discourse

github-mirror/discourse

Fork 0

mirror of https://github.com/discourse/discourse.git synced 2024-11-26 10:13:45 +08:00

Commit Graph

Author	SHA1	Message	Date
Renato Atilio	75e4b8f330	UX: limit "outputs HTML" watched word option to replacements (#28063 ) We were displaying the "outputs HTML" option in all watched word actions, while it's only supposed to be used in the Replace action.	2024-07-25 16:25:56 -03:00
Vinoth Kannan	7b53e610c1	SECURITY: limit the number of characters in watched word replacements. The watch words controller creation function, create_or_update_word(), doesn’t validate the size of the replacement parameter, unlike the word parameter, when creating a replace watched word. So anyone with moderator privileges can create watched words with almost unlimited characters.	2024-07-15 19:25:17 +08:00
Régis Hanol	f4acb43ee7	DEV: add watched words system spec	2024-04-30 19:16:47 +02:00

Author

SHA1

Message

Date

Renato Atilio

75e4b8f330

UX: limit "outputs HTML" watched word option to replacements (#28063 )

We were displaying the "outputs HTML" option in all watched word actions, while it's only supposed to be used in the Replace action.

2024-07-25 16:25:56 -03:00

Vinoth Kannan

7b53e610c1

SECURITY: limit the number of characters in watched word replacements.

The watch words controller creation function, create_or_update_word(), doesn’t validate the size of the replacement parameter, unlike the word parameter, when creating a replace watched word. So anyone with moderator privileges can create watched words with almost unlimited characters.

2024-07-15 19:25:17 +08:00

Régis Hanol

f4acb43ee7

DEV: add watched words system spec

2024-04-30 19:16:47 +02:00

3 Commits