Commit Graph

494 Commits

Author SHA1 Message Date
Ghassan Maslamani
2d6bd30dd8
FEATURE: add image delete button in preview. (#17624)
This commit adds a delete button to the composer preview next to the image scale buttons.

Reference: https://meta.discourse.org/t/image-remover-button-to-composer-preview/233005
2022-08-04 16:33:23 -04:00
David Taylor
4bf9b73296
DEV: Ensure censorFn copes with null regexpList (#17754)
This fixes the test suite failures introduced by 862007fb18
2022-08-02 11:09:51 +01:00
Selase Krakani
862007fb18
FEATURE: Add support for case-sensitive Watched Words (#17445)
* FEATURE: Add case-sensitivity flag to watched_words

Currently, all watched words are matched case-insensitively. This flag
allows a watched word to be flagged for case-sensitive matching.
To allow allow for backwards compatibility the flag is set to false by
default.

* FEATURE: Support case-sensitive creation of Watched Words via API

Extend admin creation and upload of Watched Words to support case
sensitive flag. This lays the ground work for supporting
case-insensitive matching of Watched Words.

Support for an extra column has also been introduced for the Watched
Words upload CSV file. The new column structure is as follows:

 word,replacement,case_sentive

* FEATURE: Enable case-sensitive matching of Watched Words

WordWatcher's word_matcher_regexp now returns a list of regular
expressions instead of one case-insensitive regular expression.

With the ability to flag a Watched Word as case-sensitive, an action
can have words of both sensitivities.This makes the use of the global
Regexp::IGNORECASE flag added to all words problematic.

To get around platform limitations around the use of subexpression level
switches/flags, a list of regular expressions is returned instead, one for each
case sensitivity.

Word matching has also been updated to use this list of regular expressions
instead of one.

* FEATURE: Use case-sensitive regular expressions for Watched Words

Update Watched Words regular expressions matching and processing to handle
the extra metadata which comes along with the introduction of
case-sensitive Watched Words.

This allows case-sensitive Watched Words to matched as such.

* DEV: Simplify type casting of case-sensitive flag from uploads

Use builtin semantics instead of a custom method for converting
string case flags in uploaded Watched Words to boolean.

* UX: Add case-sensitivity details to Admin Watched Words UI

Update Watched Word form to include a toggle for case-sensitivity.
This also adds support for, case-sensitive testing and matching of  Watched Word
in the admin UI.

* DEV: Code improvements from review feedback

 - Extract watched word regex creation out to a utility function
 - Make JS array presence check more explicit and readable

* DEV: Extract Watched Word regex creation to utility function

Clean-up work from review feedback. Reduce code duplication.

* DEV: Rename word_matcher_regexp to word_matcher_regexp_list

Since a list is returned now instead of a single regular expression,
change `word_matcher_regexp` to `word_matcher_regexp_list` to better communicate
this change.

* DEV:  Incorporate WordWatcher updates from upstream

Resolve conflicts and ensure apply_to_text does not remove non-word characters in matches
that aren't at the beginning of the line.
2022-08-02 10:06:03 +02:00
Jarek Radosz
ff16ba1fc0
DEV: Update @embroider/test-setup (#17625) 2022-07-24 17:29:21 +02:00
David Taylor
13bc2f1f39 DEV: Upgrade to Ember 3.28 2022-07-19 10:00:59 +01:00
Andrei Prigorshnev
48e2caf7b7
DEV: emoji helper: add the ability to set custom title (#17517) 2022-07-18 21:51:19 +04:00
Jarek Radosz
057d6b406d
DEV: Extensively use includes() (#17541)
Also, the change in insert-hyperlink (from `this.linkUrl.indexOf("http") === -1` to `!this.linkUrl.startsWith("http")`) was intentional fix: we don't want to prevent users from looking up topics with http in their titles.
2022-07-17 20:48:36 +02:00
Jarek Radosz
5f7163b5bb
DEV: Extensively use startsWith() (#17540) 2022-07-17 20:16:39 +02:00
Jarek Radosz
5538b8442e
DEV: Introduce discourseLater (#17532)
A wrapper for `later()` from `@ember/runloop`, similar to `discourseDebounce`. It automatically reduces the delay in testing environment.
2022-07-17 00:50:49 +02:00
Jarek Radosz
365f558bda
DEV: Update ember-resolver (#17432) 2022-07-11 22:52:01 +02:00
Jarek Radosz
006de01943
DEV: Update ember-cli-handlebars (#17429) 2022-07-11 22:25:40 +02:00
Jarek Radosz
c3fd91670e
DEV: Update linting setup and fix issues (#17345)
Re-lands #16119 and #17298

* Update eslint-config-discourse
* Update linting workflow
* Prettier-ignore stuff
* Update template-lint config
* Auto-fix template issues
* Fix various template issues
  Mostly incorrect attributes and unused templates
* Prettier js files
* Fix template auto-fix regressions
* Small css tweak

Co-authored-by: Peter Wagenet <peter.wagenet@gmail.com>
2022-07-06 10:37:54 +02:00
Rafael dos Santos Silva
9833b59b70
FEATURE: Allow iframe allow attribute in posts (#17291)
This is used so iframes can use mic, camera, EME, etc.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy#directives
lists current possible values

