David Taylor
ec9734bc42
SECURITY: Expand and improve SSRF Protections (stable) ( #18816 )
...
See https://github.com/discourse/discourse/security/advisories/GHSA-rcc5-28r3-23rr
Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2022-11-01 16:34:12 +00:00
Blake Erickson
919e405c48
FIX: Don't display webhooks for inactive plugins ( #9206 )
...
* FIX: Don't display webhooks for inactive plugins
This commit ensures that we don't show webhooks for plugins that are not
installed or that are disabled.
Bug report:
https://meta.discourse.org/t/webhookeventtype-and-the-solved-and-assign-plugins/144180
* rename to just 'active', it's cleaner
2020-03-17 10:39:24 -06:00
Sam Saffron
30990006a9
DEV: enable frozen string literal on all files
...
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.
Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Sam Saffron
ac3dab93f5
DEV: lint the files
2019-04-29 17:40:53 +10:00
Sam Saffron
45285f1477
DEV: remove update_attributes which is deprecated in Rails 6
...
See: https://github.com/rails/rails/pull/31998
update_attributes is a relic of the past, it should no longer be used.
2019-04-29 17:32:25 +10:00
Maja Komel
34730a0b16
UX: show if webhook is disabled ( #7217 )
...
+ show in staff logs when webhook is created/updated/destroyed
2019-03-21 16:13:09 +01:00
Vinoth Kannan
d33d031742
FEATURE: Filter topic and post web hook events by tags ( #6726 )
...
* FEATURE: Filter topic and post web hook events by tags
* Add a spec test with unmatched tags
2018-12-05 14:44:06 +05:30
Guo Xiang Tan
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Erick Guan
9f8a917d65
add event name for ping webhooks in the header
2017-05-02 08:13:23 +02:00
Guo Xiang Tan
547750e9dd
Unify API keys and web hooks into a single admin nav header.
2016-09-20 05:22:03 +08:00
Erick Guan
00d5facf36
FEATURE: prompts new webhook events
2016-09-19 12:07:17 +08:00
Erick Guan
9ce61b4586
FEATURE: Webhooks.
2016-09-05 18:44:00 +08:00