Commit Graph

24 Commits

Author SHA1 Message Date
Robin Ward
069d358c80 FIX: Allow avatar downloads to follow redirects 2019-10-28 11:30:21 -03:00
Roman Rizzi
3a73f29928 FIX: Rate limit and hijack certificate generation. (#8215)
To eliminate a DDOS attack vector, we're taking the following measures:

The endpoint will be rate-limited to 3 requests every 60 seconds (per user).
A 24 hours max-age cache header is sent with the response.
The route will be hijacked to generate the certificate in the background.
2019-10-22 15:39:58 -03:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Robin Ward
c719658f9f human? helper method on a user
This is cleaner than hard coding `id > 0` in ruby code.
2019-02-08 13:34:54 -05:00
Penar Musaraj
3c5fbd3ce1 FIX: do not send welcome message to staged users 2019-01-30 18:03:16 -05:00
Gerhard Schlager
fbd92916e5 FIX: Narrative bot should ignore action on deleted post 2018-12-21 17:43:52 +01:00
Guo Xiang Tan
07d07c7b5f FIX: Make Discobot certificate route require login. 2018-08-20 11:22:59 +08:00
Sam
8b88b71309 Attempt very aggressively to clear cache 2018-06-07 20:10:52 +10:00
Sam
3291f2c0eb move plugin fixture to the front of the queue 2018-06-07 19:56:07 +10:00
Jeff Wong
19605e8b0b Feature: Hide plugins that ship with core from plugins panel 2018-05-15 15:50:17 -07:00
Sam
ff6b47b0cf In development mode narrative bot breaks reload 2018-03-23 12:58:56 +11:00
Gerhard Schlager
d9515c37b3 FIX: Show message from discobot when staged user signs up 2018-01-25 14:58:43 +01:00
Guo Xiang Tan
442d4bff85 Add onceoff job to remap bot images link.
https://meta.discourse.org/t/discobot-tutorial-broken-elipsis-and-bookmark-png-images-appear-to-be-missing-on-my-site/73294/12
2017-11-07 23:36:59 +08:00
Sam
7ca08216bd FIX: ensure we have no dangling db connections on threads
This correct 10 second timeouts in dev mode, when reloader kicks in
2017-10-30 14:24:15 +11:00
Robin Ward
838568cbc3 Refactor flag types for more customization 2017-10-19 13:55:23 -04:00
Guo Xiang Tan
6cb29e3e20 Remove custom symlinks in discourse-narrative-bot. 2017-10-10 13:46:58 +08:00
Guo Xiang Tan
23b787e0a6 Require dependency otherwise it causes Sidekiq to lock up in development. 2017-09-25 13:48:59 +08:00
Guo Xiang Tan
77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Guo Xiang Tan
e888369f51 UX: Don't send emails for discobot notifications. 2017-06-12 17:00:27 +09:00
jomaxro
dbaf7ad052 Add missing URL 2017-06-08 00:14:20 -04:00
Guo Xiang Tan
edbb876d1b FIX: Discobot welcome post delay should start counting when a user logs in. 2017-06-01 21:02:29 +09:00
Guo Xiang Tan
ae5cc217cd Avoid monkey patching which causes weird reloading error in dev. 2017-06-01 12:06:25 +09:00
Guo Xiang Tan
7f0561b621 Merge discourse-narrative-bot into core plugins. 2017-05-24 15:28:34 +08:00