Commit Graph

22025 Commits

Author SHA1 Message Date
Arpit Jalan
6661cebff8 FIX: do not log duplicate username changes 2017-02-28 01:32:00 +05:30
Neil Lalonde
e634b37f9a FIX: from field of emails should be including email_site_title or site title settings 2017-02-27 14:23:07 -05:00
Arpit Jalan
f7d413bb1b Merge pull request #4727 from techAPJ/log-name-changes
FEATURE: log all username and name changes
2017-02-28 00:53:00 +05:30
Arpit Jalan
b32d3d66e5 FEATURE: log all username and name changes 2017-02-28 00:23:27 +05:30
Robin Ward
0e3def7d2b Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."
This reverts commit 1060239e2d.
2017-02-27 13:19:26 -05:00
Robin Ward
bf9626d031 FIX: Embedding was broken with non-english URLs and ports 2017-02-27 12:17:52 -05:00
Arpit Jalan
877957ae88 Merge pull request #4715 from techAPJ/login-per-ip
FEATURE: new site setting for max logins per ip per hour/minute
2017-02-27 18:24:53 +05:30
Arpit Jalan
cba51e1c38 FEATURE: new site setting for max logins per ip per hour/minute 2017-02-27 16:58:03 +05:30
Guo Xiang Tan
0e8c849572 UX: "See more" on not found page should redirect to /top. 2017-02-27 13:33:19 +08:00
Guo Xiang Tan
0675f9f838 Merge pull request #4684 from tgxworld/fix_reset_context_when_context_type_changes
Fix reset context when context type changes
2017-02-27 12:24:44 +08:00
Guo Xiang Tan
ac37bd3dbc FIX: Search menu results does not refresh when search context is changed. 2017-02-27 12:23:41 +08:00
Guo Xiang Tan
d2b83a9682 Merge pull request #4720 from rizka10/patch-3
Fix a minor typo on a mailer template
2017-02-27 11:51:38 +08:00
Guo Xiang Tan
2fc0b35765 Merge pull request #4722 from oblakeerickson/typo_routes_file
FIX: typo in a routes.rb comment
2017-02-27 11:51:13 +08:00
Guo Xiang Tan
82595bc1ab Merge pull request #4725 from jomaxro/patch-2
Remove references to elder
2017-02-27 11:50:48 +08:00
Guo Xiang Tan
758e3e52f7 FIX: Mobile topic timeline broken on Chrome 56.
* See https://developers.google.com/web/updates/2017/01/scrolling-intervention.
  From Chrome 56 onwards, `touchstart` event listeners are treated as passive
  by default which does not call `preventDefault` resulting in the page
  scrolling when topic timeline handle is being dragged.
2017-02-27 11:39:57 +08:00
jomaxro
f5673fbd47 Remove references to elder
The use of the TL4 name Elder was changed in 2014 to Leader.  The spec function was changed to `:trust_level_4`, but the it statement was not changed.
2017-02-26 17:40:42 -07:00
Sam Saffron
7e8f0dc967 FIX: attempt to handle ios edge case where token is seen but unsaved
This relaxes our security in the following way

- prev auth token is always accepted as long as rotation
date is within our window of SiteSetting.maximum_session_age.hours
(previously old token expired within a minute of new one being seen)

- new auth token is marked unseen if we are presented with an old token
after we already saw new one

This attempts to fix an issue where ios webkit is not committing new cookies
2017-02-26 17:09:57 -05:00
Blake Erickson
5ba8f8d1a6 FIX: typo in a routes.rb comment
sidekiq was spelled wrong
2017-02-25 10:03:19 -07:00
rizka10
e651faa397 Fix a minor typo on a mailer template
"with" is supposed to be "wish" on 'unsubscribe_mailer.text_body_template'
2017-02-24 16:13:47 +02:00
Régis Hanol
fdf749770b remove unecessary '.limit(1)' 2017-02-24 12:56:13 +01:00
Régis Hanol
ecdae9f863 FIX: i18n integrity specs
FIX: check all .yml files in the project for integrity
FIX: ensure localized yamls are compatible with english
2017-02-24 11:35:33 +01:00
Régis Hanol
a2c04be718 FIX: eradicate I18n fallback issues 💣
FIX: client's translation overrides were not working when the current locale was missing a key
FIX: ExtraLocalesController.show was not properly handling multiple translations
FIX: JsLocaleHelper#output_locale was not properly handling multiple translations

FIX: ExtraLocalesController.show's spec which was randomly failing
FIX: JsLocaleHelper#output_locale was muting cached translations hashes

REFACTOR: move 'enableVerboseLocalization' to the 'localization' initializer
REFACTOR: remove unused I18n.js methods (getFallbacks, localize, parseDate, toTime, strftime, toCurrency, toPercentage)
REFACTOR: remove all I18n.pluralizationRules and instead use MessageFormat's pluralization rules

TEST: add tests for localization initializer
TEST: add tests for I18n.js
2017-02-24 11:31:21 +01:00
Guo Xiang Tan
1060239e2d SECURITY: Ensure oAuth authenticated email is the same as created user's email. 2017-02-24 13:13:10 +08:00
Guo Xiang Tan
0847b4258a Revert "SECURITY: Ensure that user has been authenticated."
This reverts commit fbe51d68a7.

