Commit Graph

210 Commits

Author SHA1 Message Date
Sam
0d1b460f1e Pending spec for Nokogiri fix 2014-10-03 12:37:07 +10:00
Régis Hanol
de76b512c1 fix most deprecations in the specs (still some left) 2014-09-25 17:44:48 +02:00
Jeff Atwood
5646ebf4c7 fix tests expecting "name said:" to "name:" 2014-09-18 20:39:27 -07:00
Robin Ward
19b4364d79 SECURITY: Stripping links could unescape html fragments 2014-09-17 12:08:00 -04:00
David McClure
d567093756 FEATURE: Allow manual excerpt to be specified anywhere in the post and override max excerpt length 2014-09-03 22:06:53 -07:00
David McClure
0513d02e23 FEATURE: Allow manual excerpt to be defined past the beginning of the post
There is still a limitation that the span excerpt must begin before the post_excerpt_max_length.
2014-09-03 00:29:49 -07:00
Sam
84836944e8 FIX: crash on invalid uri component 2014-07-30 17:09:55 +10:00
Robin Ward
b2f2e7b1d2 REFACTOR: Move Markdown tests to Javascript land 2014-07-25 16:08:00 -04:00
Sam
6e9f5f5584 SECURITY: fix XSS in excerpt parser 2014-07-25 12:16:00 +10:00
Sam
de7e6a9545 Feature: allow mods to cut pinned topic excerpts 2014-07-17 21:32:37 +10:00
Sam
c12a131fb4 SECURITY: sanitizer allowing invalid attributes 2014-07-17 16:11:09 +10:00
Sam
89fc989adb FEATURE: First Quote badge 2014-07-11 14:17:43 +10:00
Sam
d54c28adc1 FIX: better whitelisting 2014-07-10 09:59:54 +10:00
Sam
9828a268b9 Fix: whitelist regex for bbcode too wide 2014-07-10 09:17:04 +10:00
Robin Ward
fc1ce96dbb FIX: Change the approach to sanitization. Includes a more detailed API
for allowing classes and attributes for only certain tag names.
2014-07-03 16:55:36 -04:00
Robin Ward
9c48f8f154 FIX: Don't surround <aside> with <p> as that is malformed HTML. 2014-06-30 18:11:22 -04:00
Sam
e2e36a6df3 FIX: bold and italic handling improved 2014-06-30 17:01:46 +10:00
Sam
24ddb6cfad FIX: Bold, italic should not expect a space boundary 2014-06-26 17:45:51 +10:00
Sam
b8357aa90a BUGFIX: newline after bold was not producting a BR 2014-06-26 15:28:08 +10:00
Robin Ward
64355c989e FIX: Don't extract links from empty quotes 2014-05-20 17:20:52 -04:00
Louis Rose
1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Robin Ward
87682f7539 FIX: Don't include image meta data when embedded in an email 2014-04-17 12:32:51 -04:00
riking
9c4dd1cb35 Change comma-delim site settings to pipe-delim 2014-04-08 14:17:55 -07:00
Vikhyat Korrapati
e781a758ad Preserve spoiler tags in post excerpts. 2014-02-20 15:01:44 +05:30
Robin Ward
963793549c FIX: Remove failing ruby tests. The same thing is tested in JS and
passes due to the ability to create a document fragment.
2014-01-20 15:28:46 -05:00
Neil Lalonde
4f6b208e8d Posts by trust level 3 users do not have nofollow on their external links. 2014-01-15 11:40:51 -05:00
Régis Hanol
ad8755aa70 BUGFIX: inline spoiler for text, block spoiler for images 2014-01-15 00:53:06 +01:00
Régis Hanol
70161498b6 BUGFIX: spoiler tag on lightboxed images wasn't working 2014-01-12 19:38:46 +01:00
Neil Lalonde
4ec0543362 FIX: emails with embedded posts should always use absolute URLs 2013-11-28 15:57:21 -05:00
Régis Hanol
37fd7ab574 pull hotlinked images 2013-11-05 19:07:29 +01:00
Robin Ward
d7182d0b14 FIX: Only wrap inline html tags in <p> 2013-10-18 15:21:05 -04:00
Robin Ward
f27413219e Support for MDTest 2013-10-16 10:28:42 -04:00
Robin Ward
5281b7f80c Upgraded and refactored Sanitizing. Much less crap should get through now!
Conflicts:
	app/assets/javascripts/discourse/components/syntax_highlighting.js
2013-10-15 10:53:11 -04:00
Robin Ward
af931f0444 Reverting the Sanitizer commit in case we have to do something urgent
before we deploy it early next week. It's in the branch `sanitizer` for
now.

