Commit Graph

10438 Commits

Author SHA1 Message Date
Sam
48145e8e23 SECURITY: rate limit user/password login 2014-09-25 10:13:13 +10:00
Neil Lalonde
f02898f834 Version bump to v1.0.2 2014-09-23 13:17:32 -04:00
Neil Lalonde
6fe364e7ae SECURITY: rate limit change email requests 2014-09-18 10:49:43 -04:00
Robin Ward
570e3b3e79 SECURITY: Stripping links could unescape html fragments 2014-09-17 12:09:06 -04:00
Robin Ward
e4287d9de9 FIX: Resend activation email was busted 2014-09-16 10:24:02 -04:00
Sam Saffron
6646b23569 SECURITY: Escape strings in logs 2014-09-16 07:54:46 +10:00
Robin Ward
344991adb7 SECURITY: Malformed URL could crash V8 2014-09-12 13:21:04 -04:00
riking
3d3313d5ee SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:21:06 -04:00
Neil Lalonde
1f797d5d31 Version bump to v1.0.1 2014-09-05 12:29:45 -04:00
Sam
d7a2a65f1f SECURITY: GitHub authenticator returning unverified emails 2014-09-03 12:56:02 +10:00
Robin Ward
8ced44a766 SECURITY: User action route was returning too much data 2014-08-29 13:57:47 -04:00
Robin Ward
9ad246affe SECURITY: Only redirect to our host by path on the login action 2014-08-28 17:57:38 -04:00
Neil Lalonde
5db66aeafa Version bump to v1.0.0 2014-08-26 15:24:07 -04:00
Robin Ward
4fec41de23 Merge pull request #2700 from techAPJ/patch-2
Update Translations
2014-08-26 14:56:49 -04:00
Arpit Jalan
02d05ca2ab Update Translations 2014-08-26 23:07:10 +05:30
Neil Lalonde
79e37ad1a8 FIX: thor populate:posts tool needs to use find_by_username 2014-08-26 12:32:17 -04:00
Robin Ward
55249750ff FIX: Some specs were leaking state, causing other tests to run in
different languages and randomly failing with some seeds.
2014-08-26 12:29:46 -04:00
Robin Ward
ec0480233c Merge pull request #2685 from riking/lazyyt-fix
Add dash and plus signs to Twitter key allowed chars
2014-08-26 11:15:29 -04:00
Robin Ward
105959c402 Merge pull request #2696 from riking/errors
Fix "Server Error: [missing {{code}} value]" page
2014-08-26 11:14:57 -04:00
Robin Ward
44a3776ce2 Merge pull request #2698 from Elberet/fix-parser
Fix: dialect block parser should not eat next block's whitespace
2014-08-26 10:55:44 -04:00
Robin Ward
f753c15a30 Merge pull request #2699 from eyalev/fix-db-seed-fu
name_lower can't be nil.
2014-08-26 10:53:58 -04:00
Eyal Levin
94cb0c687b name_lower can't be nil. 2014-08-26 15:25:23 +03:00
Jens Maier
c58565d09f Fix: dialect block parser should not eat next block's whitespace 2014-08-26 14:11:23 +02:00
Jeff Atwood
d63c6292b3 change "Visit Profile" to just "Profile" 2014-08-26 00:37:10 -07:00
Jeff Atwood
553e0290a6 mods can use shield glyph as well, don't need two 2014-08-25 23:49:39 -07:00
Sam
1ccfb4fa20 FIX: crashing job 2014-08-26 16:22:13 +10:00
Jeff Atwood
95f9943d28 remove <br/> from top non-mobile layout 2014-08-25 22:42:41 -07:00
Jeff Atwood
b6b0cd5c15 add glyph to move posts to new topic button 2014-08-25 22:38:28 -07:00
Sam
3ea76815e4 Merge pull request #2686 from meglio/ru-plurals
Update RU pluralization to use 3 keys: one, few, other (as by Transifex)
2014-08-26 12:42:59 +10:00
Sam
f441e4ec03 Merge pull request #2695 from riking/local-onebox-category
Fix local onebox subcategory urls
2014-08-26 12:42:24 +10:00
Sam
c412d74369 HACK: suppress "1 reply" when directly below for quotes posts 2014-08-26 12:00:16 +10:00
Sam
f331855482 FIX: username autocomplete more reliable, cancel old reqs 2014-08-26 11:32:50 +10:00
riking
5261f2e751 Fix "Server Error: [missing {{code}} value]" page
The translation was expecting a non-existent parameter.
2014-08-25 17:20:48 -07:00
riking
41dadcc349 Fix local onebox subcategory urls 2014-08-25 16:47:54 -07:00
Sam
96af48d903 Merge pull request #2694 from riking/logster-link
Fix Logster link by bypassing Ember router
2014-08-26 09:30:16 +10:00
riking
4db5c8d617 Add data-auto-route=true to Logster link 2014-08-25 15:59:48 -07:00
Robin Ward
a568696098 FIX: Add the <br/> without removing stuff 2014-08-25 18:56:27 -04:00
Robin Ward
939b7ce7e2 Revert "FIX: Added <br/> for @coding-horror"
This reverts commit d62218fb5b.
2014-08-25 18:56:27 -04:00
Sam
64331e2ac1 row style is common, its the way we clear divs 2014-08-26 07:41:29 +10:00
Robin Ward
d62218fb5b FIX: Added <br/> for @coding-horror 2014-08-25 17:21:01 -04:00
Robin Ward
8d68e67fc5 Merge pull request #2693 from riking/sorted_badges
Fix the tests
2014-08-25 16:10:37 -04:00
riking
7317c6ed6a Fix tests for new route 2014-08-25 13:07:22 -07:00
Robin Ward
3437e81627 Merge pull request #2691 from fysics/master
Adjust & pngout d-logo-sketch.png
2014-08-25 15:57:13 -04:00
Robin Ward
c820c65172 Merge pull request #2692 from riking/sorted_badges
Sort the badges on the user profile page
2014-08-25 15:56:27 -04:00
Jeff Atwood
de1e0345df proper fix for top page bottom buttons on mobile 2014-08-25 12:55:45 -07:00
riking
234956234b Fix badge type ordering 2014-08-25 12:48:31 -07:00
Jeff Atwood
a11cc46c73 remove global margin right on mobile btn 2014-08-25 12:47:02 -07:00
riking
99c11e2184 Sort the badges on the user profile page
Also clean up UserBadgesController so it isn't doing two things in one
method
2014-08-25 12:40:51 -07:00
Jeff Atwood
024c503870 mobile login tweaks 2014-08-25 12:38:27 -07:00
Robin Ward
ed125975a1 SECURITY: Prefix session key and validate token format. 2014-08-25 15:31:49 -04:00