Commit Graph

18702 Commits

Author SHA1 Message Date
Maja Komel
2fcbbead45 FIX: move sso provider into its own class so it doesn't interfere with sso client (#6767) 2018-12-19 10:22:10 +01:00
Bianca Nenciu
2eefe6d5d6 FIX: Use CDN for logos and icons. (#6698) 2018-12-19 10:20:48 +01:00
Kris
41e06efb94 Adding padding to mobile that was removed in 3710b016 2018-12-18 22:20:02 -05:00
Kris
3710b01660 Header was 16px too narrow due to border-box and padding 2018-12-18 20:38:43 -05:00
Kris
5b9c1bcf59 User page button style fix 2018-12-18 20:36:42 -05:00
Neil Lalonde
6774b64aef FEATURE: add /conduct as an alias for /guidelines 2018-12-18 16:40:24 -05:00
Vinoth Kannan
9c6f77f9da DEV: Remove the unique_searches column from select query 2018-12-19 02:45:48 +05:30
Robin Ward
6080e3a2c0 FIX: Broken spec 2018-12-18 14:55:09 -05:00
Robin Ward
662cfc416b FEATURE: Show a blurry preview when lazy loading images
This generates a 10x10 PNG thumbnail for each lightboxed image.
If Image Lazy Loading is enabled (IntersectionObserver API) then
we'll load the low res version when offscreen. As the image scrolls
in we'll swap it for the high res version.

We use a WeakMap to track the old image attributes. It's much less
memory than storing them as `data-*` attributes and swapping them
back and forth all the time.
2018-12-19 01:57:30 +08:00
Robin Ward
e593d68beb Use an options hash instead of boolean parameters 2018-12-19 01:57:30 +08:00
Rishabh
c279792130 FIX: Allow sending test e-mails to any email address when disable_email is set to non-staff (#6792) 2018-12-18 16:12:05 +01:00
Gerhard Schlager
32784ad11a FIX: Disable multipart backup uploads to S3
Multipart upload from within the browser result in corrupt files on S3.
2018-12-18 16:01:15 +01:00
Gerhard Schlager
081aa6ad2b UX: Use new FA5 icons on Backups tab 2018-12-18 16:01:14 +01:00
Vinoth Kannan
a313b01148 DEV: raise error if search term length is less than required 2018-12-18 20:06:59 +05:30
Vinoth Kannan
341a6bd78a
REFACTOR: Calculate CTR in SearchLog model and hide unique column (#6791) 2018-12-18 19:13:46 +05:30
Maja Komel
98d09c90ac Current user serializer groups (ef7f84b follow-up) 2018-12-18 09:05:45 +01:00
Kris
2a518c88d0 Prevent bullet badge from shrinking/growing as flex item 2018-12-17 21:05:32 -05:00
Kris
7d7b6baab9 Topic-list category width restriction no longer needed 2018-12-17 21:01:04 -05:00
Vinoth Kannan
ece44a44f8 UX: Change default date range of dashboard trending search report to a month 2018-12-18 03:00:30 +05:30
Bianca Nenciu
f0027961c7 FIX: Properly reset controller of admin-user-index. (#6760) 2018-12-17 15:28:29 +01:00
Bianca Nenciu
1023003eba FIX: Strip remote url before import. (#6762) 2018-12-17 15:27:49 +01:00
Joffrey JAFFEUX
22cea9ce90
FIX: adusts select-kit position even if not expanded (#6785) 2018-12-17 12:29:51 +01:00
Joffrey JAFFEUX
6ee3900791
FIX: ensures nothing is triggering rendering loop in after render (#6784) 2018-12-17 12:15:03 +01:00
Gerhard Schlager
1a8ca68ea3 FEATURE: Improve backup stats on admin dashboard
* Dashboard doesn't timeout anymore when Amazon S3 is used for backups
* Storage stats are now a proper report with the same caching rules
* Changing the backup_location, s3_backup_bucket or creating and deleting backups removes the report from the cache
* It shows the number of backups and the backup location
* It shows the used space for the correct backup location instead of always showing used space on local storage
* It shows the date of the last backup as relative date
2018-12-17 11:35:11 +01:00
Maja Komel
040ddec63d Fix avatar flair styles 2018-12-17 10:44:34 +01:00
Guo Xiang Tan
c0aae16f6b FIX: Clear anon cache when disabling readonly mode.
`SiteSerializer#is_readonly` is cached for an anonymous user so we have
to clear the cache when disabling readonly mode. Otherwise, the site may
appear to be in readonly mode for an extended period of time.
2018-12-17 17:27:44 +08:00
Saurabh Patel
ed1a309fe4 FIX: use new key for delete topic to make it lowercased as all other buttons label around it (#6778) 2018-12-17 10:55:19 +08:00
Joffrey JAFFEUX
d803dfc14a
FIX: makes more resilient select-kit positioning (#6776) 2018-12-15 16:23:23 +01:00
Kris
6213e020e6 Improving usercard badge alignment 2018-12-14 22:16:18 -05:00
Guo Xiang Tan
e9ea0102a5 FIX: Consistency about our response for invalid user id in Admin::UsersController. 2018-12-15 08:01:35 +08:00
Neil Lalonde
ef0e84e3d9 FIX: clear the site_contact_username setting if the user's staff privileges are revoked 2018-12-14 16:52:44 -05:00
David Taylor
1960236822
FIX: Suspicious login detection (#6772) 2018-12-14 16:30:34 +00:00
David Taylor
9f3e2a9e34
FIX: Only serialize group membership domains for administrators (#6771) 2018-12-14 15:47:00 +00:00
Penar Musaraj
a19f69590a DEV: add "topic-list-before-relative-date" plugin outlet 2018-12-14 10:39:22 -05:00
Kris
2f70bd83a3 Increase contrast of pinned excerpt for dark themes 2018-12-14 10:04:44 -05:00
Joffrey JAFFEUX
03014b0d05
FEATURE: adds security tab to dashboard (#6768)
This commit also includes the new staff_logins report
2018-12-14 13:47:59 +01:00
Maja Komel
9f89aadd33 FIX: delete all posts in batches without hijack (#6747) 2018-12-14 11:04:18 +01:00
Guo Xiang Tan
05104600ea FIX: Incorrect translation key on admin search logs. 2018-12-14 17:12:33 +08:00
Kris
6553744e50 Fixing topic status alignment in search 2018-12-13 21:49:43 -05:00
Kris
6cbcd58603 Lighten lazyload placeholder background 2018-12-13 15:38:33 -05:00
Joffrey JAFFEUX
afdd244486
UX: removes superfluous posters column header (#6765) 2018-12-13 21:29:00 +01:00
Kris
60189e8c92 Mobile alignment fixes 2018-12-13 15:26:52 -05:00
Joffrey JAFFEUX
bcf4a17751
FIX: apply original margin-bottom to fix position placeholder (#6764) 2018-12-13 18:21:12 +01:00
Joffrey JAFFEUX
5cb99d08ed
FIX: define actions on connector class early (#6763)
This would prevent failure with connectors templates defining actions as closures. In this case action existence is checked at compile time and not runtime.
2018-12-13 15:43:30 +01:00
Joe
8ef2085585
UX: increase selector specificity so that "inline" lightboxes in quotes don't get backgrounds
When a quote is not expanded and it contains lightboxes, those lightboxes are not displayed and instead we show a link that looks like this `[image_title]` 