This reverts commit 9e93d8ed52.
2013-10-11 16:44:26 -04:00
Robin Ward
9e93d8ed52 Upgraded and refactored Sanitizing. Much less crap should get through now!
Conflicts:
	app/assets/javascripts/discourse/components/syntax_highlighting.js
2013-10-11 16:25:40 -04:00
Robin Ward
37304b7eba FIX: Too many new lines in long quotes 2013-09-27 15:08:56 -04:00
Robin Ward
3cec95a2c3 Better API for parsing out blocks in the parser. 2013-08-29 11:47:44 -04:00
Robin Ward
2d45c56ba5 Replace Markdown Linebreak Regexp with node parser. 2013-08-26 15:21:23 -04:00
Robin Ward
7c07079ed9 Revert "FIX: Failing spec"
This reverts commit 2df2838f40.
2013-08-26 12:46:28 -04:00
Robin Ward
2df2838f40 FIX: Failing spec 2013-08-26 11:54:05 -04:00
Robin Ward
7f69a58439 Replace Markdown parser. 2013-08-21 10:10:57 -04:00
Régis Hanol
c867b67a0b custom avatar support 2013-08-13 22:08:29 +02:00
Robin Ward
751b757c1d FIX: Some failing specs 2013-07-18 12:26:38 -04:00
Régis Hanol
3136638b4b FIX: CDN doesn't work with S3 2013-07-16 22:16:33 +02:00
Sam
c49731a91b fix failing server side quote localisation change 2013-07-16 17:48:48 +10:00
Robin Ward
7504da13e3 FIX: Whitespec in specs changed. We should really figure out a better way of ensuring correctness here. 2013-07-03 19:24:49 -04:00
Robin Ward
6384518599 Allow images in the daily digest for top scoring posts 2013-06-05 18:55:27 -04:00
Robin Ward
0b97ea6345 Better HTML emails, smarter email digests, new email section in admin with digest preview 2013-06-05 17:47:25 -04:00
Robin Ward
dfba2b6e0a FIX: Strip links from google indexed bios when the users are new. 2013-06-05 15:28:10 -04:00
Régis Hanol
01855b70b4 FIX: Have onebox ignore internal links 2013-06-05 20:53:07 +02:00
Robin Ward
4392a17b54 Strip out links when displaying a new user's bio 2013-06-04 12:06:25 -04:00
Régis Hanol
297680c28d FIX: pinned topic excerpt is not properly truncated 2013-05-10 12:28:17 +02:00
Sam
b25a5a20bb option to strip links from excerpts 2013-04-30 13:25:55 +10:00
Michael Scott Shappe
2fb673dd72 Create and use new rspec matcher 'match_html'
This introduces match_html, which converts actual and expected HTML strings into "canonical" HTML using Nokogiri with NOBLANKS and COMPACT, and then does a simple equality comparison.

This eliminates whitespace differences introduced by library changes (e.g. the libxml2 2.9.0 change).

pretty_text_spec.rb has been changed to use match_html where appropriate. and all tests pass under libxml2 2.7.6, 2.8.0 or 2.9.0
2013-04-09 22:30:10 -05:00
Robin Ward
00f9e628e0 Don't apply markdown to content of [quote] -- it messes up spacing. 2013-04-09 17:32:50 -04:00
Gosha Arinich
cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Robin Ward
dee9e9a51f Fix bug where links to posts weren't being tracked 2013-02-13 15:23:09 -05:00
Sam Saffron
f68f59c24f setting to exclude rel nofollow from particular domains 2013-02-11 18:58:19 +11:00
Sam Saffron
543845c673 rel nofollow, on by default to protect forums from spam etc. we should consider lifting it at high trust by default. 2013-02-11 11:43:07 +11:00
Robin Ward
21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00