Neil Lalonde
|
01d0aeb5a9
|
merge master
|
2016-03-31 17:40:54 -04:00 |
|
Arpit Jalan
|
331a9c8a2f
|
SECURITY: Backport XSS fix
|
2016-03-08 21:08:05 +05:30 |
|
Régis Hanol
|
f9710d0d7c
|
FIX: unescape emojis in digests
|
2016-03-08 21:05:50 +05:30 |
|
Robin Ward
|
9f56d61305
|
Backported PluginAPI for compatibility with plugins
|
2016-02-17 12:19:07 -05:00 |
|
Régis Hanol
|
e953c1c5a6
|
fix eslint
|
2016-02-05 16:10:49 +01:00 |
|
Régis Hanol
|
28e4ea3178
|
we still need md5
|
2016-02-05 16:01:23 +01:00 |
|
Sam Saffron
|
45a166b315
|
SECURITY: hoist blocks using guids, not md5 hashes
|
2016-02-05 16:01:15 +01:00 |
|
Sam Saffron
|
51da6676f0
|
SECURITY: topic titles can show up in user page unescaped when streamed in
|
2016-02-01 21:02:23 +11:00 |
|
Robin Ward
|
b792629208
|
FIX: Precompiler should apply get magic too
|
2016-01-15 15:26:19 -05:00 |
|
Robin Ward
|
2ad461f218
|
SECURITY: Upgrade Ember to fix CVE-2015-7565. Also upgrade Handlebars
|
2016-01-15 15:23:58 -05:00 |
|
Robin Ward
|
189595466c
|
SECURITY: Backported XSS fixes from Handlebars
|
2015-11-24 16:30:52 -05:00 |
|
Robin Ward
|
e9f80464b4
|
SECURITY: XSS Protection on Queued Posts
|
2015-11-20 14:28:03 -05:00 |
|
Robin Ward
|
c72f0160de
|
SECURITY: Unread post notifications should respect whispers
|
2015-10-19 16:32:55 -04:00 |
|
Robin Ward
|
b7bdaac081
|
SECURITY: Moderators should not see API keys
|
2015-10-14 15:46:46 -04:00 |
|
Sam
|
1fef49a094
|
SECURITY: XSS in search results term
Thanks to Jerbi Nessim
|
2015-10-07 10:53:48 +11:00 |
|
Sam
|
fe786dfc64
|
FIX: don't use Safari hack on Windows Phone
|
2015-09-28 17:20:54 +10:00 |
|
Robin Ward
|
41c5b262b2
|
FIX: max_topics_per_day was not working
|
2015-09-25 12:47:38 -04:00 |
|
Régis Hanol
|
e13906d5fb
|
FIX: replaceMarkdown should be smart about current caret position
|
2015-09-25 12:47:38 -04:00 |
|
Sam
|
be8a20db67
|
FIX: disable cloaked view while running ios positioning hack
|
2015-09-25 12:47:38 -04:00 |
|
Sam
|
2f3bc60e59
|
FIX: whispers should not be revealed in reply to, or reply expansion
FEATURE: mark whisper as experimental
FIX: badges should never apply to whispers
|
2015-09-25 12:47:38 -04:00 |
|
Sam
|
d7f2933743
|
FIX: when replying to a expanded reply, correctly attribute author
|
2015-09-25 12:47:37 -04:00 |
|
Robin Ward
|
7a155710dd
|
FIX: Category Logo preview should not repeat
|
2015-09-25 12:47:37 -04:00 |
|
Régis Hanol
|
931812ce69
|
FIX: only disable the composer grip when the device is touch-only
|
2015-09-25 12:47:37 -04:00 |
|
Régis Hanol
|
33f689357a
|
FIX: pikaday wasn't working when using the mouse with a touch-enabled monitor
|
2015-09-25 12:47:37 -04:00 |
|
Sam
|
b2e3703ae7
|
Revert "UX: always show logout link in user menu, use CSS to hide"
oops was on wrong branch
This reverts commit 2cbb49baec .