Feature request https://meta.discourse.org/t/iframe-attributes-not-working/127383?u=falco
2022-07-05 12:25:27 -03:00
Gerhard Schlager
2d6ef232a7
FIX: Markdown handling failed on empty attribute value (#17199)
Seems to only be a problem when a markdown.it rule inserts links without a attribute value. There's no test, because it's not reproducible with the markdown rules in core.
2022-06-28 21:27:15 +02:00
Jarek Radosz
39a025c7af
DEV: Allow newer versions of node (#17261)
It should now properly work with 18.x, so we should start moving into direction of it being the default.
2022-06-28 20:52:31 +02:00
Jarek Radosz
4821d44c3c
DEV: Update webpack (#17262) 2022-06-28 14:39:09 +02:00
Jarek Radosz
f505221a9c
DEV: Update ember-cli-terser (#17252) 2022-06-27 18:13:46 +02:00
Jarek Radosz
d1d6868325
DEV: Update xss.js (#17216)
* DEV: Update xss.js

* Fix our hack
2022-06-24 10:28:05 +08:00
Jarek Radosz
f27dddd405
DEV: Make addons buildable on their own (#17205) 2022-06-23 22:19:54 +02:00
Jarek Radosz
16550537d0
DEV: Drop ember-maybe-import-regenerator (#17195)
I believe it's no longer needed on the browsers we support
2022-06-23 15:20:10 +02:00
Jarek Radosz
3cb67fcb6c
DEV: Update ember-cli-htmlbars (#17194) 2022-06-23 14:36:50 +02:00
Jarek Radosz
56d3bd5bdd
DEV: Update @glimmer/component (#17197) 2022-06-23 13:35:42 +02:00
Jarek Radosz
b09cce6897
DEV: Update ember-source-channel-url (#17196) 2022-06-22 00:12:43 +02:00
Jarek Radosz
06feeed187
DEV: Update @ember/optional-features (#17193) 2022-06-22 00:12:33 +02:00
Jarek Radosz
216663effa
DEV: Update ember-cli-dependency-checker (#17192) 2022-06-22 00:12:24 +02:00
Jarek Radosz
b50056a9f3
DEV: Update ember-cli-inject-live-reload (#17191) 2022-06-22 00:12:15 +02:00
Jarek Radosz
9cb9d1105e
DEV: Update ember-auto-import (#17176) 2022-06-21 22:06:41 +02:00
Gerhard Schlager
1c6f8f8a36
DEV: Upgrade Markdown.it to v13.0.1 (#17099)
Updates markdown-it to v13.0.1

Noteworthy changes:
* `markdownit()` is now available on `globalThis` instead of `window`.

* The `text_collapse` rule was renamed to `fragments_join` which affected the `bbcode-inline` implementation.

* The `linkify` rule was added to the `inline` chain which affected the handling of the `[url]` BBCode. If available, our implementation reuses `link_open` and `link_close` tokens created by linkify in order to prevent duplicate links.

* The rendered HTML for code changed slightly. There's now a linebreak before the `</code>` tag. The tests were adjusted accordingly.
2022-06-20 15:25:13 +02:00
David Taylor
166fe3bb34
FIX: Apply 'allowed_href_schemes' to all src/srcset attributes (#16860)
Previously we were only applying the restriction to `a[href]` and `img[src]`. This commit ensures we apply the same logic to all allowlisted media src attributes.
2022-05-19 11:18:30 +01:00
Jarek Radosz
d58a1e180d
DEV: Update ember-try to 2.0.0 (#16606) 2022-05-03 11:04:16 -04:00
Gerhard Schlager
3d62e335f7
FEATURE: Detect emoji from Emoji 14.0 (#16531) 2022-04-22 08:42:15 +02:00
Isaac Janzen
196b791365
DEV: Prioritize full name when display_name_on_posts active (#16078)
See: https://meta.discourse.org/t/display-full-name-not-username-when-attributing-quote-or-reply/203533?u=isaacjanzen for context

The initial release [broke quoting](https://meta.discourse.org/t/quoting-broken-when-name-matches-username/217633?u=isaacjanzen) but we now pass the username when 
```
siteSettings.display_name_on_posts && !siteSettings.prioritize_username_in_ux && post.name
```
as well as the full name to guarantee that we are not getting any mismatches when querying for user / avatar.

eg. 
```
[quote="Isaac Janzen, post:3, topic:7, full:true, username:isaac.janzen"]
bing bong
[/quote]
```
2022-04-20 10:07:51 -05:00
Jarek Radosz
77fed8dfc3
DEV: Update xss.js package (#16398) 2022-04-06 22:49:13 +02:00
Jarek Radosz
06d4445ab0
DEV: Remove deprecated pretty-text functions/file (#16397)
Nothing in all-the* uses those anymore
2022-04-06 22:48:50 +02:00
CommanderRoot
86a783b3ad
DEV: Replace deprecated String.prototype.substr() (#16233)
String.prototype.substr() is deprecated so we replace it with String.prototype.slice() which works similarily but isn't deprecated.

Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2022-04-01 17:35:17 +02:00
David Taylor
720e1ca9e7
FEATURE: Support upload:// urls in img tags (#16277)
Previously, our `upload://` protocol urls were only supported in markdown image tags. This meant that our PullHotlinkedImages job was forced to convert `<img` tags to markdown. Depending on the exact syntax, this can actually cause the image to break.

