github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-15 22:52:10 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
18,654 Commits 214 Branches 500 Tags 960 MiB
a139e469a7
Commit Graph

6075 Commits

Author SHA1 Message Date
Robin Ward
9adfccfad1 FIX: Regression with escaping on badge page 
In this branch (stable) we can't run the sanitizer because the bundle is not
loaded. The long badge description is not sanitized, but it
has to be created by an admin so it's extremely low risk.

In the beta / tests-passed branches the text is sanitized.
 2016-07-28 16:11:41 -04:00
Robin Ward
f416634ea0 SECURITY: Cross-Site Scripting in Category and Group Settings 2016-07-28 15:30:53 -04:00
Robin Ward
90a3cc7f18 SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions 2016-07-28 15:29:05 -04:00
Régis Hanol
6dfd8ed47e SECURITY: 2 XSSs in post gutter and local oneboxes 2016-05-14 00:09:11 +02:00
Neil Lalonde
01b6bc08ba Merge fixes from master 2016-04-07 13:51:05 -04:00
Régis Hanol
a5d8dfb07e FIX: don't hardcode maximum file size 2016-04-06 22:51:28 +02:00
Erick Guan
e09634dbae Add plugin outlets for user stream item and topic list item 2016-04-06 15:03:49 -04:00
Steven Slade
0deea4f7d4 add ability to have post-menu in second position 2016-04-06 14:05:52 -04:00
Steven Slade
b1d04412db altering topic-map widget's like count to show total topic like count 
* altering topic-map widget's like count to display total topic like count rather than the first post's like count

* changing likeCount to topicLikeCount for virtual dom element to show total likes of thread
 2016-04-06 12:49:27 -04:00
Arpit Jalan
d9371ae631 UX: 'login to reply' button should match 'reply to topic' button 2016-04-05 12:56:27 +05:30
Régis Hanol
e4e74c5fbb UX: use 'number' helper when displaying the number of replies in a topic 2016-04-04 11:42:38 +02:00
Régis Hanol
4ab61dfdad UX: hide new button in automatic group since we can't create automatic group 2016-04-04 11:26:58 +02:00
Arpit Jalan
74e7fc8f7e FIX: edit category button on mobile was showing up for moderators even when allow_moderators_to_create_categories was disabled 2016-04-04 14:05:06 +05:30
Arpit Jalan
0e02d24428 FIX: check for confirm value before removing user from PM 2016-04-04 11:56:07 +05:30
Régis Hanol
514d6ede0e FIX: addPosterIcon wasn't working on initial load 2016-04-01 18:25:13 +02:00
Robin Ward
b32d727d95 FIX: Bad auto merge 2016-03-31 17:42:16 -04:00
Neil Lalonde
01d0aeb5a9 merge master 2016-03-31 17:40:54 -04:00
Sam
bd1ca35f8b FIX: pinned picker in IE11 2016-04-01 05:54:36 +11:00
Ionut Staicu
07fb0c4106 Updated ro.js.erb to match romanian plurals 2016-03-30 22:24:33 +03:00
Régis Hanol
2ac38e9d05 show all headers in rejected email details modal 2016-03-30 19:05:42 +02:00
Régis Hanol
bf579174c1 UX: improved user summary page 2016-03-30 18:05:16 +02:00
Sam
d5b63730bc don't bother with register emoji if dialect is missing 2016-03-30 18:10:14 +11:00
Sam
4d71356e52 FIX: quoting a section inside expanded reply misattributed 
1. expand "in reply to"
2. select text
3. quote reply

Was incorrectly attributed to parent post
 2016-03-30 17:38:28 +11:00
Sam
594dc86c40 oops 2016-03-30 11:44:17 +11:00
Sam
fbdd9c0034 FIX: unread and new count not removing deleted topics on the fly 
FIX: unread PMs interfering with unread count
 2016-03-30 11:18:07 +11:00
Neil Lalonde
3e5f2bd1cf FIX: replace reference to Google_oauth2 with Google during signup 2016-03-29 18:08:55 -04:00
Sam
f907b42f0a oops 2016-03-29 19:02:59 +11:00
Sam
95076050f4 FEATURE: warn about mailing list mode if it is checked 2016-03-29 18:50:17 +11:00
Sam
adbc22530c FIX: don't show badges in summary page if badges disabled 2016-03-29 17:12:15 +11:00
Sam
7ab153dac3 FIX: double XHR request when loading more badges 2016-03-29 16:56:29 +11:00
Sam
6bb97dcabb FIX: external hyperlinks broken in badge cards 
also, we were allowing nesting of A tags which is not really allowed
 2016-03-29 16:21:52 +11:00
Sam
7cd56e616b FIX: strip out links from badge titles 2016-03-29 16:21:52 +11:00
Sam
c650c2a16f FIX: regression in badge grant admin page 2016-03-29 07:58:45 +11:00
Robin Ward
b2f402dc04 FIX: Incorrect badge counts when restricted to a username 2016-03-28 15:17:24 -04:00
Arpit Jalan
e29806b9d3 UX: center align exceptions page button on mobile 2016-03-28 22:42:51 +05:30
Sam
fe51f84aa7 FEATURE: allow admins to enter badge long descriptions 
FIX: fallback to description if badge long description is missing

Also moves all badge localization into server.en, this slims the client down

serializers pass down localized names/descriptions/long descriptions
 2016-03-28 18:38:57 +11:00
Jeff Atwood
b3a028acc0 remove built-in support for bbcode size 2016-03-27 09:29:27 -07:00
Arpit Jalan
4648c0ee19 FIX: description for custom badges were not showing up 2016-03-26 09:47:05 +05:30
Guo Xiang Tan
ef6536453b UX: Logs notice close button not positioned properly. 2016-03-26 11:51:11 +08:00
Guo Xiang Tan
8a8d931688 UX: Buttons not positioned within form. 2016-03-26 10:25:33 +08:00
Robin Ward
96b765d1e6 FIX: Broken link 2016-03-25 17:34:09 -04:00
Robin Ward
d493702a90 FIX: For real this time :'( 2016-03-25 16:29:29 -04:00
Robin Ward
4cca4f2f5b FIX: Typo 2016-03-25 16:20:59 -04:00
Robin Ward
83b79a4e1e UX: Show a user's badges as cards 2016-03-25 16:10:38 -04:00
Robin Ward
27c793a990 UX: Show badges as cards on the badges index and show page 2016-03-25 15:33:06 -04:00
Robin Ward
207bf1b339 FIX: Broken Javscript test 2016-03-25 12:54:33 -04:00
Robin Ward
ba10327cc8 FIX: Minor badge page issues 2016-03-25 12:11:39 -04:00
Robin Ward
d7b568f98e REFACTOR: Remove view from badges-show 2016-03-25 12:11:39 -04:00
Robin Ward
d129c61a4a FIX: Badge loading more was stuck 2016-03-25 12:11:39 -04:00
Robin Ward
d1e1a91cb6 FIX: Large widths, weird button floating on badge view 2016-03-24 17:20:49 -04:00