These still have the lightbox CSS class and so they still get the backgrounds we add to lightboxes while they load. Increasing the selector specificity prevents that from happening.
2018-12-13 15:17:08 +08:00
Sam
7ee9a6a7ec SECURITY: do not delete avatars uploads when deleting accounts
We rely on the clean up uploads job to do this safely
2018-12-13 16:26:07 +11:00
Sam
f74ef71130 DEV: add transaction and active check to invalidate job
Follows up on 3b76f19668 this per @tgxworld a transaction makes sense here

Very minor
2018-12-13 14:59:56 +11:00
Sam
94b8ba4f8f FIX: remove slow platform detection from server side
Historically due to https://meta.discourse.org/t/why-is-discourse-so-slow-on-android/8823
we decreased page sizes of both home page and topic page on android by half.

This was done on the server side and as a side effect and caused page sizes on android
to mismatch between Android and non Android.

Unfortunately about a year ago googlebot started pretending it is Android,
this cause Google to start indexing pages as what android would see. So
it saw double the amount of pages in the index as what exists on desktop.
This in turn caused double the amount of indexing work and a large amount
of broken links on long topics.

This fix removes all special behavior which is no longer needed due to
other performance work in Discourse including raw handlebars on home page
and virtual dom on topic pages.

I tested we do not need this on Blu Advance 5.0 it has 1.3 GHZ mediatec mt6580
This phone retails for around $50 USD.

If we decide long term that we want any hacks like this we will shift them
to the client side. It can just hold data in memory without rendering.
2018-12-13 13:57:05 +11:00
Kyle Zhao
92df7b212c rename visible to visibleSiteSettings 2018-12-13 13:00:13 +11:00
Kyle Zhao
c9279a118e FIX: always show filtered site settings 2018-12-13 13:00:13 +11:00
Neil Lalonde
3b76f19668 FIX: invalidating inactive admin emails should mark them as not active 2018-12-12 17:07:49 -05:00
Neil Lalonde
a1db15fead FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-12 15:32:38 -05:00
Maja Komel
dbbadb5c35 FEATURE: add short_site_description setting to be included in title tag on homepage 2018-12-12 11:46:58 +01:00
Joffrey JAFFEUX
793f1274d1
FIX: makes charts more resilient to resizing (#6758) 2018-12-12 11:11:56 +01:00
Joffrey JAFFEUX
3a799ed922
FEATURE: Check if draft exists before starting a new one (#6755)
Co-Authored-By: Bianca Nenciu <nbianca@users.noreply.github.com>
Co-Authored-By: zogstrip <regis@hanol.fr>
2018-12-12 10:21:51 +01:00
Sam
0ca61242b8 FEATURE: polyfill intersection observer for IE11 / iOS Safari
This feature is used for defer loading of images and in future for post cloaking

This gives us a polyfill so we can safely use the feature in problem browsers

The polyfill supports "polling" but it does not appear we need it yet.

If we discover anything odd here, consider setting poll interval per:

https://github.com/w3c/IntersectionObserver/tree/master/polyfill

```
var io = new IntersectionObserver(callback);
io.POLL_INTERVAL = 100; // Time in milliseconds.
```

Keeping the mutation observer cause we often mutate the DOM
2018-12-12 15:36:08 +11:00
Kris
6d353a1e47 Alignment & spacing fix for quote controls 2018-12-11 21:17:31 -05:00
Guo Xiang Tan
86926f4aee DEV: Let create! handle the check for persistence.
This is unlikely to fail but we want to know when it does.
2018-12-12 08:36:13 +08:00
Robin Ward
6797a710aa FEATURE: Lazily Load Images as they scroll into the viewport.
This feature uses the Intersection Observer API

https://developer.mozilla.org/en-US/docs/Web/API/Intersection_Observer_API

It should be compatible with all modern browsers. Non-Edge IE is *NOT*
supported, so in that particular browser images are loaded by default.
2018-12-12 10:12:49 +11:00
Jeff Wong
5358f25fc6 FIX: Support RTL languages in header menu 2018-12-11 10:33:56 -08:00
Jeff Wong
d2569f8e77 make linter happy 2018-12-11 09:41:40 -08:00
David Taylor
0f734e2ae2 FIX: Return authenticated=true when reconnecting
This prevents a registration popup on the client
2018-12-11 17:40:02 +00:00
Jeff Wong
71d8807fec
Full height swipe-able menus (#6566)
* Feature: Full height swipe enabled menus

