Commit Graph

21860 Commits

Author SHA1 Message Date
Guo Xiang Tan
5cd680b0be SECURITY: Ensure oAuth authenticated email is the same as created user's email. 2017-02-24 15:40:31 +08:00
Guo Xiang Tan
465660bdfc Revert "SECURITY: Ensure that user has been authenticated."
This reverts commit d1091f7f57.
2017-02-24 15:39:56 +08:00
Guo Xiang Tan
d1091f7f57 SECURITY: Ensure that user has been authenticated. 2017-02-24 11:46:59 +08:00
Sam
7912966209 SECURITY: inactive/suspended accounts should be banned from api
Also fixes edge cases around users presenting multiple credentials
2017-02-17 11:09:08 -05:00
Neil Lalonde
a86807b39b Version bump to v1.7.3 2017-02-13 16:45:01 -05:00
Sam
47b9eb6dbb new: server plugin outlet for indexable robots.txt 2017-02-13 14:05:08 -05:00
Sam
1d3f04d4bb SECURITY: correctly validate input when admin searches for screened ips 2017-02-06 16:11:48 -05:00
Sam
5fc70471be UX: less restrictive selector to allow for plugin outlets
Currently plugin outlets in LIs will generate a wrapping SPAN,
this makes an allowence in core for nave extenstions (like solved does)
2017-02-02 12:18:22 -05:00
Neil Lalonde
839a5e6e42 Version bump to v1.7.2 2017-01-26 13:32:57 -05:00
Robin Ward
2f78facb48 SECURITY: Prevent large onebox downloads, better timeout support 2017-01-25 14:59:35 -05:00
Guo Xiang Tan
d4ca8ea617 Fix broken emojis. 2017-01-24 16:18:39 +08:00
Régis Hanol
f49c9f6c43 FIX: log backups download/destroy staff action
FIX: clean up junk left by the specs
RENAME: 'backup_operation' to 'backup_create' to match other backup log types
2017-01-16 19:58:04 +01:00
Robin Ward
8f34c2332d Version bump to v1.7.1 2017-01-13 11:08:58 -05:00
Régis Hanol
9f3c38832e FIX: don't onebox to IP addresses 2017-01-12 22:36:59 +01:00
Arpit Jalan
1570c4e4a7 Update Translations 2017-01-12 13:26:45 +05:30
Guo Xiang Tan
0f574f641e UX: Truncate topic link title/URL on desktop to prevent overflow. 2017-01-12 12:24:39 +08:00
Guo Xiang Tan
38496985ef Fix syntax error. 2017-01-12 10:03:37 +08:00
Guo Xiang Tan
23d4435af1 Oops. 2017-01-12 09:56:20 +08:00
Guo Xiang Tan
79c80f9974 Make mention bot assign reviewers for collaborators as well. 2017-01-12 09:44:22 +08:00
Guo Xiang Tan
d0e3312d92 Merge pull request #4646 from tgxworld/log_readonly_mode_changes
FEATURE: Log admin action when readonly mode is changed.
2017-01-12 09:43:51 +08:00
Guo Xiang Tan
515f50e42e FEATURE: Log admin action when readonly mode is changed. 2017-01-12 09:41:02 +08:00
Jeff Atwood
240c4870cf FIX: add noopener to website field in user profile 2017-01-11 15:38:37 -08:00
Régis Hanol
887e9af84f FEATURE: new 'max_image_megapixels' site setting 2017-01-11 23:37:12 +01:00
Régis Hanol
fee5f082b8 Merge pull request #4647 from pfaffman/bbpress-missing-display-name
Bbpress missing display name
2017-01-11 21:57:44 +01:00
Régis Hanol
f3a325ac0f bump onebox 2017-01-11 21:55:31 +01:00
Jay Pfaffman
ffbaf374c8 use .presence rather than DIY checking 2017-01-11 12:55:25 -08:00
Jay Pfaffman
e307bbccf9 Merge branch 'master' of github.com:discourse/discourse into bbpress-missing-display-name 2017-01-11 11:28:38 -08:00
Jay Pfaffman
c5d6bfe7e2 bbpress: Use nicename if display_name is missing 2017-01-11 11:26:55 -08:00
Neil Lalonde
b177827841 more specs for staff action logging 2017-01-11 11:41:21 -05:00
Robin Ward
6c3426d266 Let's not notify for trust levels on Staff, either 2017-01-11 11:25:04 -05:00
Rafael dos Santos Silva
3a3a464a32 Merge pull request #4642 from miromichalicka/master
Add support for import from Drupal 6
2017-01-11 12:56:52 -02:00
Arpit Jalan
e793caf3e3 FIX: only allow CSV file to be uploaded for bulk invite 2017-01-11 16:26:01 +05:30
Régis Hanol
dfb633fde3 remove 'already initialized constant' warning 2017-01-11 11:03:36 +01:00
Guo Xiang Tan
d6bf5b0e78 Use any orientation for web app manifest. 2017-01-11 17:32:24 +08:00
Guo Xiang Tan
1758af9a1d FIX: Perform emoji unescape for topic titles in quotes. 2017-01-11 17:23:13 +08:00
Guo Xiang Tan
cdd550e947 Use a different Redis key when PG failover sets site to readonly mode. 2017-01-11 16:38:49 +08:00
Guo Xiang Tan
77045eb1f1 Merge pull request #4644 from olach/tab-size
Display tabs with smaller widths for code blocks
2017-01-11 14:49:16 +08:00
Jeff Atwood
9103ba30ad switch from "API Requests" to "Pageviews" 2017-01-10 17:02:23 -08:00
Neil Lalonde
42c39ab38e Don't display email addresses in staff action logs for revoked email 2017-01-10 17:51:22 -05:00
Neil Lalonde
98bd58df61 Don't show email of deleted users in staff action logs 2017-01-10 17:25:36 -05:00
Neil Lalonde
e84fcc7d74 Staff action logs explain when system is deleting a post because author marked it to be deleted 2017-01-10 17:25:36 -05:00
Neil Lalonde
fc0a0a76a4 Add more info in staff action logs for blocking a user, and add logging for lock trust level, activate, and deactive user 2017-01-10 17:25:36 -05:00
Jeff Atwood
0303047446 SECURITY: disallow csv as default upload file type 2017-01-10 13:24:10 -08:00
Robin Ward
7341b0d03c Don't give notifications to admins for trust level notifications 2017-01-10 12:18:48 -05:00
Jeff Atwood
00ffc49105 update mobile android screenshot for 1.7 2017-01-10 02:45:20 -08:00
Arpit Jalan
6506c0d900 use table prefix in bbpress import script 2017-01-10 16:07:13 +05:30
Ola Christensson
82fab2343f Display tabs with smaller widths for code blocks
The default browser behavior is a tab width of 8 characters. This changes the width to 4 characters.
2017-01-10 10:06:53 +01:00
Robin Ward
b60bc47a4c Plugins can register providers for global settings 2017-01-09 17:18:58 -05:00
Régis Hanol
185dcb2ca1 handle emails with localized headers 😠 2017-01-09 22:59:30 +01:00
Robin Ward
6b4f265a8c Revert "Experimental feature to load gemfiles from plugins"
This reverts commit 64652f98ab.
2017-01-09 16:08:35 -05:00