This commit adds support for `upload://` inside regular HTML `<img` tags. In a future commit, we'll be able to use this to make our PullHotlinkedImages job much more robust.

Context at https://meta.discourse.org/t/152801
2022-03-28 16:46:47 +01:00
Jarek Radosz
b9c90d6a06
DEV: Use Map() to store emoji groups (#16065) 2022-03-05 18:58:49 +01:00
Martin Brennan
cfe4ff8d56
FIX: Make sure html_raw is hoisted in custom markdown cook function (#16050)
When returning the customRenderFn from within buildCustomMarkdownCookFunction
for custom markdown engines (such as the one used by the [chat] transcripts)
we were not hoisting/unhoisting the `html_raw` tokens created by the
transcript, which meant that opts.discourse.hoisted could end up in
a state where it was null, and which caused errors and general unpleasantness.

Instead, we can just call the `cook` function that is already exported
from discourse-markdown-it, that takes care of what we did previously
plus the hoisting.

There is a companion chat commit that adds tests for this, there are
no custom markdown engine usages in core to test with.
2022-02-28 07:54:55 +10:00
Martin Brennan
599a72768c
DEV: Add force_quote_link option to PrettyText (#16034)
This option will make it so the [quote] bbcode will always
include the HTML link to the quoted post, even if a topic_id
is not provided in the PrettyText#cook options. This is so
[quote] bbcode can be used in other places, like chat messages,
that always need the link and do not have an "off-topic" ID
to use.
2022-02-23 16:13:46 +10:00
Bianca Nenciu
add4b74e08
FIX: Load short upload URLs only once (#15918)
Loading did not work when it was used for multiple posts. Only the
short URLs from the first post were loaded.
2022-02-16 08:57:20 +02:00
David Taylor
a01b1dd648
PERF: Update ember-auto-import and webpack (#15919)
This makes a small improvement to 'cold cache' ember-cli build times, and a large improvement to 'warm cache' build times

The ember-auto-import update means that vendor is now split into multiple files for efficiency. These are named `chunk.*`, and should be included immediately after the `vendor.js` file. This commit also updates the rails app to render script tags for these chunks.

This change was previously merged, and caused memory-related errors on RAM-constrained machines. This was because Webpack 5 switches from multiple worker processes to a single multi-threaded process. This meant that it was hitting node's default heap size limit (~500mb on a 1GB RAM server). Discourse's standard install procedure recommends adding 2GB swap to 1GB-RAM machines, so we can afford to override's Node's default via the `--max-old-space-size` flag.
2022-02-14 11:21:39 +00:00
Ayke Halder
5ff3a9c4bb
DEV: add native lazy loading for emojis (#15830) 2022-02-09 12:18:59 +01:00
Joffrey JAFFEUX
b3ecf00c98
DEV: adds initial support for custom blocks using code fencing (#15743)
Allows to write custom code blocks:

```
   ```mermaid height=200,foo=bar
   test
   ```
```

Which will then get converted to:

```
<pre data-code-wrap="mermaid" data-code-height="200" data-code-foo="bar">
  <code class="lang-nohighlight">
    test
  </code>
</pre>
```
2022-02-09 11:23:44 +01:00
David Taylor
4cceb55621
Revert "PERF: Update ember-auto-import (#15814)" (#15854)
This reverts commit f4c6a61855 and a8325c9016

This update of ember-auto-import and webpack causes significantly higher memory use during rebuilds. This made ember-cli totally unusable on 1GB RAM / 2GB swap environments. We don't have a specific need for this upgrade right now, so reverting for now.
2022-02-07 22:41:07 +00:00
Ayke Halder
81e175e6ba
FIX: allow native lazy loading attribute for quoted avatar image (#15834) 2022-02-07 09:28:26 +08:00
David Taylor
f4c6a61855
PERF: Update ember-auto-import (#15814)
This makes a small improvement to 'cold cache' ember-cli build times, and a large improvement to 'warm cache' build times

The ember-auto-import update means that vendor is now split into multiple files for efficiency. These are named `chunk.*`, and should be included immediately after the `vendor.js` file. This commit also updates the rails app to render script tags for these chunks
2022-02-04 11:00:51 +00:00
Martin Brennan
f3467ee673
FEATURE: Add requestCustomMarkdownCookFunction API (#15753)
This commit adds a requestCustomMarkdownCookFunction function
to the `helper` that is provided to custom markdown rules
via their `setup` function.

The way this works is that once the default markdown engine that
we use for cooking posts has been set up, we loop through all
of the callbacks registered by `requestCustomMarkdownCookFunction`
and call `_buildCustomMarkdownCookFunction`. This creates
a new markdown engine using many of the same settings as the
default one, but will allow for the following options to be
changed by the markdown rule requesting the custom function:

* featuresOverride - The markdown-it features to allow for the engine
* markdownItRules - The markdown-it rules to allow for the engine

After this engine is set up a render function which renders + sanitizes
the output is returned for use by the markdown rule.

The use case for this API is mainly for block BBCode markdown rules
which want to render their content with a limited subset of the
markdown features/rules. Our initial use case for this is chat message
quoting.

