github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-15 20:45:53 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
18,654 Commits 214 Branches 500 Tags 960 MiB
a139e469a7
Commit Graph

7684 Commits

Author SHA1 Message Date
Robin Ward
9adfccfad1 FIX: Regression with escaping on badge page 
In this branch (stable) we can't run the sanitizer because the bundle is not
loaded. The long badge description is not sanitized, but it
has to be created by an admin so it's extremely low risk.

In the beta / tests-passed branches the text is sanitized.
 2016-07-28 16:11:41 -04:00
Robin Ward
f416634ea0 SECURITY: Cross-Site Scripting in Category and Group Settings 2016-07-28 15:30:53 -04:00
Robin Ward
90a3cc7f18 SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions 2016-07-28 15:29:05 -04:00
Régis Hanol
6dfd8ed47e SECURITY: 2 XSSs in post gutter and local oneboxes 2016-05-14 00:09:11 +02:00
Neil Lalonde
01b6bc08ba Merge fixes from master 2016-04-07 13:51:05 -04:00
Régis Hanol
a5d8dfb07e FIX: don't hardcode maximum file size 2016-04-06 22:51:28 +02:00
Erick Guan
e09634dbae Add plugin outlets for user stream item and topic list item 2016-04-06 15:03:49 -04:00
Steven Slade
0deea4f7d4 add ability to have post-menu in second position 2016-04-06 14:05:52 -04:00
Steven Slade
b1d04412db altering topic-map widget's like count to show total topic like count 
* altering topic-map widget's like count to display total topic like count rather than the first post's like count

* changing likeCount to topicLikeCount for virtual dom element to show total likes of thread
 2016-04-06 12:49:27 -04:00
Guo Xiang Tan
a1add415e5 UX: Quote button covered by youtube info header on mobile. 2016-04-05 16:18:07 +08:00
Arpit Jalan
d9371ae631 UX: 'login to reply' button should match 'reply to topic' button 2016-04-05 12:56:27 +05:30
Jeff Atwood
0463187772 darken the gold a bit 2016-04-05 00:05:38 -07:00
Guo Xiang Tan
d677f852c4 UX: Group notification level dropdown not positioned properly. 2016-04-04 22:54:21 +08:00
Régis Hanol
e4e74c5fbb UX: use 'number' helper when displaying the number of replies in a topic 2016-04-04 11:42:38 +02:00
Régis Hanol
4ab61dfdad UX: hide new button in automatic group since we can't create automatic group 2016-04-04 11:26:58 +02:00
Régis Hanol
d3ee48a316 UX: use clearfix on top-section of the user's sumarry (props to @DeanMarkTaylor) 2016-04-04 11:18:15 +02:00
Arpit Jalan
74e7fc8f7e FIX: edit category button on mobile was showing up for moderators even when allow_moderators_to_create_categories was disabled 2016-04-04 14:05:06 +05:30
Arpit Jalan
0e02d24428 FIX: check for confirm value before removing user from PM 2016-04-04 11:56:07 +05:30
Oskar Rough
9e769e5357 Optically and vertically align the "13 days later" element 2016-04-03 13:30:22 +02:00
Régis Hanol
514d6ede0e FIX: addPosterIcon wasn't working on initial load 2016-04-01 18:25:13 +02:00
Robin Ward
b32d727d95 FIX: Bad auto merge 2016-03-31 17:42:16 -04:00
Neil Lalonde
01d0aeb5a9 merge master 2016-03-31 17:40:54 -04:00
Sam
bd1ca35f8b FIX: pinned picker in IE11 2016-04-01 05:54:36 +11:00
Sam
a344b1ed37 Merge pull request #4126 from iamntz/patch-4 
Romanian Plurals
 2016-03-31 08:17:00 +11:00
Régis Hanol
59d89d5333 UX: words in the stats button should be dark grey 2016-03-30 23:16:22 +02:00
Régis Hanol
61d61cd410 fix custom badge images on FF 2016-03-30 22:06:17 +02:00
Ionut Staicu
07fb0c4106 Updated ro.js.erb to match romanian plurals 2016-03-30 22:24:33 +03:00
Régis Hanol
2ac38e9d05 show all headers in rejected email details modal 2016-03-30 19:05:42 +02:00
Régis Hanol
bf579174c1 UX: improved user summary page 2016-03-30 18:05:16 +02:00
Arpit Jalan
edbc7c4db8 UX: add text-overflow to imgur album description 2016-03-30 13:12:28 +05:30
Sam
d5b63730bc don't bother with register emoji if dialect is missing 2016-03-30 18:10:14 +11:00
Jeff Atwood
5d13fa1b94 push tracking below topic controls on large mobile 2016-03-30 00:03:54 -07:00
Jeff Atwood
73a0f109e8 correct weird editor borders on mobile 2016-03-29 23:57:44 -07:00
Jeff Atwood
d0bf465989 make drop-down icon glyphs grey 2016-03-29 23:44:19 -07:00
Sam
4d71356e52 FIX: quoting a section inside expanded reply misattributed 
1. expand "in reply to"
2. select text
3. quote reply

Was incorrectly attributed to parent post
 2016-03-30 17:38:28 +11:00
Jeff Atwood
4d5074994c correct mobile badge display 2016-03-29 23:36:54 -07:00
Jeff Atwood
cdf6aa4cb4 adjust time gap alignment on mobile 2016-03-29 23:28:20 -07:00
Sam
dbd1370ddb FIX: only hide overflow on cooked content 
otherwise topic admin menu clips
and you no longer can position stuff absolutely based off .topic-body
 2016-03-30 17:01:26 +11:00
Arpit Jalan
c13d8176b5 UX: Imgur album width should be dependent on album description 2016-03-30 08:00:22 +05:30
Sam
594dc86c40 oops 2016-03-30 11:44:17 +11:00
Sam
fbdd9c0034 FIX: unread and new count not removing deleted topics on the fly 
FIX: unread PMs interfering with unread count
 2016-03-30 11:18:07 +11:00
Jeff Atwood
b7171154da remove ancient font formats from FontAwesome src 2016-03-29 17:02:25 -07:00
Neil Lalonde
3e5f2bd1cf FIX: replace reference to Google_oauth2 with Google during signup 2016-03-29 18:08:55 -04:00
Régis Hanol
aec88dc443 FIX: like badges should respect bronze/silver/gold colors 2016-03-29 15:48:46 +02:00
Sam
f907b42f0a oops 2016-03-29 19:02:59 +11:00
Sam
95076050f4 FEATURE: warn about mailing list mode if it is checked 2016-03-29 18:50:17 +11:00
Sam
adbc22530c FIX: don't show badges in summary page if badges disabled 2016-03-29 17:12:15 +11:00
Sam
7ab153dac3 FIX: double XHR request when loading more badges 2016-03-29 16:56:29 +11:00
Sam
6bb97dcabb FIX: external hyperlinks broken in badge cards 
also, we were allowing nesting of A tags which is not really allowed
 2016-03-29 16:21:52 +11:00
Sam
7cd56e616b FIX: strip out links from badge titles 2016-03-29 16:21:52 +11:00