c FIX: inline [code] not handled properly
The text

a
[code]test[/code]

Would eat up the `test` text cause translation from inline to block
for replace rule was not properly handled
2018-04-26 15:18:22 +10:00
Robin Ward
58c81db279 Apply a 'no-group' class to quotes for styling 2018-04-02 14:02:16 -04:00
Robin Ward
90d3544db8 UX: Add a class we can use to target quotes without groups 2018-04-02 14:02:16 -04:00
Robin Ward
31a0c4a9be FEATURE: Add quote-modified class if a quote has been modified 2018-03-13 13:41:06 -04:00
Arpit Jalan
322618fc34 FIX: capital bbcode tags were broken 2018-03-04 22:10:54 +05:30
Sam
d39d2b9352 FEATURE: whitelist data for themes 2018-03-02 14:52:09 +11:00
Neil Lalonde
3313072957 Remove censored_pattern site setting, which is replaced by watched words 2018-02-26 16:29:27 -05:00
Régis Hanol
60ec483caa FIX: include title in local onebox when linking to a different topic 2018-02-19 22:40:14 +01:00
hnb-ku
afdc559f4f FEATURE: Whitelist div[data-theme-*] (#5598)
* Whitelist div[data-theme-*]

Whitelisting data attributes on <div> elements that match [data-theme-*] allows theme authors to target elements in posts and not have those attributes sanitized. 

https://meta.discourse.org/t/79520/16

* Update white-lister.js.es6
2018-02-15 04:32:41 -05:00
Sam
f028ffaf29 SECURITY: correct local onebox category checks
Also removes ugly "source_topic_id" from cooked posts

Patch was authored by @zogstrip

Signed-off-by: Sam <sam.saffron@gmail.com>
2018-02-14 10:40:46 +11:00
Sam
60ee9a4ccf make tests a bit happier 2018-02-01 15:56:22 +11:00
Sam
ee0d3f15c1 FEATURE: allow better fidelity for auto linkify, disable most tlds based linkify
New site settings:

enable_markdown_linkify: which is default on, auto links https:// and http:// and mail://

markdown_linkify_tlds: which allows control of what tlds get autolinked for cases such as www.site.com, default is com|net|gov
2018-02-01 13:22:38 +11:00
Maja Komel
330912e1e5 FIX: allowed href scheme link can start with a + (#5537)
* allowed href scheme link can start with a +

* allow tel:// links only to start with +

* add missing semicolon

* add test
2018-01-30 11:02:23 +11:00
Sam
f946db4afe FIX: inline oneboxer min title length of 2
also: cache mini onebox misses as well to cut down traffic
2018-01-30 08:40:04 +11:00
Neil Lalonde
dc97239040 FIX: censored regex words were replacing other text that shouldn't be censored 2018-01-24 12:33:47 -05:00
Sam
3492a91056 FEATURE: allow site operators to disable emoji shortcuts 2018-01-24 12:21:44 +11:00
Neil Lalonde
edb3a7f646 FIX: support for watched_words_regular_expressions when censoring words 2018-01-10 14:11:23 -05:00
Neil Lalonde
ad62f1099c FIX: censored words should support * as wildcard 2018-01-09 15:53:40 -05:00
Sam
a9e2fc59c4 FIX: [constructor] bbcode would cause markdown crash 2017-12-27 16:11:30 +11:00
Joffrey JAFFEUX
fd99e1ef56 FEATURE: site setting enable_mentions to turn on/off mentions 2017-12-07 16:27:58 -05:00
Guo Xiang Tan
4531563717 Hide new advanced editor and preview sync behind a hidden site settings. 2017-12-06 12:34:58 +08:00
Guo Xiang Tan
44333c5de3 REFACTORY: Dry up some composer syncing code. 2017-11-24 14:57:36 +08:00
Guo Xiang Tan
486016acea UX: Improve editor and preview scroll syncing. 2017-11-23 17:02:02 +08:00
Sam
d43a54e83a FIX: use current_user.id in onebox instead of param 2017-11-23 15:32:19 +11:00
Robin Ward
f8164956dd Add quote and mention support for username formatters 2017-11-20 16:28:03 -05:00
Sam
38c103c75e correct spec 2017-11-13 18:09:24 +11:00
Sam
8a66446849 FEATURE: add overflow-y auto to Markdown tables 2017-11-13 17:52:15 +11:00
Sam
232311aa8c FIX: missing short image resolution on queued posts 2017-11-13 12:08:11 +11:00
Sam
3ac7d041ae UX: generic onebox treats all square images as avatars and renders them smaller 2017-11-13 11:21:19 +11:00
ckeboss
93633865d9 Adds primary user group as a class to quote (#5285)
* Adds primary user group as a class to quote

This feature addition will add the class `group-PRIMARY_USER_GROUP` to
the quote `aside`. `PRIMARY_USER_GROUP` will be the primary user group
of the user being quoted. This is similar to the class that is added to
a `topic-post`.

* Remove trailing whitespace

* Fix avatar in test

* Address PR comments

* Fix trailing whitespace
2017-11-03 09:51:40 -04:00
Robin Ward
a0dd75ba88 FEATURE: New API to create a custom formatter for displaying usernames
This is not exhaustive right now, but a good start and we can add to
it over time.
2017-10-30 13:27:08 -04:00
Robin Ward
fb2e581b26 FIX: Headings must begin with heading-- to avoid some griefing 2017-10-16 11:53:47 -04:00
Sam
229a10e142 Missed a whitelist, compensate for strict classes 2017-10-16 10:46:01 +11:00
Sam
9cb088e3f6 FIX: restrict classes allowed for img tag in Markdown 2017-10-16 09:34:30 +11:00
Robin Ward
1af4acbb3d Add tests to flagged topics 2017-09-25 12:25:14 -04:00
Guo Yunhe
7d29ccf207 bbcode find close tag loop end condition
Only break loop when close tag has been found. Otherwise, keep searching until the end of string.
2017-09-06 09:13:57 +03:00
Arpit Jalan
ebbdd4fe0f FIX: error when rebaking posts 2017-09-02 22:22:29 +05:30
Sam Saffron
46ebd0ee40 correct spec and allow for zero allowed iframes 2017-09-01 12:08:55 -04:00
Sam Saffron
e283e6aea0 FEATURE: allowed_iframes site setting for allowing iframes
This allows you to whitelist custom iframes if needed in posts
2017-09-01 10:15:44 -04:00
Sam
d7a2584c6e FEATURE: image uploads now have short urls
Shorten all image uploads to use short urls, this is the client
side implementation.
2017-08-22 16:40:08 -04:00
Sam
bcf7dc38c2 FEATURE: server side support for upload:// markdown
This allows uploads to be specified using short sha1 hash instead of full
URL

Client side change is pending
2017-08-22 11:46:23 -04:00
Sam
5942ad83c0 Skip inline onebox for domain only 2017-08-02 17:27:58 -04:00
Sam
a4e1920604 FIX: inline oneboxer not applying to lists 2017-08-02 16:10:08 -04:00
Sam
4f574e7c93 FEATURE: support inline bbcode blocks eg: [quote]test[/quote] 2017-07-27 17:55:17 -04:00
Neil Lalonde
24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
David Taylor
27539e15e1 Allow whitespace around % scaler in markdown image syntax (#5000) 2017-07-26 10:54:20 -04:00
Sam
4da98cdcfe FIX: allow bbcode to be unquoted for default 2017-07-24 18:36:17 -04:00
Sam
40abcfc2f5 FIX: smart quote edge case with quotes 2017-07-24 12:21:49 -04:00