Commit Graph

10357 Commits

Author SHA1 Message Date
tms
2e230d2661 Be more selective about when we allow oembed discovery 2013-02-25 20:48:17 -05:00
Jeremy Banks
a7a2dcebac Include /^http... prefix in onebox whitelist URLs regexes to prevent XSS. 2013-02-25 20:06:16 -05:00
Jeff Atwood
11bf337b52 add thinkgeek to onebox whitelist 2013-02-25 14:19:07 -08:00
Robin Ward
e461c84253 Clean up JS, add YUIDoc support, automatically create IIFE via asset pipeline 2013-02-25 17:16:57 -05:00
Sam Saffron
47fedd8f4d correct breakage
don't set permanent cookie, kill session if it conflicts
2013-02-24 22:56:08 +11:00
Sam Saffron
fd2e9a99bf cookie recovery cause we have been messing with it. 2013-02-24 21:50:34 +11:00
Sam Saffron
b66db4153d refactor and organise current_user better 2013-02-24 21:42:04 +11:00
Sam
ab97dc8fd6 Update lib/current_user.rb 2013-02-24 17:24:40 +11:00
tms
3e6641c07e Unsign auth token cookies per discussion on #215 2013-02-23 13:40:21 -05:00
Sam Saffron
47be98ed1c diff engine, help needed 2013-02-23 16:30:02 +11:00
Neil Lalonde
7f08765ba7 version bump to 0.8.2 2013-02-22 17:17:03 -05:00
Robin Ward
532b1f5450 Can edit category descriptions, they show up in a title attribute 2013-02-22 13:43:47 -05:00
Sam
6347cbe275 HELP NEEDED. Implement Me! 2013-02-22 23:47:26 +11:00
Sam Saffron
21cc9ab1ff work in progress 2013-02-22 10:56:59 +11:00
Neil Lalonde
8620024798 Show which SHA is installed on the admin dashboard 2013-02-21 13:48:14 -05:00
Neil Lalonde
560411eece Add site_setting to disable version checks 2013-02-21 10:19:17 -05:00
Robin Ward
84cb08e035 Merge pull request #215 from tms/auth-token-changes
Sign the auth token cookie and make it httpOnly
2013-02-21 07:14:15 -08:00
Sam Saffron
97ceea8878 add delay and trivial 200 code check 2013-02-21 16:37:17 +11:00
Sam Saffron
012941ea62 basic smoke test script 2013-02-21 16:01:40 +11:00
Sam Saffron
250bd3cd21 post processor 2013-02-21 16:01:40 +11:00
Sam Saffron
2226207ecd smoke test 2013-02-21 16:01:40 +11:00
Robin Ward
f661fa609e Convert all CoffeeScript to Javascript. See:
http://meta.discourse.org/t/is-it-better-for-discourse-to-use-javascript-or-coffeescript/3153
2013-02-20 19:01:13 -05:00
tms
5616fdc475 Sign the auth token cookie and make it httpOnly 2013-02-20 17:24:19 -05:00
Neil Lalonde
2668be690f version bump 2013-02-20 16:00:52 -05:00
Robin Ward
13b0b874fb Merge branch 'onebox-safety' of git://github.com/tms/discourse 2013-02-19 16:15:35 -05:00
Neil Lalonde
c0371ff427 Add version checking that shows on the admin dashboard 2013-02-19 15:20:49 -05:00
tms
e951eff5bb Allow oneboxers to specify their simple_onebox text is unsafe 2013-02-19 14:51:44 -05:00
Robin Ward
bb1156cee1 filter out closed/archived/invisible topics from suggested 2013-02-19 14:38:59 -05:00
Robin Ward
ba238f92c2 Revert "Merge branch 'onebox-safety' of git://github.com/tms/discourse"
This reverts commit 7ca57db97a, reversing
changes made to b7e027cfd1.
