Commit Graph

20452 Commits

Author SHA1 Message Date
Robin Ward
5bf3a00328 FIX: Ignored flags should not count in your accuracy score 2019-09-17 14:54:20 -04:00
David Taylor
3da9b99dbf FIX: Live reload plugin stylesheets when the color scheme changes 2019-09-17 09:54:55 +01:00
David Taylor
081c36a459 FIX: Do not include theme variables in plugin SCSS, and fix register_css 2019-09-17 09:54:52 +01:00
Arpit Jalan
4a11e7ee56 fix the build. 2019-09-17 13:00:41 +05:30
Arpit Jalan
671ffc4e06 FIX: do not allow posting of category topic template without any changes 2019-09-17 12:32:46 +05:30
Kyle Zhao
fb200e3055 FIX: Escape $ in translations before interpolating (#8100)
The dollar sign (`$`) is a special replace pattern, and `$&` inserts the
matched string. Thus dollars signs need to be escaped with the special
pattern `$$`, which inserts a single `$`.
2019-09-16 13:52:49 -04:00
David Taylor
7c494cc631 DEV: Live-reloading of core/plugin CSS alongside preview_theme_id
In development, we track the last requested theme id, and use that to refresh the correct stylesheet targets. The after_action hook runs on every request, but the preview_theme_id parameter is only sent on the initial HTML request. This commit ensures we only fetch the development theme_id on HTML requests
2019-09-16 17:27:19 +01:00
Dan Ungureanu
520d54d85f
FIX: Open drafts for PMs from Activity > Drafts screen.
Draft.get sometimes returns only the sequence number.
2019-09-16 16:24:42 +03:00
David Taylor
39f7e98b60
FIX: Ensure page is reloaded correctly when a hash is present (#8096)
To demonstrate the issue:
- Visit https://meta.discourse.org/#somethingHere while logged in
- Click "log out"
- You will be logged out, but the page will not be reloaded

Setting `window.location.pathname = "/"` will not reload the page if there is a hash present. Using `window.location = "/"` gives us the desired behavior.
2019-09-16 13:27:12 +01:00
romanrizzi
08b7a3fdfe Fix: Don't show non-members as readers when the post is a whisper 2019-09-13 17:14:31 -03:00
Roman Rizzi
1576b07a10
FIX: Improve protection against problematic usernames (#8097) 2019-09-13 15:11:27 -03:00
David Taylor
98719bee10 FIX: Load raw hbs templates correctly from theme javascripts folder 2019-09-13 18:01:16 +01:00
David Taylor
b0211772cb FIX: Explicitly specify the format when loading /associate/{{token}}
In IE11, the browser returns the cached HTML response, rather than the JSON formatted response. A better solution may be to add a `Vary: Accept` header to all of our HTML responses, but this commit should solve the immediate issue.
2019-09-13 17:22:57 +01:00
Régis Hanol
0cfe47471f FIX: add support for version query parameter in InlineUploads 2019-09-13 18:21:19 +02:00
Kyle Zhao
f0f03acb2c FIX: Do not escape fancy_title again. (#8095)
`fancy_title` is already escaped by Rails. Escaping it again would print
the HTML entity as-is, e.g. `"` instead of `"`.

This fixes the issue by introducing a new `escapedContent` attribute on
the `QuickAccessItem` widget.
2019-09-13 10:04:14 -04:00
Penar Musaraj
6bbda8eae9 FIX: Do not show latest count in tabs on tag lists 2019-09-12 22:42:48 -04:00
Régis Hanol
aa511c5b59 FIX: support <img> in code blocks when inlining uploads
Simpler code is better :)