support pan events on iphone
2018-12-11 09:15:20 -08:00
Gerhard Schlager
688755baf2 DEV: Improve specs and handle invalid email token
Follow-up to 7977b09025
2018-12-11 18:04:10 +01:00
Kris
8c227715ae $primary-high contrast reduction for dark themes 2018-12-11 10:08:00 -05:00
Kris
4cc0a3503b Adding space between badges for medium-sized viewports 2018-12-11 09:45:49 -05:00
David Taylor
c7c56af397
FEATURE: Allow connecting associated accounts when two-factor is enabled (#6754)
Previously the 'reconnect' process was a bit magic - IF you were already logged into discourse, and followed the auth flow, your account would be reconnected and you would be 'logged in again'.

Now, we explicitly check for a reconnect=true parameter when the flow is started, store it in the session, and then only follow the reconnect logic if that variable is present. Setting this parameter also skips the 'logged in again' step, which means reconnect now works with 2fa enabled.
2018-12-11 13:19:00 +00:00
Maja Komel
2ee2e5c981 UX: fix cropped image thumbnails 2018-12-11 12:23:39 +01:00
David Taylor
3fedb2ad20 DEV: Style and performance improvements
Follow-up from 9db8291
2018-12-11 09:58:20 +00:00
Sam
671469bcc7 FIX: URLs containing two # would fail to work
Some URLs in browsers are non compliant and contain twos `#` this commit adds
special handling for this edge case by auto encoding any fragments containing `#`
2018-12-11 18:03:13 +11:00
Sam Saffron
bb4ef644bf UX: reduce show dismiss.. at top of unread/new to 15
Previously we would require 30 unread or new topic to show the button at the top.
2018-12-11 14:11:54 +11:00
Gerhard Schlager
7977b09025 FEATURE: Activate users invited via email when invite is redeemed
Do not send an activation email to users invited via email. They
already confirmed their email address by clicking the invite link.
Users invited via link will need to confirm their email address before
they can login.
2018-12-11 00:09:53 +01:00
Kris
73d2fc194d UX: More consistent category lock and topic-status styles 2018-12-10 16:06:26 -05:00
David Taylor
071bd15463 FIX: Redirect to default homepage when visiting /login
Previously this was hard-coded to redirect to `/latest`
2018-12-10 15:39:05 +00:00
Maja Komel
ef7f84b59b Add groups to current user serializer (#6748) 2018-12-10 16:23:29 +01:00
David Taylor
9db829134c
FIX: Use database to persist metadata during social registration (#6750)
Previously was using the cookie_store, which is limited to 4kb. This caused issues for providers sending large volumes of metadata about a user.
2018-12-10 15:10:06 +00:00
Joffrey JAFFEUX
e06a8980fb
FIX: category-drop initial state was incorrect (#6743) 2018-12-10 14:05:00 +01:00
Penar Musaraj
7f361a546e UX: Add styling for updated twitter status icons in onebox
Minor adjustments needed by onebox version 1.8.69
2018-12-09 21:58:02 -05:00
Kris
c84b837d50 category badge alignment fix 2018-12-08 22:33:11 -05:00
Gerhard Schlager
0f41770547 Make Danger happy by running prettier 2018-12-08 02:59:09 +01:00
Kris
050c02228e UX: Globally dim categories slightly 2018-12-07 20:01:38 -05:00
Penar Musaraj
67450ba402 UX: when composer is minimized, let user open composer in regular size instead of full screen 2018-12-07 17:45:13 -05:00
Jeff Wong
ccd80a8b14 update png assets for push notification images 2018-12-07 14:00:39 -08:00
Kris
b26d0f20cc Fixing slight misalignment of login/signup buttons 2018-12-07 13:56:54 -05:00
Kris
d16a4b895f only dim categories, not all topic stats per 547eaa6 2018-12-07 13:35:57 -05:00
Kris
98c18f8349 button and alignment fixes for mobile user page 2018-12-07 12:34:37 -05:00
Kris
547eaa6060 UX: Dim visited post info along with title 2018-12-07 11:09:56 -05:00
Rafael dos Santos Silva
efec2db859 FEATURE: Web Share Target Support
This adds a **very basic** support for share to Discourse.

Currently, this is only supported in Android + Chrome 71+.

After installing a Discourse site to the Home Screen, you will be
able to share from anywhere in the OS to the Discourse site.

Discourse will use the title and text from the share event.
2018-12-07 13:48:09 -02:00
David Taylor
160d29b18a
REFACTOR: Migrate TwitterAuthenticator to use ManagedAuthenticator (#6739)
No changes to functionality. TwitterAuthenticator goes from 136 lines to 24, and all twitter-specific logic elsewhere has been deleted 🎉
2018-12-07 15:39:06 +00:00
Saurabh Patel
9e3143445b DEV:add uploaded_meta option in category for category meta image (#6724) 2018-12-07 16:24:07 +01:00
David Taylor
f7ce607e5d
FIX: Return 422 instead of 500 for invalid SSO signature (#6738) 2018-12-07 15:01:44 +00:00
David Taylor
5e09398c5b
FIX: Do not serialize user fields unless they are specified for display (#6736) 2018-12-07 10:57:28 +00:00
Sam
8e307e633e FIX: posts would not auto rebake unless gravatar download was enabled 2018-12-07 17:03:22 +11:00
Kris
031c252cd3 Slight alignment follow-up to db32d29 2018-12-06 20:01:38 -05:00
Kris
db32d29eaa UX: Refactoring topic statuses for consistent icon sizes & colors 2018-12-06 19:22:04 -05:00
Penar Musaraj
06d1b19ca2 FIX: Refactor lightbox mobile icon
- Fixes a performance issue on a site with lots of images in posts