This commit also does some minor refactoring of discourse-markdown-it
to accommodate this new engine building.
2022-02-04 09:00:40 +10:00
David Taylor
c985f82174
Revert "PERF: Update ember-auto-import (#15695)" (#15805)
This reverts commit 76022132f7. This update introduced 'chunking' of vendored dependencies, which we don't support in the rails app.
2022-02-03 16:54:48 +00:00
David Taylor
76022132f7
PERF: Update ember-auto-import (#15695)
This makes a small improvement to 'cold cache' ember-cli build times, and a large improvement to 'warm cache' build times
2022-02-03 10:01:59 +00:00
Jarek Radosz
6f8c91254e
FEATURE: Partial match aliases in emoji filter (#15613) 2022-02-01 22:36:48 +01:00
Martin Brennan
0b8d0a14d7
DEV: Add markdown_additional_options to Site (#15738)
Sometimes plugins need to have additional data or options available
when rendering custom markdown features/rules that are not available
on the default opts.discourse object. These additional options should
be namespaced to the plugin adding them.

```
Site.markdown_additional_options["chat"] = { limited_pretty_text_markdown_rules: [] }
```

These are passed down to markdown rules on opts.discourse.additionalOptions.

The main motivation for adding this is the chat plugin, which currently stores
chat_pretty_text_features and chat_pretty_text_markdown_rules on
the Site object via additions to the serializer, and the Site object is
not accessible to import via markdown rules (either through
Site.current() or through container.lookup). So, to have this working
for both front + backend code, we need to attach these additional options
from the Site object onto the markdown options object.
2022-01-28 13:02:02 +10:00
Régis Hanol
a582c49601
FIX: possible ReDOS in markdown newline rule (#15646)
Backport ffc49ab46b
2022-01-20 22:32:01 +01:00
Rafael dos Santos Silva
8cfd791e0f
FEATURE: Add missing emojis (#15582)
* FEATURE: Add missing emojis

* More missing emojis
2022-01-14 17:51:13 -03:00
Natalie Tay
dd3ed27930
DEV: Allow utility class domFromString to take in strings with multiple top level elements (#15548)
Previously only `<div>one top element</div>` was allowed because we use `firstChild` instead of `children`.
We also want `<div>one</div><div>two</div>` to work with this method.
2022-01-12 19:49:24 +08:00
Alan Guo Xiang Tan
c2afc3915b FEATURE: Customizable rules and plugins for PrettyText.markdown.
This commit extends the options which can be passed to
`PrettyText.markdown` so that which Markdown-it rules and Discourse
Markdown plugins to be used when rendering a text can be customizable.
Currently, this extension is mainly used by plugins.
2022-01-11 10:39:40 +08:00
Jarek Radosz
2dcad9772f FIX: Don't display duplicated emoji in picker 2022-01-11 10:37:02 +08:00
Rafael dos Santos Silva
06bba76719
DEV: Update emojis constants (#15506)
Follow up to d1cfabd so the new emojis are usable by the app
2022-01-10 14:53:52 -03:00
Alan Guo Xiang Tan
bdc868246f DEV: Removing unused lines of code.
The code had no effect on how the markdown-it is being configured.
2022-01-07 09:06:16 +08:00
Alan Guo Xiang Tan
85e124bae1 DEV: Remove redundant lines of code.
Engines are enabled by default so there is no need to specify Discourse
specific engines in the object.
2022-01-06 09:02:52 +08:00
Joffrey JAFFEUX
cb976ac562
DEV: creates domFromString utility function (#15310) 2021-12-17 09:25:34 +01:00
Penar Musaraj
60851037d8
DEV: Remove unused composer editor preview sync (#15322) 2021-12-16 17:18:54 -05:00
Jarek Radosz
6e8df3d66b
DEV: Deprecate registerOption() (#15209)
It's been a no-op for 5 years now.
2021-12-07 18:33:45 +01:00
Jarek Radosz
de3680eb5c
DEV: Re-allow node 17, with a warning (#15083) 2021-11-24 21:16:33 +01:00
Jarek Radosz
c75224e3d9
DEV: Update supported node versions (#15073)
13 and 15 are no longer supported by node, and issues with discourse dependencies prevent us from using 17. (for now)
2021-11-24 18:18:35 +01:00
Natalie Tay
da9a9a8e65
FIX: Add a confirm and cancel button when editing alt text (#15003) 2021-11-19 10:57:09 +08:00
Jarek Radosz
f414d5eace
DEV: Use method definition syntax consistently (#14915) 2021-11-13 14:01:55 +01:00
Bianca Nenciu
32a174d883
FIX: Use Map instead of Object for caching (#14887)
Objects have default properties, such as "constructor" that can cause
issues when using similar texts as keys.
2021-11-12 15:18:07 +02:00
Natalie Tay
911f9b180a
FIX: Remove xlink:href to favour href due to deprecation (#14854)
Based on docs here https://developer.mozilla.org/en-US/docs/Web/SVG/Element/use#attributes,
the xlink:href attribute is deprecated and we should probably move away from it soon.
2021-11-09 17:49:37 +08:00
Natalie Tay
0b495e9ad4
FEATURE: Allow users to edit alt text from the image preview in the editor (#14480) 2021-11-09 14:34:09 +08:00
Bianca Nenciu
7fb693c8f6
FIX: Generate valid heading ids (#14840) 2021-11-08 20:44:46 +02:00
Bianca Nenciu
19ef6995a8
FIX: Do not replace words in hashtags and mentions (#14760)
Watched words were replaced inside mentions and hashtags when watched
word regular expressions were enabled.
2021-10-29 17:53:09 +03:00
Bianca Nenciu
148ee1d162
FIX: Do not perform link lookup for replaced links (#14742)
A link that was added because a watched word was replaced could create
a notice if the same link was present before.
2021-10-28 13:27:31 +03:00
Joffrey JAFFEUX
76a9ca99a8
DEV: removes jquery usage from onebox (#14683) 2021-10-22 13:15:46 +02:00
Qursch
11763a5e8d
FEATURE: Add reversed and type to allowed attributes (#14626) 2021-10-18 12:11:13 +11:00
Bianca Nenciu
ba81d1853b
FIX: Disable previews if diffhtml is enabled (#14537)
diffhtml should not rerender video and audio elements so there is no
point in having these.
2021-10-08 15:57:08 +03:00
Bianca Nenciu
0532a5a43e
FIX: Do not replace in mentions and hashtags (#14260)
Watched words of type 'replace' or 'link' replaced the text inside
mentions or hashtags too, which broke these. These types of watched
words must skip any match that has an @ or # before it.
2021-09-09 12:03:59 +03:00
Bianca Nenciu
38199424bc
SECURITY: Sanitize d-popover attributes (#13958) 2021-08-05 16:39:17 +03:00
Jarek Radosz
fbd1cd5fe1
DEV: Prevent npm usage (#13945)
We rely on yarn workspaces so we don't want people using npm in the repo by accident.

