Commit Graph

3173 Commits

Author SHA1 Message Date
Neil Lalonde
7a81669c18 SECURITY: don't allow re-using the current password during password reset 2016-08-24 12:27:21 -04:00
Régis Hanol
038eb6f645 FIX: translations with a symbol as key should also be overridable 2016-08-24 11:53:03 +02:00
Robin Ward
c3a3aff120 FEATURE: Support for a whitelist for embeddable host paths 2016-08-23 14:56:12 -04:00
Robin Ward
1468616465 FIX: Support links with google analytics tracking and hashes 2016-08-23 12:13:31 -04:00
Guo Xiang Tan
17f0727b04 FIX: Don't track user profile view when viewed by system user. 2016-08-23 16:25:31 +08:00
Robin Ward
884bdf7240 FEATURE: Ability to scrub titles when importing embeddable content 2016-08-22 12:43:02 -04:00
Arpit Jalan
4a2f0e772c add specs for post ownership change without revision 2016-08-20 01:27:48 +05:30
Robin Ward
4061725a95 FIX: Don't ever grant badges when they're disabled 2016-08-19 15:16:37 -04:00
Guo Xiang Tan
3141c179f7 REFACTOR: Get bucket name from S3Helper. 2016-08-19 14:08:37 +08:00
Régis Hanol
eb953c0904 FIX: /categories page on mobile 2016-08-19 01:47:00 +02:00
Neil Lalonde
7195a103ab FEATURE: digests choose topics you're watching or tracking first 2016-08-18 17:16:52 -04:00
Guo Xiang Tan
9a6f54de6c Allow other directories to be specified when accessing fixtures. 2016-08-18 16:34:43 +08:00
Sam
3ea68f8f6c tweak headers so they can be consumed 2016-08-18 14:38:33 +10:00
Régis Hanol
45b1f9c0d3 fix smoke test 2016-08-17 23:59:18 +02:00
Régis Hanol
6d1d7b7c8f UX: new /categories layout 2016-08-17 23:23:16 +02:00
Neil Lalonde
d079f69b7b FEATURE: add flair to avatars using new settings in the groups admin UI 2016-08-17 15:13:15 -04:00
Sam
a25a8115e8 FEATURE: support HEAD request to /user-api-key/new
This allows us to cleanly sniff to find if it exists
2016-08-17 09:58:19 +10:00
Guo Xiang Tan
7ff1f6cb9d Allow custom bucket name for FileStore::S3Store. 2016-08-16 15:25:42 +08:00
Sam
416e7e0d1e FEATURE: basic UI to view user api keys 2016-08-16 17:06:52 +10:00
Neil Lalonde
3b792054f2 Merge pull request #4387 from gdpelican/feature/tags-intersection
FEATURE: Tags intersection page
2016-08-15 16:24:29 -04:00
Neil Lalonde
5849c345cc FEATURE: digest emails will try to choose topics from your tracked and watched categories first 2016-08-15 16:16:04 -04:00
James Kiesel
554d15fdd4 Add extra spec for topic_query 2016-08-15 15:42:06 -04:00
James Kiesel
037e9bb7b8 Support any number of tag intersections 2016-08-15 15:30:17 -04:00
Guo Xiang Tan
0433163866 FEATURE: Support subfolders in SiteSetting.s3_backup_bucket. 2016-08-15 16:14:51 +08:00
Sam
fc095acaaa Feature: User API key support (server side implementation)
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
Guo Xiang Tan
aa5de3c40a FEATURE: Support subfolders in S3 bucket name.
This commit also fixes a bug where s3 uploads are not
moved to a tombstone folder when removed.
2016-08-15 13:07:41 +08:00
Guo Xiang Tan
3378ee223f FIX: Incorrect path being passed to S3Store#remove_file. 2016-08-15 11:35:30 +08:00
Robin Ward
aef954784a FIX: nofollow was being added during post processing when it shouldn't 2016-08-12 15:35:13 -04:00
James Kiesel
7e73b933c7 First pass 2016-08-12 15:28:46 -04:00
Régis Hanol
7db2083d45 FIX: 'cancel_scheduled_job' was deleting all jobs in multisite 2016-08-12 13:10:52 +02:00
Sam
7e4503dd99 FEATURE: basic info route for all sites, even ones that require login
This information is public in meta tags already on home page, providing a
route allows consumers to check it way more cheaply
2016-08-12 17:10:35 +10:00
Sam
afaba56de3 FEATURE: missing API endpoint for topic tracking states 2016-08-12 17:10:35 +10:00
Robin Ward
7e165d031b FIX: Short terms will be searched for if at least one is long enough 2016-08-11 11:53:14 -04:00
Guo Xiang Tan
6075debc90 Add specs to hidding settings when shadowed by a global. 2016-08-11 16:04:45 +08:00
Guo Xiang Tan
11afb20772 SECURITY: Escape HTML in filename. 2016-08-11 11:27:12 +08:00
Guo Xiang Tan
6288d4c995 FIX: Revised post not updated correctly when merging posts. 2016-08-11 09:01:54 +08:00
Robin Ward
fc311dbe3b FEATURE: An option to search more recent posts for very large sites.
On very large forums searching posts can be slow, so this commit
introduces the ability to try and search only the most recent posts
first, and then going for a larger breadth search if there aren't
enough results.

Enable `search_prefer_recent_posts` and you can customize how many
recent posts to filter with `search_recent_posts_size`
2016-08-10 15:43:42 -04:00
Régis Hanol
e55e2aff94 FIX: FirstReplyByEmail badge wasn't granted
DEPRECATED: PostProcess badge trigger
2016-08-10 19:24:01 +02:00
Robin Ward
cc366d5a60 FIX: Search in non-english should have a smaller minimum 2016-08-09 15:20:28 -04:00
Robin Ward
28436a604a FIX: Prevent tricking the search from ignoring minimum lengths 2016-08-09 14:49:46 -04:00
Régis Hanol
282f9948cb FIX: wasn't able to update category's settings 2016-08-09 20:14:49 +02:00
Sam
5cc8bb535b SECURITY: do cookie auth rate limiting earlier 2016-08-09 10:02:18 +10:00
Régis Hanol
51322a46b3 FEATURE: retry processing incoming emails on rate limit 2016-08-08 22:28:27 +02:00
Neil Lalonde
17b51bb465 FIX: topics tagged with muted tags should not be included in digest emails 2016-08-08 15:14:25 -04:00
Robin Ward
fb1b119462 Merge pull request #4342 from acshi/embeddedhost-localhost
Allow localhost as an embeddable host
2016-08-08 14:31:58 -04:00
Robin Ward
8b252f19d7 Merge pull request #4365 from gdpelican/fix/daily-mlm-notifications
Don't halt notification emails for those on daily mailing list mode
2016-08-08 14:30:56 -04:00
Robin Ward
3d62e5dd98 SECURITY: XSS issue on Admin users list 2016-08-05 12:01:16 -04:00
Robin Ward
429f27ec96 SECURITY: Avoid mass assignment on user create 2016-08-05 11:57:13 -04:00
Régis Hanol
d0962d6e5a FIX: serve category images from the CDN 2016-08-05 13:03:49 +02:00
Robin Ward
e5b529f8e1 FIX: Couldn't move posts with deleted replies 2016-08-04 11:56:01 -04:00