Commit Graph

12006 Commits

Author SHA1 Message Date
Robin Ward
2f8ab8cd30 SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions 2016-07-28 11:38:12 -04:00
Guo Xiang Tan
0128fdfc46 FIX: Discourse.ajax is deprecated. 2016-07-28 18:20:24 +08:00
Guo Xiang Tan
36ddb1787e FEATURE: Add toggle topic visibility button in popup menu. 2016-07-28 16:57:04 +08:00
Sam
0ba8da9658 reduce amount of cache setting 2016-07-28 10:20:29 +10:00
Sam
83f80341b3 FIX: topic id cache should be a multi process cache 2016-07-28 10:20:14 +10:00
Sam
ab68e0c9db FEATURE: allow "developer" account flagging via developers table
This mechanism for flagging developer accounts will eventually replace
DISCOURSE_DEVELOPER_EMAILS
2016-07-28 10:14:06 +10:00
Sam
f319923753 SECURITY: limit route access when using external avatars 2016-07-28 09:04:32 +10:00
Sam
c6dbaca0dc SECURITY: disable user entered badge SQL by default
- Hidden site settings now must be change via rails console
2016-07-28 09:03:00 +10:00
Sam
cb3afd11b4 SECURITY: limit route access when using external avatars 2016-07-28 09:00:43 +10:00
Régis Hanol
e848c336bb FIX: only prevent clicks on links in the preview 2016-07-27 20:53:45 +02:00
Régis Hanol
c4b52b1a19 GET is a more RESTy verb for '/users/:username/emails' 2016-07-27 20:15:28 +02:00
Régis Hanol
6dac9075dc new 'convert_pasted_images_quality' site setting 2016-07-27 19:59:44 +02:00
Régis Hanol
be099bb637 only convert pasted images to HQ jpg when it's at least 5% smaller 2016-07-27 19:55:13 +02:00
Régis Hanol
ea59283c1e FIX: PM automatic groups via URL 2016-07-27 19:16:31 +02:00
Régis Hanol
11172b7c2d FIX: cropping GIF wasn't working 2016-07-27 18:48:02 +02:00
Jeff Atwood
f8144f07fd purge 2x the unactivated old users 2016-07-27 03:29:00 -07:00
Andre Pereira
8cbd585e20 FEATURE: Allow staff users to merge posts. 2016-07-27 12:04:14 +08:00
Neil Lalonde
3af27a6d83 FIX: category settings should not limit number of tags 2016-07-26 16:04:11 -04:00
Neil Lalonde
3c0df3510a FIX: tags index should show all tags belonging to a category even if they have never been used 2016-07-26 16:04:11 -04:00
Robin Ward
5ba8612fa8 UX: Button had wrong margin on iOS 2016-07-26 15:10:14 -04:00
Robin Ward
424bb143db FIX: Jump to post on iOS was broken - replace with prompt 2016-07-26 15:08:04 -04:00
Neil Lalonde
de99853dee FIX: routes for tag nav items 2016-07-26 12:39:36 -04:00
Robin Ward
fbfd3124a0 Whitelist some more tags and add extra tests 2016-07-26 11:02:09 -04:00
Guo Xiang Tan
2242568507 UX: Missing spinning wheel on topics list. 2016-07-26 17:31:28 +08:00
Guo Xiang Tan
47c835f0f0 UX: Missing spinning wheel on user topics list. 2016-07-26 17:17:39 +08:00
Sam
521d3d11f2 allow some more tags through 2016-07-26 09:43:30 +10:00
Jeff Atwood
41dda1882e let's expire all emoji 2016-07-25 15:38:13 -07:00
Régis Hanol
749b981759 FEATURE: new 'convert_pasted_images_to_hq_jpg' site setting 2016-07-25 23:01:28 +02:00
Neil Lalonde
ece4fa82c9 FIX: add canonical link to tags topic lists 2016-07-25 16:16:19 -04:00
Neil Lalonde
11b3b5e30a FIX: when topic list is filtered by tag and category, subsequent page fetches would ignore the category filter 2016-07-25 16:16:18 -04:00
Robin Ward
3200d836f7 FIX: After uploading an image the selection was not in the correct spot 2016-07-25 15:31:21 -04:00
Robin Ward
215eae9972 FIX: Add a title to the groups pages 2016-07-25 14:24:43 -04:00
Régis Hanol
b0f7e4ba00 FEATURE: deactive users after too many bounces 2016-07-25 18:57:06 +02:00
Neil Lalonde
e52c0e2087 FIX: tag filter shows when "no tags" is selected 2016-07-25 12:13:07 -04:00
Robin Ward
b617557cb4 FIX: Emoji update job was not being queued 2016-07-25 12:11:36 -04:00
Régis Hanol
d2e22ab215 extract bounce scores into site settings 2016-07-25 17:27:28 +02:00
Sam
a4aedddd38 shuffle code around so excerpt is not messed up 2016-07-25 17:12:01 +10:00
Sam
12ecf8624a FIX: tokenize words with dots correctly
hello.world is now tokenized as "hello.world" and "world" that way the word
"world" will find the post with "hello.world"
2016-07-25 16:26:33 +10:00
Sam
df535c6346 FEATURE: refresh session cookie at most once an hour
This feature ensures session cookie lifespan is extended
when user is online.

Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Arpit Jalan
a9207dafa7 FEATURE: configure session time via site setting for all the users (#4343) 2016-07-23 02:57:30 +05:30
Robin Ward
b2289d733f List the "Watching First Post" tags on preferences 2016-07-22 16:16:45 -04:00
Robin Ward
944b2aabfe Emoji sets shouldn't be root level keys 2016-07-22 15:27:51 -04:00
Robin Ward
16a67ad418 FEATURE: Win10 Anniversary Emoji set 2016-07-22 15:07:05 -04:00
Robin Ward
c28dd826fe UX: Focus on usernames if creating a PM from your user page 2016-07-22 13:56:17 -04:00
Robin Ward
af266acac1 FIX: Plugin Custom emoji weren't working correctly on the server side 2016-07-22 12:59:43 -04:00
Sam
12dc511fea PERF: make score calculator cheaper when site has long topics 2016-07-22 09:48:44 +10:00
Robin Ward
c279889191 FIX: Watching First Post in groups was working incorrectly 2016-07-21 15:05:10 -04:00
Robin Ward
87b52e4cea FIX: Support emoji in "Popular Links" 2016-07-20 16:46:19 -04:00
Neil Lalonde
7c092b0fe0 FEATURE: add filter to show topics that have not been tagged 2016-07-20 16:21:51 -04:00
Robin Ward
8e87a727ef FIX: Add topic entrance to mobile categories page when clicking count 2016-07-20 16:08:58 -04:00
Robin Ward
cc976e3046 FIX: Don't lose focus when refreshing user results 2016-07-20 15:37:32 -04:00
Robin Ward
078f6c3fb5 FIX: Consistency with HTML anchors 2016-07-20 15:13:56 -04:00
Robin Ward
e09a304122 FIX: Jumping within a topic should respect anchors 2016-07-20 14:39:26 -04:00
Robin Ward
b9177af1eb FIX: Protocol-less links that begin with a shouldn't error 2016-07-20 13:44:12 -04:00
Robin Ward
16383a1749 FIX: Also support just open 2016-07-20 13:30:36 -04:00
Robin Ward
7dd4470075 FIX: Allow div align 2016-07-20 12:39:12 -04:00
Robin Ward
e7e6840803 FIX: I shouldn't commit while tired :) 2016-07-20 10:42:35 -04:00
Régis Hanol
af53d37e47 FEATURE: add plugin-outlets from groups & categories incoming emails 2016-07-20 16:00:30 +02:00
Régis Hanol
fe080f5c57 FIX: allows plugin-outlets to use to block syntax 2016-07-20 15:59:25 +02:00
Robin Ward
ad7e2f15c7 Support linking to anchored headings in the first post 2016-07-19 17:05:45 -04:00
Robin Ward
09be741820 FIX: Don't alert on new posts in a topic unless it's a new record 2016-07-19 15:57:05 -04:00
Robin Ward
8141e1d9bc FIX: details fixes with extra formatting 2016-07-19 15:14:55 -04:00
Neil Lalonde
f9d0fea0ad FIX: user tag prefs should allow any tag and any number of tags 2016-07-19 12:39:11 -04:00
Neil Lalonde
fa9d8bd8bd FIX: category settings shouldn't limit tag input size 2016-07-19 12:30:02 -04:00
Jeff Atwood
bd88d05ac6 missed a spot for dismiss new 2016-07-19 01:05:28 -07:00
Arpit Jalan
f1566ef80b FIX: escape comma in exported CSV file 2016-07-19 13:19:46 +05:30
Guo Xiang Tan
1ea1cefb35 Extract Nginx log analyzer into a plugin that ships with Discourse. 2016-07-19 15:44:00 +08:00
Jeff Atwood
0bafb52a03 add fa-check to dismiss to match notifications 2016-07-19 00:41:59 -07:00
Guo Xiang Tan
cd5842d38b SECURITY: Possible SQL injection. 2016-07-19 13:03:00 +08:00
Sam
1c964bf730 PERF: cache category topic ids 2016-07-19 12:34:54 +10:00
Sam
c1a01b2a28 PERF: limit maximum number of topic links to 50
When a giant topic has huge numbers of links only show top 50
if expanded from the show more links... button.
2016-07-19 10:55:35 +10:00
Guo Xiang Tan
57f1bf1ddd UX: Better handle width for fields in sign up form. 2016-07-18 17:28:13 +08:00
Guo Xiang Tan
da21fad10b SECURITY: Possible SQL injection. 2016-07-18 15:35:41 +08:00
Vinoth Kannan
e99a73e16d New AWS S3 Storage Mumbai region added (#4335)
* ap-south-1 region added

