Sam
3fee06ae59
improve prev hack
2018-04-30 15:57:58 +02:00
Sam
2e0189afe9
FIX: dragging of timeline was flaky on iOS
2018-04-30 15:57:52 +02:00
Neil Lalonde
3b220d6102
Version bump to v1.9.6
2018-04-24 10:38:53 -04:00
Arpit Jalan
8d1e8fa712
SECURITY: do not show private topic title on /unsubscribed page
2018-04-16 20:05:31 +05:30
Régis Hanol
940b3a7c74
SECURITY: prevent XSS when showing diffs
2018-04-16 15:47:48 +02:00
Arpit Jalan
3edd6622df
SECURITY: santize tags when creating new topic via URL
2018-04-16 01:07:47 +05:30
Arpit Jalan
27972c1202
SECURITY: escape HTML entities from topic title
2018-04-16 01:05:56 +05:30
Arpit Jalan
411696b85e
SECURITY: do not disclose topic titles on /unsubscribed page to unauthorized users
2018-04-16 01:05:56 +05:30
Neil Lalonde
0bf1c476d7
Version bump to v1.9.5
2018-04-13 10:06:17 -04:00
Guo Xiang Tan
9c2be4dcac
FIX: Restorer wasn't rolling back if restore fails.
...
* This only applies to backup file taken with
pg_dump 10.3+ and pg_dump 9.5.12+.
2018-04-06 09:45:42 +08:00
Guo Xiang Tan
c39167f5da
Fix incorrect function name.
2018-04-05 07:22:10 +08:00
Guo Xiang Tan
f038903423
Clean up unused function left in the database.
2018-04-05 07:22:03 +08:00
Michael Brown
6307790168
backup restorer: tidy pg_dump schema portability logic, add test
2018-04-04 16:51:25 +08:00
Michael Brown
6691a400da
restorer: clarify logging
2018-04-04 16:51:20 +08:00
Guo Xiang Tan
e2f6d8b5ca
FIX: Restorer was not extracting the patch version in dump file.
2018-04-04 16:51:00 +08:00
Guo Xiang Tan
833314f4b4
Improve grep pattern in restorer.
2018-04-04 16:50:50 +08:00
Guo Xiang Tan
837c0b9a77
Fix version check in restorer.
2018-04-04 16:50:40 +08:00
Guo Xiang Tan
3bccd8c8f3
FIX: Restore process for dump taken with pg_dump
10.3+.
...
* Since we can no longer restore into a different schema,
we will move tables in the public schema into the backup schema
first before restoring the dump file which goes into the public
schema. The downside to this approach is that we will increase
the downtime experienced during the restore process. Downtime
would equal the duration of restoring the dump file.
2018-04-04 16:50:27 +08:00
Will Jordan
ab1ca72865
single quote password in restore command
...
> Followup to #3283 . Quotes passwords passed to shell for backup restore.
2018-04-04 16:50:08 +08:00
Sam
c2ff0f1f3c
Update libv8 from 5.9 to 6.3
2018-04-04 16:44:22 +08:00
Neil Lalonde
e24d25ce01
Version bump to v1.9.4
2018-03-07 15:16:48 -05:00
Neil Lalonde
e23b8e7905
SECURITY: sanitize topic title when staff is viewing a user's past flagged posts and deleted topics
2018-03-02 11:59:36 -05:00
Sam
e7f83358aa
SECURITY: ensure users have permission when moving categories
2018-03-02 12:13:53 +11:00
Neil Lalonde
a745aa4a3e
Version bump to v1.9.3
2018-02-15 17:46:48 -05:00
Sam
7174b100f9
SECURITY: correct local onebox category checks
2018-02-14 10:44:06 +11:00
Robin Ward
f655936b9d
SECURITY: Prevent robots from indexing more routes
...
These routes could contain sensitive material and should never be
indexed for content.
2018-02-04 13:27:33 -05:00
Neil Lalonde
670450bcfc
Version bump to v1.9.2
2018-01-23 16:50:09 -05:00
Gerhard Schlager
0ee2c2363b
SECURITY: email domain whitelist could be bypassed
2018-01-17 21:49:43 +01:00
Neil Lalonde
b9bc27e539
Version bump to v1.9.1
2018-01-11 15:09:48 -05:00
Arpit Jalan
a13b8182e9
FIX: rescue login required / broken images
2018-01-11 14:30:34 -05:00
Arpit Jalan
f752c22104
FIX: handle invalid password reset token
2018-01-11 14:30:32 -05:00
Vinoth Kannan
8875993ae1
FIX: URI must be ascii only for URI.parse command
2018-01-11 14:30:29 -05:00
Arpit Jalan
243643bf76
FIX: render error message when backup download fails
2018-01-11 14:30:26 -05:00
Joffrey JAFFEUX
253711c233
FIX: correct shushing_face name
2018-01-11 14:30:22 -05:00
Arpit Jalan
bb4eab1267
FIX: do not create duplicate topics
...
https://meta.discourse.org/t/duplicate-http-https-topics-are-randomly-created/77190
2018-01-11 14:30:19 -05:00
Guo Xiang Tan
7c03b31006
Make rubocop happy.
2018-01-04 09:05:22 +08:00
Neil Lalonde
eaf083f9f0
Version bump to v1.9.0
2018-01-03 16:49:31 -05:00
Neil Lalonde
f83a39f8ba
Merge master
2018-01-03 16:49:06 -05:00
Robin Ward
df163cbf61
Add a deleted-post
class to the deleted post action
2018-01-03 13:56:47 -05:00
Robin Ward
dbd2d29abe
Allow the deleted post indicator on a post to be extended.
2018-01-03 13:34:26 -05:00
Neil Lalonde
e3965b4492
Update translations
2018-01-03 12:21:03 -05:00
Gerhard Schlager
ceb7590bcb
FIX: bounced email can contain multiple status codes
2018-01-03 17:59:20 +01:00
Arpit Jalan
7ca2e6a80c
fix the build
2018-01-03 17:35:36 +05:30
Arpit Jalan
06e509057e
FIX: handle missing user records
2018-01-03 17:18:13 +05:30
Guo Xiang Tan
ad02437358
FIX: Missing post/topic created web hooks due to race condition.
2018-01-03 17:24:01 +08:00
Guo Xiang Tan
9644569a28
FIX: Wildcard webhooks could send duplicated events.
2018-01-03 17:00:44 +08:00
Joffrey JAFFEUX
b295c03001
FIX: select single choice as default when building a poll
2018-01-03 09:23:15 +01:00
Guo Xiang Tan
647cf7545d
Fix randomly failing spec.
2018-01-03 14:42:16 +08:00
Guo Xiang Tan
af1e2865f7
Re-introduce ability to handle basic authentication in smoke tests.
2018-01-03 14:24:06 +08:00
Kris
73912ebc12
UX: Adjusting color on composer box-shadow
2018-01-02 21:29:16 -05:00