Also updated the required node version to 12+.

~~Not sure about the min yarn version – the latest one could be missing in various CI-like envs, so I might change it yet.~~
Downgraded yarn to ">= 1.21.1" (the oldest of "current" versions, tagged "legacy")
2021-08-04 22:04:58 +02:00
Mark VanLandingham
9165f0a0f8
DEV: Export pretty text function for plugin use (#13826) 2021-07-22 14:06:46 -05:00
Joffrey JAFFEUX
5eb6e9281a
FIX: manually adds frowning_face_with_open_mouth for apple (#13528) 2021-07-21 23:27:20 +02:00
Bianca Nenciu
74f7295631
FIX: Add word boundaries to replace and tag watched words (#13405)
The generated regular expressions did not contain \b which matched
every text that contained the word, even if it was only a substring of
a word.

For example, if "art" was a watched word a post containing word
"artist" matched.
2021-06-18 18:54:06 +03:00
Bianca Nenciu
d9484db718
FIX: Split link watched words from replace (#13196)
It was not clear that replace watched words can be used to replace text
with URLs. This introduces a new watched word type that makes it easier
to understand.
2021-06-02 15:36:49 +10:00
Jarek Radosz
e06a206131
DEV: Remove cache option from ajax() (#13142)
1. It defaults to `cache: true` already
2. Setting it to `false` for non-GET request doesn't do anything
3. We were correcting `cache: false` GET requests to use `cache: true`

…so setting it to anything at all, for any type of request doesn't make sense (anymore)
2021-05-31 14:41:35 +02:00
Bianca Nenciu
b56e9ad656
DEV: Simplify watched word code (#13103)
* DEV: Use site setting instead

* DEV: Use .length instead of a different property

* DEV: Simplify watched word code
2021-05-27 19:20:26 +03:00
Josh Soref
59097b207f
DEV: Correct typos and spelling mistakes (#12812)
Over the years we accrued many spelling mistakes in the code base. 

This PR attempts to fix spelling mistakes and typos in all areas of the code that are extremely safe to change 

- comments
- test descriptions
- other low risk areas
2021-05-21 11:43:47 +10:00
Bianca Nenciu
c1dfd76658
FIX: Make replace watched words work with wildcard (#13084)
Watched words are always regular expressions, despite watched_words_
_regular_expressions being enabled or not. Internally, wildcard
characters are replaced with a regular expression that matches any non
whitespace character.
2021-05-18 12:09:47 +03:00
Jarek Radosz
582ec198d8
DEV: Update ember-cli across all in-repo addons (#13048)
…to match the version used in the app.
2021-05-12 21:49:55 +02:00
Jarek Radosz
a7a2887df0
DEV: Remove unnecessary yarn.lock files (#13001)
All in-repo ember addons share the same yarn.lock in the yarn workspace: `/app/assets/javascripts/yarn.lock`
2021-05-11 11:15:07 +02:00
Bianca Nenciu
ecc3c404a0
FIX: Cache missing inline oneboxes (#12953)
* FIX: Cache missing inline oneboxes

Some inline oneboxes were not cached when the server did not return an
answer for an URL and the queried URL and the absolute URL were
different.

For example, if user typed www.example.com, the client asked the server
for http://www.example.com and if the server returned an empty response,
then the client would keep requesting an inline onebox everytime the
composer changed.

In other words, the key used for reading (the absolute URL) and the one
used for writing (the URL as typed by the user) were not the same when
the server returned an empty response.