- turns out that "filter: invert(100%)" performs very poorly on Safari/iPhone

- also disables transition on the element on mobile
2018-12-06 15:32:26 -05:00
Kris
b54b4d05c5 UX: improve code highlighting diffs for dark themes 2018-12-06 10:54:30 -05:00
Gerhard Schlager
4300ac0f4a UX: Show smaller Emojis within some HTML elements 2018-12-06 15:13:16 +01:00
Xiao Guan
7ec124fc89 FEATURE: Improved deprecation warnings (#6722)
* FEATURE: Discourse.deprecate can report version

* Ember counterpart for deprecation
2018-12-06 11:38:01 +00:00
Maja Komel
1d649e147b FEATURE: show avatar flair on group, badges and directory pages (#6732) 2018-12-06 12:18:52 +01:00
Gerhard Schlager
43cfdb1cb9 FIX: Wizard tries harder to find existing Welcome Topic
The wizard searches for:

* a topic that with the "is_welcome_topic" custom field
* a topic with the correct slug for the current default locale
* a topic with the correct slug for the English locale
* the oldest globally pinned topic

It gives up if it didn't find any of the above.
2018-12-06 10:27:22 +01:00
Guo Xiang Tan
27c793a192 FIX: `UserNotificationsHelper#logo_url' to work with S3 based uploads.
https://meta.discourse.org/t/digest-logo-not-working/103255
2018-12-06 09:39:08 +08:00
Guo Xiang Tan
dcf9c6da59 DEV: Don't publish post messages to non-human users. 2018-12-06 08:24:13 +08:00
Kris
a88f931d6f UX: Moving categories under topic title in topic list, removing category column (#6731)
* Starting to remove category column from topic list

* stacked nav alignment adjustment

* Revert "stacked nav alignment adjustment"

This reverts commit 98800c7058.

* remove comment

* removing function
2018-12-05 16:12:26 -08:00
Bianca Nenciu
a8e8473ea5 DEV: Apply code review. 2018-12-05 21:58:55 +01:00
Bianca Nenciu
79d987e483 FEATURE: Show autocomplete when enable_inline_emoji_translation is true. 2018-12-05 21:58:55 +01:00
Bianca Nenciu
e9bbdef156 FEATURE: Add support for inline emoji translation. 2018-12-05 21:58:55 +01:00
Bianca Nenciu
0c88052641 UX: Wrap pre element. 2018-12-05 21:56:18 +01:00
Bianca Nenciu
b585f7f336 DEV: Apply code review. 2018-12-05 21:56:18 +01:00
Bianca Nenciu
56890efd7a FEATURE: Add 'Advanced Test' for admin panel. 2018-12-05 21:56:18 +01:00
Bianca Nenciu
1a4f592749 FIX: Always allow admins upload selectable avatars. 2018-12-05 21:55:23 +01:00
Régis Hanol
aea2d8bbeb FIX: properly secure poll message bus
Co-authored-by: Sam <sam.saffron@gmail.com>
2018-12-05 21:27:49 +01:00
David Taylor
8aff99761a FIX: Ignore query parameters when displaying counter on internal links
This matches the server-side behaviour, so that the links display counters correctly
2018-12-05 18:29:54 +00:00
David Taylor
a1d9aeda8b REFACTOR: split TopicLink#extract_from into multiple methods
Also rename some confusing variables
2018-12-05 18:54:30 +01:00
David Taylor
37249c9a32 FIX: Do not reset link counts when post is rebaked
This was an indentation mistake introduced in 44eba0b. Pretty understandable, considering we are indented 8 levels deep in this method. Will follow-up with a refactor to improve this.
2018-12-05 18:54:30 +01:00
Guo Xiang Tan
978f0db109 SECURITY: Require groups to be given when inviting to a restricted category. (#6715) 2018-12-05 16:43:07 +01:00
Vinoth Kannan
57ba4b7cb2
DEV: remove unnecessary safe nav operators (#6730) 2018-12-05 20:07:18 +05:30
Kyle Zhao
97e6e3b133 DEV: duplicate and unreachable code after return 2018-12-05 09:17:20 -05:00
Vinoth Kannan
fb78414229 Add missing safe navigation operator 2018-12-05 16:23:43 +05:30
Vinoth Kannan
d33d031742
FEATURE: Filter topic and post web hook events by tags (#6726)
* FEATURE: Filter topic and post web hook events by tags

* Add a spec test with unmatched tags
2018-12-05 14:44:06 +05:30
Sam
82e45f5485 FIX: method extraction caused push notifications to include incorrect post
Previously the push notification code path was not tested for notification
collapsing. This happens if you get multiple replies to a topic you are
watching.
2018-12-05 16:40:10 +11:00
Vinoth Kannan
ec26a59eac FIX: variable name typo in subcategory image 2018-12-05 10:41:06 +05:30
Kris
e0aac75607 Restrict width of category heading to prevent mobile overflow 2018-12-04 19:01:27 -05:00
Kris
28ddaf80d2 Adding max-width to category logos 2018-12-04 13:01:27 -05:00
Régis Hanol
3c9c95ac83 Update Rubocop to 0.60 2018-12-04 10:48:16 +01:00
Joe
72bd388ff7
UX: truncate long topic tiles to prevent badges and date from wrapping 2018-12-04 15:27:23 +08:00
Sam
aa97f6fdba FEATURE: disable notifications for small actions that are whispers
Previously we would notify on small actions if they were whispers
this inconsistently lead to all sorts of problems including

- collapsed "N replies" after assign
- empty push notifications

New behavior adds an api to explicitly send push notifications as well
if needed: create_notification_alert
2018-12-04 17:54:42 +11:00
Sam
5c17e46274 FEATURE: allow advanced specification of excerpts for posts
Previously users could control excerpt with `<span class='excerpt'>`
in Markdown, this is somewhat limited for plugins that need to define this
across a section. This adds support for DIV as well
2018-12-04 15:13:34 +11:00
David Taylor
9248ad1905 DEV: Enable Style/SingleLineMethods and Style/Semicolon in Rubocop (#6717) 2018-12-04 11:48:13 +08:00
Penar Musaraj
56948896ff UX: replace FA5 compress/expand icons
Adds a new SVG sprite file that contains non-FontAwesome 5 icons to our subset.