|
2015-09-25 12:16:17 +10:00 |
|
Sam
|
2cbb49baec
|
UX: always show logout link in user menu, use CSS to hide
.menu-panel .logout-link {display: none}
|
2015-09-25 12:14:20 +10:00 |
|
Sam
|
60a8e203db
|
Revert "FIX: properly filter badges when they're on a whisper"
This reverts commit 584a170534 .
|
2015-09-25 10:22:08 +10:00 |
|
Régis Hanol
|
584a170534
|
FIX: properly filter badges when they're on a whisper
|
2015-09-25 00:39:39 +02:00 |
|
Régis Hanol
|
62b493281e
|
FIX: notifications & messages were missing from user profile
|
2015-09-24 19:17:06 +02:00 |
|
Robin Ward
|
4236317f69
|
FIX: Double load sometimes on topic lists
|
2015-09-23 16:41:01 -04:00 |
|
Neil Lalonde
|
65e159b073
|
Merge master
|
2015-09-22 15:00:32 -04:00 |
|
scossar
|
9a93a43905
|
reduce z-index
|
2015-09-22 11:01:43 -07:00 |
|
Robin Ward
|
79beb9f409
|
FIX: You could set reply_to_post_number when replying as a new topic
|
2015-09-22 13:32:19 -04:00 |
|
Robin Ward
|
9f89aefdd3
|
FIX: Don't update the last poster when a whisper is made
|
2015-09-22 12:23:37 -04:00 |
|
Régis Hanol
|
e65ddc6c25
|
FIX: immediately remove upload placeholder when cancelling the upload
FIX: prevent post submit when something is uploading
|
2015-09-22 18:16:53 +02:00 |
|
Régis Hanol
|
6a4b9a3d38
|
FIX: remove upload placeholder when cancelling the upload
|
2015-09-22 17:58:12 +02:00 |
|
Régis Hanol
|
a6934a200e
|
FIX: don't use the filename for the upload placeholder
|
2015-09-22 17:45:55 +02:00 |
|
Sam
|
a0524ea4d1
|
FIX: render canonical URLs
|
2015-09-22 09:37:52 +10:00 |
|
Régis Hanol
|
4f7140fb32
|
FIX: properly filter whispers in user stream
|
2015-09-22 00:50:52 +02:00 |
|
Neil Lalonde
|
2ae032c9b0
|
FIX: categories page would sometimes show no topics, even if there are some visible topics to show
|
2015-09-21 18:13:14 -04:00 |
|
Sam
|
6e384cd4c7
|
highlight title in full page search
|
2015-09-22 07:39:44 +10:00 |
|
Robin Ward
|
b6155889d5
|
FIX: Respect sort order when user fields are shown publically
|
2015-09-21 15:26:11 -04:00 |
|
Robin Ward
|
cc0f76e60a
|
Merge pull request #3798 from riking/patch-6
FIX: :( page was never showing the URL
|
2015-09-21 14:45:42 -04:00 |
|
Kane York
|
e36c0966d0
|
FIX: :( page was never showing the URL
|
2015-09-21 11:38:37 -07:00 |
|
Régis Hanol
|
fe656fb04d
|
FIX: select appropriate period when redirecting to top
|
2015-09-21 20:28:20 +02:00 |
|
Robin Ward
|
b49e9fb174
|
FIX: Load order of TopicTrackingState was off
|
2015-09-21 14:15:25 -04:00 |
|
Robin Ward
|
9f6ce653a9
|
FIX: Selecting posts was broken on IOS9 iPad
|
2015-09-21 13:50:05 -04:00 |
|
Régis Hanol
|
af7f00099f
|
FIX: uploading a file with a non-ASCII character wasn't removing the placeholder
|
2015-09-21 16:17:25 +02:00 |
|
Arpit Jalan
|
4f31745e10
|
UX: improve twitter onebox
|
2015-09-21 17:40:17 +05:30 |
|
Guo Xiang Tan
|
e3d5cc54a1
|
UX: Disable button when Notification permission is denied.
|
2015-09-21 18:14:13 +08:00 |
|