* DEV: Check cache before making request

There is another cache check in PrettyText, but that is not enough if
multiple requests are pending. This problem was made obvious in tests,
but can happen for users with slow connections.
2021-05-06 19:08:04 +03:00
Penar Musaraj
82ecd9fdd5
DEV: tiny refactor in watched words (#12969) 2021-05-06 11:37:05 -04:00
Penar Musaraj
b61d4663ec
FIX: Prevent infinite loop when replacing watched words (#12967) 2021-05-06 11:06:25 -04:00
Joffrey JAFFEUX
0eeedf307a
DEV: replaces huge generated emoji list by a simpler regex (#11053)
Note that this commit is also fixing various mistakes in emojis.

Some of them have been fixed manually in db.json/data.js/groups.json and will need to be fixed in emoji-db gem.
2021-04-22 08:43:06 +02:00
Bianca Nenciu
96a16123d8
FIX: Generate unique HTML heading names (#12705)
Headings with the exact same name generated exactly the same heading
names, which was invalid. This replaces the old code for generating
names for non-English headings which were using URI encode and resulted
in unreadable headings.
2021-04-16 10:54:19 +03:00
Bianca Nenciu
e4e2c7c66f
FIX: Improve anchor links (#12683)
* FIX: Use theme color for anchor icon

* FIX: Do not count anchor links

* FIX: Do not count hashtags links either

* DEV: Add tests for link_count

* FIX: Disable anchors in quotes and preview

* FIX: Try building some anchor slugs for unicode

* DEV: Fix tests
2021-04-14 10:27:07 +03:00
Bianca Nenciu
d7bd62d9cf
FIX: Replace censored watched word consistently (#12486)
Applying oneboxes and replacing censored watched words does not happen
in a strict order which often lead to inconsistencies. This commit
fixes the behavior and will never censor oneboxes.

To make it always censor oneboxes implies significant changes to the
PrettyText pipeline.
2021-03-23 13:09:24 +02:00
Bianca Nenciu
2ad9b3f432
FEATURE: Add anchor links to headings (#12379) 2021-03-23 10:45:06 +02:00
Roman Rizzi
ccc44baa10
FEATURE: Add a typographer rule to replace (pa) with ¶. (#12478) 2021-03-22 15:04:08 -03:00
Roman Rizzi
da210b6d77
FEATURE: Replace markdown-it replacements rule. (#12417)
We override the default replacements rule to no longer replace "(c)", "(p)", and "(p)". Additionally, we merged the custom arrows rule into the replacement function.
2021-03-18 10:55:41 -03:00
Osama Sayegh
d56b2e85aa
FIX: Escape Font Awesome icons (#12421)
This is not a security issue because regular users are not allowed to insert FA icons anywhere in the app. Admins can insert icons via custom badges, but they do have the ability to create themes with JS.
2021-03-17 16:11:40 +03:00
Rafael dos Santos Silva
83f332b5a5
FEATURE: Add a site setting to allow emojis to come from an external URL (#12180) 2021-03-02 16:04:16 -03:00
Bianca Nenciu
533800a87b
Add watched words of type "replace" (#12020)
This commit includes other various improvements to watched words.

auto_silence_first_post_regex site setting was removed because it overlapped
with 'require approval' watched words.
2021-02-25 14:00:58 +02:00
Bianca Nenciu
08acf51be0
FEATURE: Use diffhtml to update composer preview (#11237)
Displaying videos, animated GIFs or any kind of rich content in preview
used to refresh on every keystroke, which could cause performance
problems.
2021-02-18 16:07:26 +02:00
Arpit Jalan
85c4e8fd32
FEATURE: support mark tag (#12088)
This commit adds support for `mark` tag for highlighting text content.
2021-02-15 21:47:30 +05:30
David Taylor
830797a9c3
FEATURE: Allow post/topic thumbnails to be prioritized via markdown (#12044)
Previously we would always take the first image in a post to use as the
thumbnail. On media-heavy sites, users may want to manually select a
specific image as the topic thumbnail. This commit allows this to be
done via a `|thumbnail` attribute in markdown.

For example, in this case, bbb would be chosen as the thumbnail:

```
![alttext|100x100](upload://aaa)
![alttext|100x100|thumbnail](upload://bbb)
```
2021-02-11 15:44:41 +00:00
Robin Ward
61f5d501cb
DEV: Migrate to Ember CLI (#11932)
This encompasses a lot of work done over the last year, much of which
has already been merged into master. This is the final set of changes
required to get Ember CLI running locally for development.

From here on it will be bug fixes / enhancements.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Co-authored-by: romanrizzi <rizziromanalejandro@gmail.com>

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Co-authored-by: romanrizzi <rizziromanalejandro@gmail.com>
2021-02-03 14:22:20 -05:00
Osama Sayegh
6efdeef461
FIX: Emoji search/autocomplete should respect selected skin tone (#11917)
This commit makes our emoji autocomplete in the composer respect the skin tone you select in the emoji picker.
2021-02-01 19:36:35 +03:00
Joffrey JAFFEUX
c6a1042950
DEV: prettier 2.2.1 (#11862) 2021-01-27 12:39:20 +01:00
Roman Rizzi
9e25ab2e96
FEATURE: Replace single dash arrows when the typographer is enabled. (#11730) 2021-01-18 09:03:58 -03:00
Roman Rizzi
118ea89372
FEATURE: Replace arrows when the markdown typographer is enabled. (#11638)
By inserting this rule before markdown-it's replacement rule, we can replace "-->" with "&rarr;", and "<--" with "&larr;".
2021-01-06 12:05:38 -03:00
Rafael dos Santos Silva
c4552e9c10
FIX: Autoplay videos must always be muted (#11533)
This automatically adds the muted attribute if it's missing in a video
tag.