Adds the FontAwesome 4.7.0 icons for expand / collapse.
2018-12-03 22:29:20 -05:00
Penar Musaraj
923692d45a FIX: tooltip regression in admin dashboard
- adds registerHoverTooltip in tooltip qunit test
2018-12-03 11:15:31 -05:00
Penar Musaraj
f8e6a37858 FIX: raise exception when getting dimensions of missing image
- follow-up on 0eacd45ab1
2018-12-03 10:19:49 -05:00
Maja Komel
142361d6da FIX: don't steal focus when text in editor is replaced (#6712) 2018-12-03 09:49:17 +01:00
Guo Xiang Tan
125bb46052 Remove unused constant in the codebase. 2018-12-03 11:04:47 +08:00
Sam
cc04c86859 UX: do not restrict width of category image, only height
This was a recent visual regression which caused a fair amount of pain.
Previously we only restricted height
2018-12-03 09:35:16 +11:00
Sam
236c755d62 FIX: do not store key tracking last seen time indefinitely
UserStat has some special logic to keep adding time read if repeat calls
are made in intervals less than 100 seconds. This is called regularly
when we update read timings on a topic.

We only need to cache this key in redis for 100 seconds, however previously
we would keep it forever, 1 key per user. This has potential of bloating
a very large amount of keys for no longer active users in redis.
2018-12-03 08:35:26 +11:00
Kris
26e9b628b8 post-infos alignment fix 2018-11-30 21:31:36 -05:00
Kris
a113777003 Extra margin isn't needed on mobile 2018-11-30 19:49:26 -05:00
Penar Musaraj
bbd33de05b FIX: lightbox expand icon on mobile 2018-11-30 14:35:45 -05:00
Kyle Zhao
488fba3c5f
FEATURE: allow plugins and themes to extend the default CSP (#6704)
* FEATURE: allow plugins and themes to extend the default CSP

For plugins:

```
extend_content_security_policy(
  script_src: ['https://domain.com/script.js', 'https://your-cdn.com/'],
  style_src: ['https://domain.com/style.css']
)
```

For themes and components:

```
extend_content_security_policy:
  type: list
  default: "script_src:https://domain.com/|style_src:https://domain.com"
```

* clear CSP base url before each test

we have a test that stubs `Rails.env.development?` to true

* Only allow extending directives that core includes, for now
2018-11-30 09:51:45 -05:00
Penar Musaraj
7dec963f2e FIX: add vkontakte icon alias 2018-11-30 08:50:38 -05:00
David Taylor
208005f9c9 REFACTOR: Migrate FacebookAuthenticator to use ManagedAuthenticator
Changes to functionality
  - Removed syncing of user metadata including gender, location etc.
    These are no longer available to standard Facebook applications.
  - Removed the remote 'revoke' functionality. No other providers have
    it, and it does not appear to be standard practice in other apps.
  - The 'facebook_no_email' event is no longer logged. The system can
    cope fine with a missing email address.

Data is migrated to the new user_associated_accounts table.
facebook_user_infos can be dropped once we are confident the data has
been migrated successfully.
2018-11-30 11:18:11 +00:00
David Taylor
534e1b1b18 DEV: Introduce Auth::ManagedAuthenticator
A generic implementation of Auth::Authenticator which stores data in the
new UserAssociatedAccount model. This should help significantly reduce the duplicated
logic across different auth providers.
2018-11-30 11:18:11 +00:00
Arpit Jalan
059e36a6ff FIX: log name changes only when the name is actually updated 2018-11-30 15:30:46 +05:30
Guo Xiang Tan
eecd1a7d8c FIX: Jobs::CleanUpUploads fails when value of upload data_type is an empty string. 2018-11-30 10:46:39 +08:00
Penar Musaraj
0eacd45ab1 FIX: refactor ImageSizer.resize
reverts 140d9c2
2018-11-29 15:28:45 -05:00
Penar Musaraj
140d9c2910 FIX: call ImageSizer only if width/height are available 2018-11-29 15:03:02 -05:00
Arpit Jalan
40f10855c6
FIX: defer flags (only) when handling a flag and deleting replies (#6702) 2018-11-29 22:44:18 +05:30
Maja Komel
4a8f21d387 FIX: prevent minimum_required_tags on category being set to null (#6703)
* FIX: prevent minimum_required_tags on category being set to null