Also added moar specs to ensure <img> tag inside code blocks are properly ignored.
2019-09-12 21:25:14 +02:00
Penar Musaraj
8f601d5025 UI: Add viewport meta tag to embedded topics layout 2019-09-12 14:14:32 -04:00
Vinoth Kannan
321f559c7c FIX: make markdown regexp patterns case insensitive. 2019-09-12 22:25:15 +05:30
Roman Rizzi
568232052e
DEV: Remove FlagQuery class and old code (#8064) 2019-09-12 13:21:33 -03:00
hawm
7129637279 FEATURE: Make share button support custom javascript (#8090)
* FEATURE: Make share button support custom javascript

* clean code

* formatting

* formatting
2019-09-12 11:19:43 -04:00
David Taylor
67a98946b8 FIX: Do not log 'pull_hotlinked_images' edits in the staff action log 2019-09-12 15:55:45 +01:00
Penar Musaraj
e4b813df4c FIX: Change admin dashboard sort caret icon color on hover 2019-09-12 10:38:53 -04:00
Jarek Radosz
1dcdcb5c31
FIX: Cast all numerical values in reports (#8087)
* FIX: Cast all numerical values in reports

The backend can return some numerical values in report as strings. That results in unexpected order of values when sorting report tables.

* Create `toNumber()` helper

The `typeof` and `parseFloat` seem to be the fastest path: https://jsperf.com/number-vs-typeof-vs-parsefloat#results
2019-09-12 15:17:34 +02:00
David Taylor
73172f00d3
FIX: Clear authentication data from session after create account (#8040) 2019-09-12 12:11:12 +01:00
Kris
f4f566a301 Adding above-user-profile plugin outlet 2019-09-11 22:22:00 -04:00
Krzysztof Kotlarek
32b8a2ccff DEV: Upgrade Discourse to Rails 6 (#8083)
* Adjustments to pass specs on Rails 6.0.0
* Use classic autoloader instead of Zeitwerk
* Update Rails 6.0.0 deprecated methods
* Rails 6.0.0 not allowing column with integer name
* Drop freedom_patches/rails6.rb
* Default value for trigger_transactional_callbacks? is true
* Bump rspec-rails version to 4.0.0.beta2
2019-09-12 10:41:50 +10:00
Neil Lalonde
7331e0865a FIX: user directory should not include unapproved users
When the "must approve users" setting is enabled, new users who were
waiting to be approved could show up in the user directory.
2019-09-11 15:18:17 -04:00
Arpit Jalan
59f7c92661 fix the build. 2019-09-11 23:32:58 +05:30
Arpit Jalan
4195548a17 Bump onebox version.
- indicate and link to Flickr Album
2019-09-11 23:23:11 +05:30
Gerhard Schlager
56c6e8e961 FIX: POP3 doesn't work with TLS 1.3 2019-09-11 18:43:19 +02:00
Rishabh
d93586c63f FEATURE: Whitelist the allowfullscreen iframe attribute (#8086)
Adding this to core allows showing the fullscreen button on external iframe videos like Vimeo.
https://meta.discourse.org/t/full-screen-videos-plugin/90869 will not be needed anymore.
2019-09-11 16:49:54 +02:00
Leo McArdle
9ba4a67766 pass model to above-user-preferences outlet (#8084) 2019-09-11 10:24:22 -04:00
Dan Ungureanu
8b2c272f04
UX: Use medium format for displaying time in post notices. (#8074) 2019-09-11 13:00:53 +03:00
Penar Musaraj
7252c14a16 FIX: Switch to full screen external login for Safari
This is a temporary solution, currently popup auth fails in Safari.
2019-09-11 00:18:37 -04:00
Sam Saffron
93b0ffc85c DEV: improve subfolder inline logic
This follows up on #503a11cc88f with a spec
2019-09-11 12:02:42 +10:00
Michael Brown
503a11cc88 FIX: inline_uploads and subfolder (#8076)
* FIX: inline_uploads and subfolder

* if subfolder, also look for images with a path containing
  cdn_url + relative_url_root