Co-authored-by: David Taylor <david@taylorhq.com>
2020-12-21 14:55:00 -03:00
Roman Rizzi
142e0ae062
Revert "Revert "DEV: Wrap Ember.run.debounce. (#11352)"" (#11509)
* Revert "Revert "DEV: Wrap `Ember.run.debounce`. (#11352)" (#11465)"

This reverts commit aa0d4ea764.

* Correctly debounce onScroll function
2020-12-18 10:18:52 -03:00
Roman Rizzi
aa0d4ea764
Revert "DEV: Wrap Ember.run.debounce. (#11352)" (#11465)
This reverts commit 8b426431a4.
2020-12-10 16:48:25 -03:00
Roman Rizzi
8b426431a4
DEV: Wrap Ember.run.debounce. (#11352)
We want to wrap the `Ember.run.debounce` function and internally call `Ember.run` instead when running tests.

This commit changes discourseDebounce to work the same way as `Ember.run.debounce`.

Now that `discourseDebounce` works exactly like `Ember.run.debounce`, let's replace it and only use `DiscourseDebounce` from now on.

Move debounce to discourse-common to be able to reuse it in different bundles

Keep old debounce file for backwards-compatibility
2020-12-10 11:01:42 -03:00
Roman Rizzi
bbe5d8d5cf
DEV: Sort imports alphabetically (#11382) 2020-12-01 15:31:26 -03:00
Roman Rizzi
1c2358ba16
DEV: Tidy up imports. (#11364)
Only allow one import definition per file and add a new eslint rule to enforce it.
2020-11-27 11:30:16 -03:00
Joffrey JAFFEUX
abb89475a3
FIX: issues with frowning/grinning (#11235)
- frowning was using slighty_frowning
- slightly_frowning was using frowning
- grinning_face_with_smiling_eyes was not defined
- fronwing_face_with_open_mouth was not defined
2020-11-25 09:09:35 +01:00
Krzysztof Kotlarek
dbec3792b7
FIX: pretty text allow list (#10977)
Reword whitelist to allowlist in pretty-text.
This library is used by plugins so we need deprecation notice.
2020-10-28 13:22:06 +11:00
Bianca Nenciu
94cbfa92e1
FEATURE: Show a placeholder instead of videos in preview (#10962)
Adding a video in composer and then continuing to type into it will make the
video element flicker and restart playback on every keystroke, as the preview
is rendered. In certain configurations, this can lead to some performance
problems too.

Onebox already does the same for external videos.
2020-10-20 19:01:32 +03:00
Joffrey JAFFEUX
de94506c1e
FIX: empty highlighted_languages resulted in ["", "auto", "nohighlight"] (#10772) 2020-09-29 14:34:46 +02:00
Joffrey JAFFEUX
c230d2e443
FIX: prevents scrollbar jumping in the emoji picker (#10749)
This was mostly due to `content-visibility: auto;` but setting the width/height is also a good practice.
2020-09-28 13:23:46 +02:00
Robin Ward
ce3fe2f4c4 REFACTOR: Support bundling our admin section as an ember addon 2020-09-22 15:14:29 -04:00
Joffrey JAFFEUX
530d9ab071
DEV: enforces eslint’s curly rule to the codebase (#10720)
eslint --fix is capable of fix it automatically for you, ensure prettier is run after eslint as eslint --fix could leave the code in an invalid prettier state.
2020-09-22 16:28:28 +02:00
Sam Saffron
cba5baa427
FIX: compensate for typographer
typographer can change " to ” leading to breakages in parser

At least codify this. Longer term we want to re-prioritize typographer so
it always runs after bbcode parsing.
2020-09-21 09:44:37 +10:00
Sam Saffron
a91ee45de9
FIX: Nested quotes in BBCode
Previously attributes such as `[test a='a"a' b="a'a"]` were not correctly
handled.

This amends the regex parser to ensure it correctly parses attributes
without breaking incorrectly on the first nested quote
2020-09-21 08:56:25 +10:00
Robin Ward
ba3014f9f9 REFACTOR: Do not rely on module order for discourse-markdown loading
Before this patch, discourse-markdown depended on the modules in its
bundle being defined in a specific order or it wouldn't load properly.