* add migration for NOT_NULL constraint for minimum_required_tags

* add specs
2018-11-29 18:10:14 +01:00
Penar Musaraj
5b6c1b1670 SCSS refactoring
followup on c388cac
2018-11-29 12:02:11 -05:00
Joffrey JAFFEUX
4f24d7dec8
FIX: more resilient whisper state between composer states (#6687) 2018-11-29 16:16:34 +01:00
Joffrey JAFFEUX
8da8f5d0f7
FIX: call onSelect plugin callbacks for noop rows (#6682) 2018-11-29 15:56:19 +01:00
Joffrey JAFFEUX
4c7dfed32e
FIX: error with tags enabled and no tags created (#6701) 2018-11-29 10:39:09 +01:00
Guo Xiang Tan
ffdacba219 Remove extra apple-touch-icon link in head.
The sizes attribute does not make a difference because both
image provided is of the same size.
2018-11-29 15:24:52 +08:00
Vinoth Kannan
5db50d6cdc UX: Use aspect ratio to calculate width and height precisely
Followup on 1da265d
2018-11-29 09:32:03 +05:30
Penar Musaraj
c388cacb81 UX: Style group flair in /groups same as in topic avatars 2018-11-28 16:02:49 -05:00
Penar Musaraj
6568832235 FIX: map discord/patreon FA5 icons for login buttons correctly 2018-11-28 14:36:36 -05:00
Kris
6027e7ba3d FIX: Restrict logo width for small screens 2018-11-28 13:27:56 -05:00
Saurabh Patel
55945ec7c8 FIX: throw error when link in reason for grant badge is an external link (#6690) 2018-11-28 18:01:41 +01:00
Gerhard Schlager
e7b76b319a FEATURE: Setting for short title used by Android on homescreen 2018-11-28 14:59:30 +01:00
Saurabh Patel
49c3cf9c75 UX: Topic stats were hard to translate 2018-11-28 14:25:22 +01:00
Arpit Jalan
851ef14096 Revert "FIX: do not agree flags by default when deleting posts"
This reverts commit cb6fc8057b.
2018-11-28 10:21:11 +05:30
Arpit Jalan
654d7996ae FIX: title was repeating on about page 2018-11-28 08:06:14 +05:30
Sam
912a7105d2 DEV: polyfill Object.values and use where needed
We now have polyfills for `values` IE and `entries` IE

This commit uses values where appropriate to eliminate an extra lookup
This simplifies the code a bit.

Followup to: 7f089f07a7
2018-11-28 10:07:05 +11:00
Sam
3cb88bc566 DEV: Run file through prettier
We only alert on .js.es6 this is a js file so it is bypassed
2018-11-28 10:03:54 +11:00
Arpit Jalan
bdb1268528 FIX: static page title should be consistent on client side and server side 2018-11-27 22:03:52 +05:30
Joffrey JAFFEUX
7f089f07a7
FIX: better fix for #ca84c06 (#6684) 2018-11-27 16:12:07 +01:00
David Taylor
f993aca363 FIX: Fix editing built-in badges after removing _.include
We want to send the unprotected fields to the server. Corrects 4c8cfe0f
2018-11-27 15:01:02 +00:00
Joffrey JAFFEUX
ca84c06c59
FIX: revert to using _.each (#6683)
Should be replaced with Object.keys variation when reproducible
2018-11-27 15:55:56 +01:00
Kris
964fd983b7 z-index fix for tooltips within posts 2018-11-27 09:49:34 -05:00
Maja Komel
a2bff038e8 FIX: set overridden param for customize site text query only when checkbox value changes 2018-11-27 14:29:48 +01:00
Maja Komel
a0fca2b6ed FIX: popular posts font weight in summary email 2018-11-27 12:58:28 +01:00
Gerhard Schlager
886ef7251d REFACTOR: Simplify extraction of mentions 2018-11-27 12:46:02 +01:00
Guo Xiang Tan
c92c56d986 FIX: Randomly failing QUnit test.
The `post` variable can be an actual post object or a `new Placeholder("post-placeholder")` which does not define the function `get`.

* QUNIT_SEED=11414431645131211212599424733847938795
2018-11-27 16:00:46 +08:00
Guo Xiang Tan
a1e77aa2ed
FEATURE: Reimplement SiteSetting.max_oneboxes_per_post. (#6668)
Previously, the site setting was only effective on the client side of
things. Once the site setting was been reached, all oneboxes are not
rendered. This commit changes it such that the site setting is respected
both on the client and server side. The first N oneboxes are rendered and
once the limit has been reached, subsequent oneboxes will not be
rendered.
2018-11-27 16:00:31 +08:00
Arpit Jalan
6cb49cd42c
Merge pull request #6671 from techAPJ/destroy-posts-flags
FIX: do not agree flags by default when deleting posts
2018-11-27 11:27:23 +05:30
Arpit Jalan
cb6fc8057b FIX: do not agree flags by default when deleting posts 2018-11-27 10:57:20 +05:30
Dan Ungureanu
38e29d8c94 DEV: Fix coding style. 2018-11-27 13:05:27 +11:00
Dan Ungureanu
d657ce844b DEV: Call onClose for closing modals. 2018-11-27 13:05:27 +11:00
Dan Ungureanu
0005bded6c DEV: Added composer-action-after plugin outlet. 2018-11-27 13:05:27 +11:00
Dan Ungureanu
1f9f00a629 DEV: Add data-topic-id to more elements containing titles. 2018-11-27 13:05:27 +11:00
Dan Ungureanu
8837fe47d7 DEV: Add app event triggered when composer's reply is reloaded. 2018-11-27 13:05:27 +11:00
Dan Ungureanu
b65e5d263e DEV: Add a plugin outlet for top-side notices. 2018-11-27 13:05:27 +11:00
Vinoth Kannan
1da265db11 UX: category images have no sizes (#6662) 2018-11-27 08:40:06 +08:00
Penar Musaraj
03deda2147
Upgrade to FontAwesome 5 (take two) (#6673)
* Add missing icons to set

* Revert FA5 revert

 This reverts commit 42572ff

* use new SVG syntax in locales

* Noscript page changes (remove login button, center "powered by" footer text)

* Cast wider net for SVG icons in settings

- include any _icon setting for SVG registry (offers better support for plugin settings)

- let themes store multiple pipe-delimited icons in a setting

- also replaces broken onebox image icon with SVG reference in cooked post processor

* interpolate icons in locales

* Fix composer whisper icon alignment

* Add support for stacked icons

* SECURITY: enforce hostname to match discourse hostname

This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname

* load SVG sprite with pre-initializers

* FIX: enable caching on SVG sprites

* PERF: use JSONP for SVG sprites so they are served from CDN

This avoids needing to deal with CORS for loading of the SVG

Note, added the svg- prefix to the filename so we can quickly tell in
dev tools what the file is

