Commit Graph

21857 Commits

Author SHA1 Message Date
Sam
7918d99a2e SECURITY: update onebox gem 2016-12-19 13:17:51 +11:00
Sam
dd383300b1 FEATURE: rate limit by login on password reset 2016-12-19 11:03:07 +11:00
Sam
0599bd0154 FEATURE: add referrer never tag to password reset page 2016-12-19 11:01:58 +11:00
Sam
402f06de27 SECURITY: protect upload params, only allow very strict filenames 2016-12-19 10:18:32 +11:00
Sam
15b5fddd49 SECURITY: protect upload params, only allow very strict filenames 2016-12-19 10:16:18 +11:00
Sam
30e0154e5d SECURITY: fix reflected XSS with safe_mode param
(only applies to beta and master)
2016-12-19 10:11:51 +11:00
Mohamad Abras
e20e765afe Fix Arabic Pluralization Rules for Client 2016-12-17 17:50:35 +02:00
Jeff Atwood
81956cb1d6 Merge pull request #4590 from xfalcox/css-highligth
Use CSS animations for post and topic highlights
2016-12-16 14:22:25 -08:00
Rafael dos Santos Silva
e9fa936389 Uses CSS animation for highlight on mobile too 2016-12-16 19:26:49 -02:00
Arpit Jalan
ab6843dcde FIX: username route was broken 2016-12-16 23:56:22 +05:30
Guo Xiang Tan
51679ef6b2 Fix JS tests. 2016-12-17 00:51:40 +08:00
Guo Xiang Tan
d8541c589a FIX: Incorrect route for updating username. 2016-12-17 00:23:12 +08:00
Robin Ward
ddd299f4aa Revert "Revert "Revert Ember 2.10+ for a short while""
This reverts commit 76bbc481cb.
2016-12-16 10:29:30 -05:00
Robin Ward
76bbc481cb Revert "Revert Ember 2.10+ for a short while"
This reverts commit 21682fd60b.
2016-12-16 09:52:29 -05:00
Jeff Atwood
2600aca80b add back in missing para in new user PM 2016-12-16 00:49:54 -08:00
Jeff Atwood
e26d6227a4 Merge branch 'master' of https://github.com/discourse/discourse 2016-12-16 00:39:00 -08:00
Jeff Atwood
a2feef0847 UX: switch to new user tips blog post PM 2016-12-16 00:38:56 -08:00
Guo Xiang Tan
e3213f127d FIX: Regression with request membership button after migrating to component. 2016-12-16 16:07:11 +08:00
Sam
d4a0508744 FEATURE: outlet prior to Reply button at the bottom of topics 2016-12-16 17:10:32 +11:00
Sam
61eb134181 FEATURE: setting to allow arbitrary redirects from sso origin
if sso_allows_all_return_paths is set to true you can redirect off-site from sso success
2016-12-16 13:37:44 +11:00
Sam
6ff309aa80 SECURITY: don't grant same privileges to user_api and api access
User API is no longer gets bypasses that standard API gets.
Only bypasses are CSRF and XHR requirements.
2016-12-16 12:05:43 +11:00
Régis Hanol
197517d55e FIX: locally uploaded audio & video files should onebox even when the extension is uppercase 2016-12-15 23:21:44 +01:00
Robin Ward
21682fd60b Revert Ember 2.10+ for a short while 2016-12-15 16:43:38 -05:00
Neil Lalonde
f01f95d62d FEATURE: new settings to customize some colors in emails 2016-12-15 14:43:53 -05:00
Neil Lalonde
62ba5ea33f Name before username in summary email 2016-12-15 14:43:52 -05:00
Robin Ward
d0ddceb4e4 UX: Try improving the back button on the timeline 2016-12-15 14:24:58 -05:00
Robin Ward
ba8c6fd840 FIX: PhantomJS was crashing 2016-12-15 12:30:20 -05:00
Robin Ward
250ca11416 Add PluginAPI for registering a connector class 2016-12-15 11:54:37 -05:00
Robin Ward
0348f23f6d FIX: Register a test waiter rather than using hidden properties 2016-12-15 11:36:21 -05:00
Robin Ward
40c944cb36 FIX: Was showing two rows for the title always 2016-12-15 10:47:43 -05:00
Robin Ward
d69b782737 FIX: Editing tags was double rendering 2016-12-15 10:40:11 -05:00
Robin Ward
2655be512f FIX: Showing raw email and history were broken 2016-12-15 10:28:15 -05:00
Robin Ward
ea3db56d1c FIX: Mobile raw templates were not being resolved 2016-12-15 10:28:15 -05:00
Robin Ward
a149913c4d FIX: Template compilation was broken 2016-12-15 10:28:15 -05:00
Robin Ward
28699e66d8 Revert "REVERT: Ember 2.10 -- it's not building properly"
This reverts commit 600541c623.
2016-12-15 10:28:15 -05:00
Guo Xiang Tan
ffc97f2298 FIX: Wait 30 days before dropping the column.
* Regressions from the past is resulting in `logo_url` with
  no uploads record.
2016-12-15 22:45:04 +08:00
Guo Xiang Tan
c47b60a1e4 FIX: Check for column that we want to drop instead.
* Otherwise, the migration is called multiple times.
2016-12-15 20:53:10 +08:00
Mohamad Abras
bc621a704e fix close topics vb4 importer 2016-12-15 14:20:05 +02:00
Guo Xiang Tan
0ab52b127b Fix JS tests. 2016-12-15 16:52:47 +08:00
Guo Xiang Tan
e765e64cb1 Bump onebox for fixes. 2016-12-15 16:18:48 +08:00
Guo Xiang Tan
bbe067e735 Fix eslint. 2016-12-15 16:07:56 +08:00
Guo Xiang Tan
7888a16374 FEATURE: Add membership request to groups page. 2016-12-15 14:39:13 +08:00
Guo Xiang Tan
50aa9ba396 Fix JS tests. 2016-12-15 14:17:15 +08:00
Sam
162413862c FEATURE: add staff class to HTML body for staff 2016-12-15 16:23:03 +11:00
Sam
98f4a2adcb FIX: on 404 from brotli asset path return a correctly encoded doc
old implementation would cache the 404 for 1 year with incorrect encoding

hilarity would ensue
2016-12-15 16:05:20 +11:00
Sam
f867af6bf9 bye bye byebug 2016-12-15 15:52:25 +11:00
Guo Xiang Tan
3666575b46 UX: Improve styling for groups page. 2016-12-15 12:19:13 +08:00
Guo Xiang Tan
3999afc279 FIX: Category logo not showing in navigation. 2016-12-15 12:11:21 +08:00
Guo Xiang Tan
b005e1ab58 UX: Left align columns on groups page. 2016-12-15 10:00:37 +08:00
Neil Lalonde
e6361d1228 Version bump to v1.7.0.beta10 2016-12-14 14:57:51 -05:00