Now, any file in the bundle can export a `priority` const (default 0)
and files will be loaded in order of ascending priority instead. This
allows us to use a bundle packaged in any order we want.
2020-09-18 13:31:55 -04:00
Robin Ward
f3156a6478 REFACTOR: Move the discourse-markdown engine out of the addon repo
The reasoning here is that we want to make a unique bundle for this
folder and the default approach is to include everything in `addon`.
2020-09-18 11:42:22 -04:00
Robin Ward
8c384ae6b8 Create proper shim for xss library - second attempt 2020-09-15 10:42:51 -04:00
Guo Xiang Tan
e3b4632f04
Revert "Create proper shim for xss library"
This reverts commit 30e9112535.
2020-09-15 11:38:40 +08:00
Robin Ward
30e9112535 Create proper shim for xss library 2020-09-14 15:57:32 -04:00
dependabot[bot]
d21119ee4f Build(deps): Bump lodash in /app/assets/javascripts/pretty-text
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20)

Signed-off-by: dependabot[bot] <support@github.com>
2020-09-08 10:25:45 -04:00
dependabot[bot]
27751ca69f
Build(deps): Bump websocket-extensions (#10617)
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:38 +02:00
dependabot[bot]
2cb0f013cc
Build(deps): Bump elliptic in /app/assets/javascripts/pretty-text (#10611)
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:09 +02:00
dependabot[bot]
c119c07fa4
Build(deps): Bump http-proxy in /app/assets/javascripts/pretty-text (#10614)
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:00:10 +02:00
Joffrey JAFFEUX
52672b9eab
DEV: apply new coding standards (#10592) 2020-09-04 13:42:47 +02:00
Robin Ward
3a46e44ed8 Rename merge to deepMerge so it's more clear what it's doing 2020-09-03 10:03:33 -04:00
Robin Ward
c4079780be REFACTOR: Remove _.merge 2020-09-03 10:03:33 -04:00
Robin Ward
0da953b40e REFACTOR: Remove _.compact 2020-09-03 10:03:33 -04:00
Robin Ward
0b098566ff REFACTOR: Remove _.union 2020-09-03 10:03:33 -04:00
Joffrey JAFFEUX
226be994da
REFACTOR: rewrite the emoji-picker (#10464)
The emoji-picker is a specific piece of code as it has very strong performance requirements which are almost not found anywhere else in the app, as a result it was using various hacks to make it work decently even on old browsers.

Following our drop of Internet Explorer, and various new features in Ember and recent browsers we can now take advantage of this to reduce the amount of code needed, this rewrite most importantly does the following:
- use loading="lazy" preventing the full list of emojis to be loaded on opening
- uses InterserctionObserver to find the active section
- limits the use of native event listentes only for hover/click emojis (for performance reason we track click on the whole emoji area and delegate events), everything else is using ember events
- uses popper to position the emoji picker
- no jquery code
2020-08-24 14:20:51 +02:00
Martin Brennan
9022e4516f
FIX: Remove unnecessary audio/video parent element load (#10511)
Meta report: https://meta.discourse.org/t/sending-many-requests-for-video-audio-upload-while-editing-post/161487

When typing in the composer we are sending a lot of unnecessary load() requests for the video/audio elements. This line was added months ago before we improved previewing/video thumbnails, which have improved things, so it is no longer required. After removing this line everything still works and no more additional requests are sent.
2020-08-24 13:18:38 +10:00
Jarek Radosz
be6a73f654 DEV: Fix package.json issues and reroll yarn.lock 2020-08-14 12:00:35 +02:00
Rafael dos Santos Silva
2ea17c06dd
FEATURE: Allow picture HTML element in posts 2020-07-28 20:26:32 -03:00
Rafael dos Santos Silva
c65c3407f8
FIX: Allow playsinline for videos in posts
This is used in webkit browsers mostly.
2020-07-28 19:03:54 -03:00
Jarek Radosz
223b6d17bf DEV: Fix a function name typo 2020-07-27 11:22:57 +02:00
Krzysztof Kotlarek
e0d9232259
FIX: use allowlist and blocklist terminology (#10209)
This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist.
2020-07-27 10:23:54 +10:00
Martin Brennan
62f2e1f971
FIX: Stop double prepending of window.location.origin on media URLs (#10275)
This fixes an issue where sometimes when composing a post and uploading a video/audio file, _loadCachedShortUrls/the uploads controller would return a full URL with origin, instead of just the URL with the host e.g. http://localhost:3000/some/video.mp4 instead of just //localhost:3000/some/video.mp4. We were prepending window.location.origin onto the URL no matter what, and since http://localhost:3000/some/video.mp4 does not match the host URL regex, we were ending up with something like http://localhost:3000http://localhost:3000/some/video.mp4 which broke composer previews. This was only noticed with a video upload in a secure upload environment.
2020-07-22 09:23:55 +10:00
Jarek Radosz
de79f19947
Revert "UX: Style video elements, show descriptions (#10040)" (#10258)
This reverts commit 7d289a4f3e.

Now that 36bad0c31f is in and we have video previews on all platforms, the commit that's being reverted is no longer needed. In the worst case scenario, the video description is clipped under the video poster if the video aspect ratio is other than 16:9. This commit removes descriptions and the custom style for the video elements.

# Conflicts:
#	app/assets/javascripts/pretty-text/addon/engines/discourse-markdown-it.js
#	test/javascripts/lib/pretty-text-test.js
2020-07-17 23:31:01 +02:00
Penar Musaraj
34bbd51350
FIX: regression in secure URL generation, followup to 36bad0c 2020-07-15 18:52:59 -04:00
Penar Musaraj
36bad0c31f
FIX: Preload metadata for audio/video when secure media enabled
Fixes an issue with missing video previews. Should have no side effects now that presigned URLs expire after 5 minutes.
2020-07-15 18:36:51 -04:00
Martin Brennan
af7ce5d6eb
Revert "DEV: Add debug hint in discourse-markdown-it"
This reverts commit 5a4855b992.
2020-07-15 11:23:28 +10:00