* Add missing SVG sprite JSONP script to CSP

* Upgrade to FA 5.5.0

* Add support for all FA4.7 icons

- adds complete frontend and backend for renamed FA4.7 icons

- improves performance of SvgSprite.bundle and SvgSprite.all_icons

* Fix group avatar flair preview

- adds an endpoint at /svg-sprites/search/:keyword

- adds frontend ajax call that pulls icon in avatar flair preview even when it is not in subset

* Remove FA 4.7 font files
2018-11-26 16:49:57 -05:00
Joffrey JAFFEUX
818761c3a4
FIX: uses appropriate z-index for tooltips (#6674) 2018-11-26 22:47:12 +01:00
Gerhard Schlager
5640166b27 FIX: Notify only invited users about mentions in PMs 2018-11-26 22:42:56 +01:00
Kris
593cd831e1 Wrap long lists of admin tabs on large screens 2018-11-26 14:51:45 -05:00
Robin Ward
8bca2647ea FIX: Upwards scrolling occasionally broken
This fixes a bug in Chrome where upwards scrolling would occasionally
not work properly.
2018-11-26 13:37:12 -05:00
Penar Musaraj
2e4706b787 FIX: bug and typo in admin user badges 2018-11-26 10:24:46 -05:00
Joffrey JAFFEUX
3453707784
FEATURE: allows html tooltips (#6665) 2018-11-26 11:15:23 +01:00
Joffrey JAFFEUX
e47b478b83
DEV: removes _.toArray from codebase (#6654) 2018-11-26 11:15:05 +01:00
Guo Xiang Tan
0972516abe FIX: Incorrect "rel" used for apple icons in <head>.
Nothing on the web I can find suggests that this should have been `rel=icon`.
See https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariWebContent/ConfiguringWebApplications/ConfiguringWebApplications.html
2018-11-26 10:40:09 +08:00
Guo Xiang Tan
d4aaa968bb Fix linting. 2018-11-26 09:38:22 +08:00
Guo Xiang Tan
57e2f4990d
PERF: Move processing of inline onebox out of V8 context. (#6658) 2018-11-26 09:21:38 +08:00
Penar Musaraj
93d4281706 FIX: alignment issue in PM inbox when bulk selecting 2018-11-25 15:24:26 -05:00
Arpit Jalan
b5bf182ad5 FIX: validate topic deletion when acting on a flag 2018-11-25 23:24:03 +05:30
Bianca Nenciu
172b3bf4d3 FIX: Fix broken theme field URLs. (#6622) 2018-11-23 16:11:05 +01:00
Joe
336436dfb4
UX: better handling of logo size 2018-11-23 22:04:42 +08:00
Joe
e2214b50f3
UX: add height attribute to logo on error pages
This matches what we do in the home-logo widget. The height is set as an attribute and we use CSS to get a scaled width that preserves the aspect ratio of the image.
2018-11-23 15:04:34 +08:00
Guo Xiang Tan
a1888b301b DEV: Don't require login for QUit test path. 2018-11-23 13:50:19 +08:00
Joe
98354bd34c
fix the build 2018-11-23 11:27:59 +08:00
Joe
c4fca36255
FIX: don't trigger header:hide-topic at the bottom on desktops
On mobile we trigger `header:hide-topic` at the very bottom of topics to switch the header contents back from small logo + topic info to large logo + user panels. 

Given that the `topic-progress` component is sometimes loaded on desktop - E.g composer is open or on narrow desktop screens - we need a guard to prevent this logic from firing on desktops.
2018-11-23 10:14:13 +08:00
Joffrey JAFFEUX
f4432648fd
FIX: categories/delete_categories can be undefined (#6657) 2018-11-23 00:57:18 +01:00
David Taylor
f645cb9c14
FEATURE: Use translated name for 'your email has been authenticated by' (#6649) 2018-11-22 19:12:04 +00:00
Joffrey JAFFEUX
7e20a0b917
DEV: removes _.indexOf from codebase (#6652) 2018-11-22 17:38:58 +01:00
David Taylor
0083eec686 FEATURE: Allow logo URLs to be overridden easily using reopenWidget() 2018-11-22 16:29:12 +00:00
Joffrey JAFFEUX
56478166e5
FIX: broken badge groupings modal UI (#6653) 2018-11-22 17:09:45 +01:00
Joffrey JAFFEUX
2843944315
FIX: better alignment of badge selector and edit btn (#6651)
Input located at /admin/badges/new
2018-11-22 16:21:15 +01:00
Joffrey JAFFEUX
e77cc44f07
FIX: better alignment of groups header filters (#6650)
This is located at the top of the /groups page.
2018-11-22 16:18:02 +01:00
Kyle Zhao
80398d0b8f
Extract inline JS on embedded comments (#6645)
* use the meta refresh tag instead

