github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-16 03:53:52 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
18,654 Commits 214 Branches 500 Tags 960 MiB
a139e469a7
Commit Graph

2902 Commits

Author SHA1 Message Date
Robin Ward
a139e469a7 SECURITY: Avoid mass assignment on user create 2016-08-05 12:43:50 -04:00
Robin Ward
5d062206db SECURITY: Make sure uploaded_urls have corresponding upload records 2016-07-28 15:41:03 -04:00
Robin Ward
f416634ea0 SECURITY: Cross-Site Scripting in Category and Group Settings 2016-07-28 15:30:53 -04:00
Robin Ward
80834df757 SECURITY: SQL Injection in Admin List Active Users 2016-07-28 15:29:16 -04:00
Robin Ward
90a3cc7f18 SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions 2016-07-28 15:29:05 -04:00
Sam
f319923753 SECURITY: limit route access when using external avatars 2016-07-28 09:04:32 +10:00
Robin Ward
1e241dedad SECURITY: Unapproved, active users should not receive emails 2016-06-16 13:09:47 -04:00
Neil Lalonde
01b6bc08ba Merge fixes from master 2016-04-07 13:51:05 -04:00
Robin Ward
5866f0df18 Remove UserFirst for mention since it can be retrieved elsewhere 2016-04-06 14:01:37 -04:00
Régis Hanol
2b9e8e5a7d Merge pull request #4147 from cpradio/default_top_timeframe 
FIX: Use default top setting when user is return or enough data exists for Top Page Results
 2016-04-06 18:33:56 +02:00
Robin Ward
189d70661e FIX: Don't count emojis within quotes 2016-04-06 12:02:35 -04:00
Robin Ward
ba80ae73be FIX: Broken spec 2016-04-05 16:39:20 -04:00
Robin Ward
64a1a44c4b FIX: Don't create user first records on private posts 2016-04-05 16:13:10 -04:00
Robin Ward
c30d327b77 FEATURE: Two new badges - First Emoji and First Mention 2016-04-05 15:17:41 -04:00
Neil Lalonde
56e47c8d7e FEATURE: report on admin dashboard when favicon is failing to load 2016-04-05 14:42:32 -04:00
cpradio
c5bb1d1cfe Return default top setting as part of best_periods_for to see if it can be used 2016-04-05 14:27:18 -04:00
Régis Hanol
d402a45781 FIX: hitting '/t/:id/posts.json' should return the first page of posts 2016-04-05 19:12:14 +02:00
Régis Hanol
f382897952 FIX: don't extract link with 'mailto' scheme 2016-04-05 00:43:11 +02:00
Neil Lalonde
01d0aeb5a9 merge master 2016-03-31 17:40:54 -04:00
Arpit Jalan
41208b99a1 FEATURE: RSS feed for user posts and topics 2016-03-31 20:24:05 +05:30
Arpit Jalan
094f7a73d5 FIX: allow post editing but do not allow ninja edit for active flagged post 2016-03-31 00:11:08 +05:30
Arpit Jalan
6f0137dec9 FEATURE: disable post editing when the post has active flag 2016-03-30 23:28:49 +05:30
Sam
aae835a42f FIX: all badges got revoked due to ensure consistency query 2016-03-29 23:54:18 +11:00
Sam
418bc4a844 FIX: when ensuring consistency also delete orphan badges 2016-03-29 16:41:03 +11:00
Sam
fe51f84aa7 FEATURE: allow admins to enter badge long descriptions 
FIX: fallback to description if badge long description is missing

Also moves all badge localization into server.en, this slims the client down

serializers pass down localized names/descriptions/long descriptions
 2016-03-28 18:38:57 +11:00
Guo Xiang Tan
6d64b6d39f FIX: Query for category hashtag should be case sensitive. 2016-03-28 11:15:10 +08:00
Jeff Atwood
9cc41dea7f modernize user agent "is mobile" test strings 2016-03-27 10:28:18 -07:00
Guo Xiang Tan
9a5ded48cf FIX: Return a proper error message when sync sso fails. 2016-03-26 13:30:15 +08:00
Arpit Jalan
64feffbb60 FEATURE: site setting for suppressing categories from digest email 2016-03-26 01:06:03 +05:30
Neil Lalonde
fd853e0776 FIX: error when sending a private message to a group in some cases 2016-03-23 16:20:31 -04:00
Régis Hanol
39863953cd new 'enable_staged_users' site setting 2016-03-23 18:56:03 +01:00
Robin Ward
4180e207c3 FIX: Crazy large ids should not raise exceptions 2016-03-23 12:13:47 -04:00
Sam
c095304d6d FEATURE: limit daily emails per user to 100 per day via site setting 
- controlled via max_emails_per_day_per_user, 0 to disable
- when limit is reached user is warned
 2016-03-23 15:08:48 +11:00
Sam
d09a20210b correct bad spec 2016-03-22 14:50:12 +11:00
Sam
f9e5c49350 FIX: blue notification instead of green for replies/mentions in PMs 2016-03-22 14:28:14 +11:00
Régis Hanol
afacc70fbe improve error message when trying to change email address to one used by a staged user 2016-03-21 19:36:26 +01:00
Arpit Jalan
34469e725b FEATURE: separate API endpoints for public and private posts 2016-03-21 18:21:15 +05:30
Robin Ward
b4f306ce03 FEATURE: Site Customizations can use the plugin api 2016-03-18 14:41:48 -04:00
Arpit Jalan
bd83cf7f4c FEATURE: add group posts and mentions RSS 2016-03-18 22:29:10 +05:30
Robin Ward
5d4ee2ca1d FEATURE: Warn a user when they have few likes remaining 2016-03-18 11:30:29 -04:00
Robin Ward
1fba835d4f FIX: Use a logging table for daily likes given. Use it for badges. 2016-03-18 11:18:54 -04:00
Régis Hanol
f15d463eb8 FIX: user 'UserBlocker' when blocking a new user 2016-03-18 12:16:37 +01:00
Sam
77242e4680 FEATURE: in:pinned and in:unpinned search filters 2016-03-18 16:26:54 +11:00
Sam
c2fa314684 test username actually changes 2016-03-18 12:32:09 +11:00
Sam
180888c020 Merge pull request #4087 from jeremylan/bug_40489 
Fixed anonymizer when 'full name required' setting is on
 2016-03-18 12:29:51 +11:00
jeremylan
1c7a0cb514 Updated test to check for Site Setting full_name_required 
Added context and new test to check for correct user anonymizing depending on full_name_required Site Setting
 2016-03-18 09:43:48 +11:00
Régis Hanol
03a1aa0000 SECURITY: only add elided part of email in PM 2016-03-17 23:10:46 +01:00
Neil Lalonde
213950e4cf FEATURE: add option to include topics from trust level 0 users in digest emails 2016-03-17 17:35:23 -04:00
Sam
0ea20f2d77 mock was causing spec to fail 2016-03-17 15:46:16 +11:00
Sam Saffron
433fa74d87 FIX: ensure consistency of user options 
Edge case during upgrade can cause accounts registered after migration
prior to restart to have missing user option records
 2016-03-17 10:03:56 +11:00