* Update client.en.yml

* ap-south-1 region added
2016-07-18 09:03:26 +02:00
cpradio
64bdededd3 Allow plugins that implement OAuth and OAuth2 to show up under associated accounts in the Admin area. (#4333) 2016-07-18 09:02:41 +02:00
Sam Saffron
46b34e3c62 FEATURE: remove user option for edit history public
Users can no longer opt-in for "public" edit history
if site owner disables it.

This feature adds cost and complexity to post rendering since
user options need to be premeptively loaded for every user in the
stream. It is also confusing to explain to communities with private edit
history.
2016-07-16 21:30:00 +10:00
Sam Saffron
9893953f62 PERF: no need to nest a transaction when featuring topics
adding featured topics is already in a transaction, no need to nest
2016-07-16 15:36:40 +10:00
Sam Saffron
4cef1c1750 PERF: stop featuring users on categories
(this feature has long been removed, no need to run expensive queries
every 15 minutes)
2016-07-16 15:33:57 +10:00
Neil Lalonde
a74606c87c PERF: tag groups index query 2016-07-15 17:16:26 -04:00
Neil Lalonde
61ada93a99 FIX: category settings showed top tags instead of tag settings 2016-07-15 14:08:42 -04:00
Régis Hanol
7848a84e0e FIX: ensure summary emails have the 'List-Unsubscribe' header set 2016-07-15 11:39:29 +02:00
Jeff Atwood
802b502818 I think check works better for dismiss 2016-07-15 00:59:23 -07:00
Guo Xiang Tan
a604c6393d UX: Add icon to dismiss notifications button. 2016-07-15 12:11:58 +08:00
Neil Lalonde
ba637e40b6 FEATURE: Google Tag Manager Universal Analytics support 2016-07-14 16:35:20 -04:00
Hu Ming
f8a12d4940 Add support for AWS cn (#4327) 2016-07-14 16:56:09 +02:00
Robin Ward
e5bbfe1f1b Lint inner function declarations to prevent Safari breakage 2016-07-14 10:22:39 -04:00
Sam Saffron
bea06afd3d UX: suppress description excerpt on mobile 2016-07-14 22:38:16 +10:00
Sam Saffron
fa8ba3b408 UX: don't expand pinned on mobile categories page 2016-07-14 22:30:51 +10:00
Sam Saffron
3dcd6edb46 FEATURE: stage post in stream on edit 2016-07-14 22:20:43 +10:00
Jeff Atwood
1386f9c8c9 make the activate account button a btn-primary 2016-07-14 03:40:55 -07:00
Régis Hanol
7b6d946613 FIX: searching received emails for TO was broken 2016-07-13 22:43:25 +02:00
Robin Ward
00e45c0d3c FIX: Safari strict mode errors 2016-07-13 15:36:34 -04:00
Robin Ward
29c9979b9b Deprecate the BBCode module too for plugins that reach in there. 2016-07-13 14:05:54 -04:00
Neil Lalonde
5e8cfe8cef tag group input needs to be bigger 2016-07-13 13:55:42 -04:00
Arpit Jalan
c7bbc1cebf update onebox gem 2016-07-13 21:54:49 +05:30
Guo Xiang Tan
5fed886c8f FIX: Update post replies when we move posts. (#4324) 2016-07-13 17:34:21 +02:00
Guo Xiang Tan
c3cab98998 FEATURE: Admins should be able to create polls even when plugin is disabled. 2016-07-13 18:05:19 +08:00
Guo Xiang Tan
973a7c9d3a FIX: Redeeming an invitation fails if inviter has been destroyed. 2016-07-13 11:58:31 +08:00
Sam Saffron
f369d492b3 FEATURE: stop linking to last post in crawler view
This only makes stuff harder for google AND does not even function correctly
2016-07-12 21:11:33 +10:00
Sam Saffron
86b3de510b UX: staged posts show up with opacity 0.4 till on server 2016-07-12 17:03:42 +10:00