github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-25 04:19:05 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
18,222 Commits 190 Branches 500 Tags 938 MiB
5d4ee2ca1d
Commit Graph

26 Commits

Author SHA1 Message Date
Robin Ward
c1d321369b We don't need to allow track and meter 2015-09-18 15:37:56 -04:00
Sam
fbbd4999b6 FIX: remove invalid hack, correct whitelist to use value returned from callback 2014-07-25 12:16:00 +10:00
Robin Ward
43b997c1ce TRIVIAL: Santiize some extra attributes from images 2014-07-04 13:22:48 -04:00
Robin Ward
fc1ce96dbb FIX: Change the approach to sanitization. Includes a more detailed API 
for allowing classes and attributes for only certain tag names.
 2014-07-03 16:55:36 -04:00
Robin Ward
a7ad7f6a45 Remove some obscure HTML tags from sanitization 2014-06-24 11:03:45 -04:00
Robin Ward
a57ecef253 BUGFIX: Do not allow font tags. 2014-02-20 11:10:56 -05:00
Kane York
9f8f0f115c Restore 'article' to whitelist 2014-02-18 16:22:42 -08:00
Kane York
2e864f5ad7 Remove audio and video tags as well 2014-02-13 21:47:13 -08:00
Kane York
5b819f191a Removing more stuff from the sanitizer whitelist 2014-02-13 20:18:40 -08:00
Robin Ward
af5254d3b4 FIX: Remove canvas tag. 2014-02-05 12:22:36 -05:00
Robin Ward
8adb08a9ca FIX: Don't allow <button> in posts either. 2014-02-04 16:29:00 -05:00
Robin Ward
abffcd9f94 FIX: Blacklist <textarea> 2014-02-04 12:48:33 -05:00
Robin Ward
b90e811825 FIX: We don't need support for rows or cols in textarea. 2013-12-23 18:11:35 -05:00
Régis Hanol
06dd7ffe3c better revision history 2013-12-12 03:41:34 +01:00
Robin Ward
0ece195723 Blacklist <center> 2013-12-04 11:43:20 -05:00
Régis Hanol
9b6538832d whitelist google.com/maps iframes 2013-11-29 18:08:53 +01:00
Robin Ward
d9a16079a5 FIX: Do not allow users to create tables 2013-10-21 13:32:15 -04:00
Robin Ward
5281b7f80c Upgraded and refactored Sanitizing. Much less crap should get through now! 
Conflicts:
	app/assets/javascripts/discourse/components/syntax_highlighting.js
 2013-10-15 10:53:11 -04:00
Robin Ward
af931f0444 Reverting the Sanitizer commit in case we have to do something urgent 
before we deploy it early next week. It's in the branch `sanitizer` for
now.

This reverts commit 9e93d8ed52.
 2013-10-11 16:44:26 -04:00
Robin Ward
9e93d8ed52 Upgraded and refactored Sanitizing. Much less crap should get through now! 
Conflicts:
	app/assets/javascripts/discourse/components/syntax_highlighting.js
 2013-10-11 16:25:40 -04:00
Régis Hanol
ede9d2a0a8 show diff in post history view 2013-04-29 03:20:51 +02:00
Robin Ward
88267429c5 Remove fastclick for now -- we saw some regressions on iPad and want to make sure they weren't caused by 
it.
 2013-02-26 10:47:23 -05:00
Gosha Arinich
cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Sam Saffron
b9f3666f5a fast click instead of hacky double event binding 2013-02-25 11:11:46 +11:00
Robin Ward
f661fa609e Convert all CoffeeScript to Javascript. See: 
http://meta.discourse.org/t/is-it-better-for-discourse-to-use-javascript-or-coffeescript/3153
 2013-02-20 19:01:13 -05:00
Sam Saffron
0c085059c9 added sane sanitizer (Google Cajole) that is much more robust than old one ... yay for smilies 
added sane way to do $LAB includes - pattern to be expanded
people keep on messing structure.sql
 2013-02-20 16:11:56 +11:00