* FIX: migrate_to_s3 task and subfolder
2019-09-11 11:50:48 +10:00
Neil Lalonde
f0586ece32 FIX: errors in qunit tests when version check info is missing 2019-09-10 16:38:23 -04:00
Neil Lalonde
82398907af Prettier 2019-09-10 15:09:16 -04:00
Neil Lalonde
509e61e272 UX: Show installed version with SHA instead of number of commits
Removes the "+ 437" string at the end of "v2.4.0.beta2 + 437",
and adds a link to the exact commit on github underneath.
2019-09-10 14:59:51 -04:00
romanrizzi
bd930a9c77 FIX: Do not show staged users avatars when expanding the read count indicator 2019-09-10 14:21:34 -03:00
Joffrey JAFFEUX
a25869969a
DEV: adds event hook when add/remove user to group (#8038) 2019-09-10 11:58:08 -05:00
Robin Ward
1cebe7670a FEATURE: Allow embedding to ignore HTTP REFERER
New site setting: `embed_any_origin` that will send postMessages to
wildcard origins `*` instead of the referer.

Most of the time you won't want to do this, so the setting is default to
`false`. However, there are certain situations where you want to allow
embedding to send post messages when there is no HTTP REFERER.

For example, if you created a native mobile app and you wanted to embed a list
of Discourse topics as HTML. In the code your HTML would be a
static file/string, which would not be able to send a referer. In this
case, the site setting will allow the embed to work.

From a security standpoint we currently only use `postMessage` to send
data about the size of the HTML document and scroll position, so it
should be enable if required with minimal security ramifications.
2019-09-10 12:27:07 -04:00
Penar Musaraj
cf23016360 FIX: Display emojis in search result blurbs 2019-09-10 11:11:15 -04:00
Bianca Nenciu
0d22beb81d
FIX: Improve Onebox detection (#8019)
Follow-up to 7c83d2eeb2.
2019-09-10 13:59:48 +03:00
Arpit Jalan
972c1acef8 DEV: better class names for Flexbox 2019-09-09 21:33:53 +05:30
Kyle Zhao
9b10a78d82 FEATURE: Quick access panels in user menu (#8073)
* Extract QuickAccessPanel from UserNotifications.

* FEATURE: Quick access panels in user menu.

This feature adds quick access panels for bookmarks and personal
messages. It allows uses to browse recent items directly in the user
menu, without being redirected to the full pages.

* REFACTOR: Use QuickAccessItem for messages.

Reusing `DefaultNotificationItem` feels nice but it actually requires a
lot of extra work that is not needed for a quick access item.

Also, `DefaultNotificationItem` shows an incorrect tooptip ("unread
private message"), and it is not trivial to remove / override that.

* Use a plain JS object instead.

An Ember object was required when `DefaultNotificationItem` was used.

* Prefix instead suffix `_` for private helpers.

* Set to null instead of deleting object keys.

JavaScript engines can optimize object property access based on the
object’s shape. https://mathiasbynens.be/notes/shapes-ics

* Change trivial try/catch to one-liners.

* Return the promise in case needs to be waited on.

* Refactor showAll to a link with href

* Store `emptyStatePlaceholderItemText` in state.

* Store items in Session singleton instead.

We can drop `staleItems` (and `findStaleItems`) altogether. Because
`(old) items === staleItems` when switching back to a quick access
panel.

* Add `limit` parameter to the `user_actions` API.

* Explicitly import Session instead.
2019-09-09 11:03:57 -04:00
Nick Quaranto
530356f465 Use Discourse.getURL for /clicks/track so clicks can be tracked on relative URLs (#8079) 2019-09-09 17:41:37 +10:00
Roman Rizzi
7d5f3c1338 UX/PERF: Update readers count when a post from another user is read. Don't fetch the post data again just to update the count. (#8078) 2019-09-09 11:29:15 +10:00
Robin Ward
3e3f6b1b62 Revert "FIX: Auth popup handling for Safari same-site cookie quirks"
This reverts commit 310a8ac242.

It seems this breaks google authentication. My suspicion is opening
the URL twice invalidates the CSRF after the first access.
2019-09-06 15:46:48 -04:00