Changing the commit message to correctly reflect what we're actually
fixing.
2017-02-24 13:12:29 +08:00
Guo Xiang Tan
889ab85431 Merge pull request #4719 from rimian/patch-3
fix malformed qunit url
2017-02-24 11:32:01 +08:00
Guo Xiang Tan
fbe51d68a7 SECURITY: Ensure that user has been authenticated. 2017-02-24 10:47:48 +08:00
Sam Saffron
3754b038e8 fix brotli origin 2017-02-23 18:26:40 -05:00
Rimian Perkins
db9840b672 fix malformed qunit url
this removes the space between the query string and the URL

```
$MODULE='Acceptance: Search' rake qunit:test\[20000\]
....
Running: {"module":"Acceptance: Search"}
... http://localhost:60099/qunit?module=Acceptance%3A%20Search 20000
```

The timeout value seems to work fine.
2017-02-24 10:19:34 +11:00
Sam Saffron
ef08462b33 spaces matter 2017-02-23 17:37:53 -05:00
Rafael dos Santos Silva
f68540b022 Increase QUnit timeouts to allow on slower envs 2017-02-23 19:21:06 -03:00
Sam
f15f61da0a FEATURE: add immutable caching to rails site of things 2017-02-23 13:05:00 -05:00
Sam
eee22bf037 FEATURE: Add immutable cache for assets that do not update
This will eliminate revalidation of avatars, css, js and uploads on reloads on supporting browsers (at the moment firefox)
2017-02-23 12:24:47 -05:00
Sam
ea1007e954 FEATURE: add support for same site cookies
Defaults to Lax, can be disabled or set to Strict.

Strict will only work if you require login and use SSO. Otherwise when clicking on links to your site you will appear logged out till you refresh the page.
2017-02-23 12:01:28 -05:00
Sam
ad435da377 fix typo 2017-02-23 10:58:53 -05:00
Jeff Atwood
ad6cb3c638 force all iOS editors to minimum height for compat 2017-02-22 16:56:19 -08:00
Jeff Atwood
22fc761cc3 tweak iOS composer heights a bit 2017-02-22 15:48:39 -08:00
Neil Lalonde
c00ffabac3 search scope checkbox is default checked for your messages too 2017-02-22 17:45:12 -05:00
Neil Lalonde
0551b3f5ee FEATURE: replace emoji with unicode in title and description meta tags 2017-02-22 16:24:13 -05:00
Sam Saffron
0fc2b64f65 attempt 2 at adjusting class definition so its more easily extensible 2017-02-22 14:18:43 -05:00
Sam Saffron
08d56952df revert change, it is required 2017-02-22 14:10:55 -05:00
Sam Saffron
d0d60ffa89 make is slightly easier to extend 2017-02-22 14:06:18 -05:00
Neil Lalonde
57784ddf2b remove unused setting import 2017-02-22 13:05:57 -05:00
Sam Saffron
b7d2edc7dc FIX: allow some auth token misses prior to clearing cookie
It appears that in some cases ios queues up requests up front
and "releases" them when tab gets focus, this allows for a certain
number of cookie misses for this case. Otherwise you get logged off.
2017-02-22 12:37:11 -05:00
Sam Saffron
3532957ce1 index should have always been unique 2017-02-22 12:37:11 -05:00
Neil Lalonde
00700da6b8 remove null class 2017-02-22 12:23:45 -05:00
Neil Lalonde
53ec4c44f4 FIX: N+1 in topic_list 2017-02-22 12:20:50 -05:00
Neil Lalonde
a702330ccd FEATURE: make show_subcategory_list a per-category setting 2017-02-22 11:42:36 -05:00
Arpit Jalan
2f657b0e32 FIX: do not refresh staff action logs every time the page is loaded 2017-02-22 17:25:39 +05:30
Arpit Jalan
213a496203 FIX: show all staff events related to the target user 2017-02-22 13:31:40 +05:30
Arpit Jalan
b32f33b3f0 FIX: allow staff members to send PMs when enable_private_messages is disabled 2017-02-22 11:32:09 +05:30