2013-02-19 14:22:13 -05:00
Robin Ward
7ca57db97a Merge branch 'onebox-safety' of git://github.com/tms/discourse 2013-02-19 13:10:52 -05:00
tms
1a0b23fd2b Allow oneboxers to specify their simple_onebox text is unsafe 2013-02-19 12:06:35 -05:00
tms
6d06420583 Be more selective about when we allow oembed discovery 2013-02-19 11:46:36 -05:00
Robin Ward
ae9bee2a91 Merge pull request #172 from jeremybanks/master
Do not strip leading and trailing whitespace from raw posts
2013-02-19 08:15:39 -08:00
Sam Saffron
d9531d94d5 basic lightbox support 2013-02-19 17:57:14 +11:00
Jeremy Banks
91f9844211 Include /^http… prefix in onebox whitelist URLs regexes to prevent XSS. 2013-02-19 01:49:58 -05:00
Jeremy Banks
eb2a5e4654 Merge branch 'origin/master'
Conflicts:
	lib/text_sentinel.rb
2013-02-18 21:41:20 -05:00
Sam Saffron
0e48e1c346 clean up git version stuff a tad 2013-02-18 18:01:36 +11:00
Sam Saffron
d9a84ddd01 chuck git version at the bottom of the page 2013-02-18 17:39:54 +11:00
Sam Saffron
87b929eac6 added secret token warning in prd
added task to stamp builds
2013-02-18 17:34:43 +11:00
Jeremy Banks
6af69f7e77 Do not strip leading and trailing whitespace from raw posts. 2013-02-15 20:58:33 -05:00
Sam
c7fba796b6 Merge pull request #185 from tms/search-all-the-things
Search all the things
2013-02-17 13:53:58 -08:00
Sam
bc1f8244e4 Merge pull request #186 from tms/oneboxes-shouldnt-explode
Oneboxes shouldn't explode when the remote causes an HTTPError
2013-02-17 13:52:40 -08:00
Sam
df63a3c516 Merge pull request #187 from tms/blog-onebox-tweaks
Have oneboxer default to page title when og:title is missing
2013-02-17 13:51:43 -08:00
tms
85b0c0afab Have oneboxer default to page title when og:title is missing 2013-02-17 04:31:21 -05:00
tms
702fbcdfa8 Oneboxes shouldn't explode when the remote causes an HTTPError 2013-02-17 04:10:17 -05:00
tms
eebc6c7e41 Request per_facet + 1 in search to know if we actually have more 2013-02-17 02:52:21 -05:00
Alexander
6c4ae05454 Removes iconv dependency
Fixes #100
2013-02-15 13:36:19 -08:00
Robin Ward
674c861eaf Adjust deadlock trap to match postgres format. 2013-02-15 11:48:38 -05:00
Robin Ward
036e795e10 Merge pull request #152 from xdite/canonical-url
use canonical-url plugin to make view more clean
2013-02-15 07:18:41 -08:00
Sam Saffron
eb188c57e8 started work on message bus diags 2013-02-15 19:23:40 +11:00
Sam Saffron
4aa7ba620e fix, so really long topics are correct, tested perf on a 4k post topic and seems fine 2013-02-15 13:08:37 +11:00
Sam Saffron
a8085f15c4 grab highest post number from the raw data, so deletions at the end of a topic work 2013-02-15 13:08:37 +11:00
Dan Neumann
44642d4d0c slug should replace underscores 2013-02-14 17:04:30 -06:00
Robin Ward
d740d7b25f Fix for foreign language titles: Only enforce upper case rule on english alphabet. 2013-02-14 16:09:57 -05:00
Neil Lalonde
39eab7c425 Replace mentions of mothership with discourse_hub 2013-02-14 12:57:26 -05:00
Robin Ward
cba4c9051a Merge pull request #160 from jaimeiniesta/replace_hpricot_with_nokogiri
Replace hpricot with nokogiri
2013-02-14 07:55:19 -08:00
Robin Ward
b94b9d2383 Merge pull request #146 from ismaelga/moderators-buttons
Create moderators
2013-02-14 07:26:50 -08:00
Jaime Iniesta
6995e75d41 Replace Hpricot with Nokogiri 2013-02-14 11:35:50 +01:00
Sam Saffron
87d83802b9 added option that allows users to decide when they consider topics new (default 2 days old or newer)
added site_setting to control the default new_topic_duration_minutes
added 10 minutes option for auto_track_topics_after_msecs, default bumped up to 5 mins
2013-02-14 17:36:14 +11:00
Ismael Abreu
80bec6efc9 Adds grant and revoke moderation buttons so admins can make users moderators 2013-02-14 01:12:23 +00:00
Robin Ward
dee9e9a51f Fix bug where links to posts weren't being tracked 2013-02-13 15:23:09 -05:00
Robin Ward
a9da9c5fde Merge pull request #148 from danneu/slug-simplify
replace reinvention of #parameterize
2013-02-13 07:23:26 -08:00
xdite
cab4d95eaf use canonical-url plugin to make view more clean 2013-02-13 19:04:43 +08:00
Robin Ward
27a07054d7 We never want to filter TopicView to just one post. 2013-02-12 19:02:16 -05:00
Dan Neumann
4a390bc562 remove reinvention of #parameterize 2013-02-12 17:53:06 -06:00
Robin Ward
924ad1dae0 Merge pull request #106 from gammons/master
Refactored TopicsController#show into something that is much more maintainable
2013-02-12 08:36:20 -08:00
Neil Lalonde
4636b354b4 Use the new mothership change_nickname API 2013-02-12 10:19:02 -05:00
Sam
4668cf1d54 Merge pull request #114 from edward/patch-1
Consistency in SQL style
2013-02-12 00:11:59 -08:00
Sam
6e74b4fb0c Merge pull request #130 from danneu/slug-refactoring
Lean on Inflector for slug transliteration.
