Commit Graph

10 Commits

Author SHA1 Message Date
Régis Hanol
de76b512c1 fix most deprecations in the specs (still some left) 2014-09-25 17:44:48 +02:00
Neil Lalonde
74f1c553e3 FIX: 1868 Security: Dangerous Send 2014-01-27 13:05:51 -05:00
Régis Hanol
8d73b7f94d BUGFIX: hide sensitive site settings 2014-01-06 13:03:53 +01:00
Neil Lalonde
1d030666d8 Log site setting changes and show in admin 2013-08-19 16:58:38 -04:00
Neil Lalonde
82b5f57e40 Make it possible to set a site setting to empty string 2013-06-11 14:31:38 -04:00
Neil Lalonde
811a0df68b Make s3 region site setting a drop down 2013-06-11 14:24:04 -04:00
Neil Lalonde
5ff7e570ac Add support for enum site settings that render as a dropdown; use a dropdown for default_locale 2013-06-11 11:40:14 -04:00
Ian Christian Myers
0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Gosha Arinich
cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Robin Ward
21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00