2013-02-11 19:31:16 -08:00
Sam Saffron
ad88487a32 Merge branch 'master' of github.com:discourse/discourse 2013-02-12 13:45:24 +11:00
Sam Saffron
2b276bc2c8 gist oneboxer issues 2013-02-12 13:45:08 +11:00
Dan Neumann
50cf8cd4d5 Set up slug.rb for obvious method extractions. 2013-02-11 20:36:54 -06:00
Dan Neumann
9daf53df73 lean on Inflector transliteration 2013-02-11 20:34:38 -06:00
Grant Ammons
f3dc93a0db WIP, a very nice refactoring of TopicsController#show 2013-02-11 17:54:56 -05:00
Robin Ward
e033213f84 Merge pull request #94 from danneu/plugin-registry-patch
Extracted default value initializers.
2013-02-11 14:50:09 -08:00
Robin Ward
74220b4194 Don't update the current ip to an empty string 2013-02-11 16:01:53 -05:00
Robin Ward
57049b55a2 Little things:
- Retries on deadlock when calculating average time
- Removes Warning: When specifying html format for errors
- Doesn't use manual SQL to update user's ip address
2013-02-11 15:47:28 -05:00
Sam Saffron
fd5f949116 formatting 2013-02-11 19:01:33 +11:00
Sam Saffron
f68f59c24f setting to exclude rel nofollow from particular domains 2013-02-11 18:58:19 +11:00
Edward Ocampo-Gooding
b7a76cbd24 Consistency in SQL style 2013-02-11 01:03:21 -05:00
Sam Saffron
543845c673 rel nofollow, on by default to protect forums from spam etc. we should consider lifting it at high trust by default. 2013-02-11 11:43:07 +11:00
Robin Ward
0dcba67a7e Merge pull request #98 from blom/define_method
Use define_method instead of eval-ing a string
2013-02-10 14:15:48 -08:00
Sam
1264f628c8 Merge pull request #104 from kubabrecka/fix_non_us_locale
fix user listing and search on non-US locale
2013-02-10 14:08:13 -08:00
Sam Saffron
af810f38dd UserSearch refactor
Added .sql_builder to all AR models
2013-02-10 23:37:24 +11:00
Kuba Brecka
d0c1d94918 fix user listing and search on non-US locale 2013-02-10 12:18:11 +01:00
Ørjan Blom
f00853bee8 Use define_method instead of eval-ing a string
It avoids the need for escaping the interpolations.
2013-02-10 00:13:46 +01:00
Grant Ammons
701ecddac2 factor out @post.revise into its own class. clean up PostRevisor class to be more readable 2013-02-09 10:33:25 -05:00
Robin Ward
03a798b202 Can clear flags on deleted posts if you're a moderator 2013-02-08 19:07:29 -05:00
Robin Ward
12d3c3b66b Enforce entropy on flag text 2013-02-08 17:01:43 -05:00
Sam Saffron
d3f911cc4c Revert "Something here is messed up Revert "message bus fixes and diagnostics""
This reverts commit f3c6144e3b.
2013-02-08 22:03:45 +11:00
Sam Saffron
f3c6144e3b Something here is messed up Revert "message bus fixes and diagnostics"
This reverts commit 36d1aafe1e.
2013-02-08 21:39:38 +11:00
Sam Saffron
36d1aafe1e message bus fixes and diagnostics 2013-02-08 19:13:36 +11:00
Dan Neumann
0cf68e2714 Extracted default value initializers. 2013-02-08 01:56:12 -06:00
Neil Lalonde
c524e769d0 Mothership#current_discourse_version had an invalid path 2013-02-07 18:23:52 -05:00
Robin Ward
c4ad927024 Site Settings was deleting the wrong cache object 2013-02-07 16:11:30 -05:00
Robin Ward
084a873b91 Give regular users a delete button. If they click it, their post will be revised to
say it was deleted.
2013-02-07 15:14:23 -05:00
Robin Ward
d49cf88c35 Merge pull request #51 from danneu/slug-patch
Strip leading and trailing slug punctuation.
2013-02-07 07:02:58 -08:00
Sam Saffron
85973ce6b0 added delete all posts button
wired up the ability to enable all themes
2013-02-07 18:11:56 +11:00
Robin Ward
7d7d8c7d4f Merge branch 'master' of github.com:discourse/discourse 2013-02-06 20:59:07 -05:00
Robin Ward
40da901e5d Introduction of TextSentinel to enforce title and body quality. 2013-02-06 20:53:34 -05:00
Dan Neumann
ee8d68842e Strip leading and trailing slug punctuation. 2013-02-06 19:52:14 -06:00
Aaron Chambers
1c29b040c5 A tiny typo fix. It all adds up... 2013-02-07 00:46:57 +00:00
Robin Ward
96e67002ac Merge pull request #44 from bbonamin/patch-1
Fixed minor typo in lib/guardian.rb
2013-02-06 13:28:56 -08:00
Robin Ward
f1a3e76d2b Support for replacing Site Message content with keys specific to a multisite. 2013-02-06 15:29:03 -05:00
Bruno Bonamin
de871ccf8a Fixed minor typo in lib/guardian.rb
Just a letter switch I found upon browsing the code :)
2013-02-06 17:46:45 -02:00
Sam Saffron
0f88947279 fix onebox for your own site 2013-02-06 16:22:11 +11:00
Robin Ward
21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00