* extract inline JS in embedded comment
2018-11-22 10:02:58 -05:00
David Taylor
1fd0787dd7 UX: Ensure unstyled .btn-social elements have a contrasting background
For example, in plugins where the background color is not explicitly set
2018-11-22 15:00:32 +00:00
Gerhard Schlager
2ef16e9f4e FIX: Failed to delete post belonging to non-existent topic 2018-11-22 15:08:37 +01:00
Arpit Jalan
60941f214c FIX: remove unneeded keys from failed response 2018-11-22 14:59:50 +05:30
Guo Xiang Tan
3f636b2d19 FIX: Check whether group is mentionable by user when cooking post. 2018-11-22 16:16:33 +08:00
Vinoth Kannan
036790d13c FIX: Assign default value for category.findByIds method 2018-11-22 12:51:04 +05:30
Guo Xiang Tan
6111b285d9 DEV: Remove comment that links to a private topic.
Not going to be useful for other developers.
2018-11-22 14:55:02 +08:00
Guo Xiang Tan
c5a70eca6e
PERF: Move mention lookups out of the V8 context. (#6640)
We were looking up each mention one by one without any form of caching and that results
in a problem somewhat similar to an N+1. When we have to do alot of DB
lookups, it also increased the time spent in the V8 context which may
eventually lead to a timeout. The change here makes it such that mention lookups only does a single
DB query per post that happens outside of the V8 context.
2018-11-22 14:28:48 +08:00
Guo Xiang Tan
ba280f9cf3 FIX: Give up migrating url site setting if endpoint doesn't return data. 2018-11-22 12:16:52 +08:00
Guo Xiang Tan
a8603e04ab FIX: Give up migration of URL site settings if there is an SSL error. 2018-11-22 12:14:27 +08:00
Kyle Zhao
8e32aa1483 FEATURE: show post approvals in Moderation History (#6643) 2018-11-22 10:22:23 +08:00
Joe
ee6c0170ce FEATURE: Scroll-based logo on mobile (#6632) 2018-11-21 21:21:49 -05:00
Saurabh Patel
d984323e23 FEATURE: Show change name of user in staff logs (#6647)
https://meta.discourse.org/t/admins-changing-users-name-not-username-should-be-logged/99511
2018-11-22 10:13:02 +08:00
Kris
0381e99b71 UX: improving theme upload modal alignment, markup 2018-11-21 16:50:49 -05:00
Joffrey JAFFEUX
58c795ef30 DEV: adds test for image-short-url (#6642) 2018-11-22 07:48:52 +11:00
Arpit Jalan
61eff22b29 FIX: raise Discourse::NotFound unless the user is present 2018-11-21 10:57:42 +05:30
Arpit Jalan
10cc698df3 FIX: respond with proper error message if user not found 2018-11-21 10:47:37 +05:30
Arpit Jalan
539f1c6252 FIX: raise Discourse::NotFound unless the topic is present 2018-11-21 09:48:38 +05:30
Guo Xiang Tan
f4020d9134 UX: Contain site setting uploads within the div. 2018-11-21 10:09:53 +08:00
Sam
0a86ef69bb FIX: browser infinite recursion when editing post
This was a result of:

c4ed353fae

jQuery map on a jQuery object, returns a jQuery object http://api.jquery.com/map/

So you need to convert it to an array prior to mapping
2018-11-21 12:51:14 +11:00
Sam
20268385a5 FIX: never attempt to log invalid post numbers
Previously in some cases we would queue logging of invalid post numbers

The impact would be we would miss logging an incoming link and would leak
an error.
2018-11-21 11:58:47 +11:00
Guo Xiang Tan
df72674f24 Warn when migrate url site settings job encounters an error. 2018-11-21 07:55:50 +08:00
Kris
17bc21abff trashing an empty wrapper 2018-11-20 15:42:18 -05:00
Kris
17f3080d01 UX: More consistent category setting layout 2018-11-20 15:16:17 -05:00
Arpit Jalan
5951e111ad FIX: handle nil topic value when removing allowed users 2018-11-20 22:55:39 +05:30
Arpit Jalan
22a7f1e7f2 FIX: handle nil user value on password reset 2018-11-20 21:49:47 +05:30
Joffrey JAFFEUX
9672c92045
DEV: removes _.each from codebase (#6629) 2018-11-20 14:46:58 +01:00
Guo Xiang Tan
81b3bdaabd FIX: Remove site settings override for deprecated url site settings. 2018-11-20 11:42:39 +08:00
Kris
d1e50b3f8e Remove condensed suggested topics, hide secondary table head 2018-11-19 11:26:21 -05:00
Joffrey JAFFEUX
86dafc1f25
DEV: removes _.reduce from codebase (#6628) 2018-11-19 13:04:57 +01:00
Joffrey JAFFEUX
0a8227d19c
DEV: removes _.some from codebase (#6627) 2018-11-19 12:32:51 +01:00
Joffrey JAFFEUX
e860c8b844
FIX: adds support for missing reports from old dashboard (#6624) 2018-11-19 12:20:05 +01:00
Joffrey JAFFEUX
4c8cfe0f29
DEV: removes _.include from codebase (#6620) 2018-11-19 12:08:54 +01:00
Joffrey JAFFEUX
b1727537b2
DEV: removes _.find from codebase 2018-11-19 11:46:26 +01:00
Joffrey JAFFEUX
30e0d744db DEV: removes _.delay from codebase (#6619) 2018-11-19 10:47:00 +01:00
Joffrey JAFFEUX
c4ed353fae DEV: removes _.map from codebase (#6616) 2018-11-19 10:46:46 +01:00
Joffrey JAFFEUX
907cf3ee2f DEV: replaces setTimeout by Ember.run.later (#6618) 2018-11-19 10:46:38 +01:00
Bianca Nenciu
f2c227432c FIX: Do not show nested user cards. (#6621) 2018-11-19 10:01:22 +01:00
Joe
2ac952d7dd
UX: leave room for floated radio input on mobile 2018-11-19 15:10:52 +08:00
Guo Xiang Tan
fe131c5ea2 Fix missing avatars on topic list page.
Introduced in b50fab2d72
2018-11-19 14:55:41 +08:00
Joe
94c724fb89
UX: fixes display issues in split to existing topic modal 2018-11-19 13:12:42 +08:00
Guo Xiang Tan
9fd704735e Rescue from SocketError in migrate url onceoff job. 2018-11-19 13:07:34 +08:00
Guo Xiang Tan
b50fab2d72 PERF: Fix N+1 for non-staff users when tagging is enabled. 2018-11-19 12:53:58 +08:00
Sam
6aea185ab4 FEATURE: plugin outlets on about page
Added about-after-admins and about-after-moderators
2018-11-19 10:12:44 +11:00
Robin Ward
e37c4a4525 FIX: Don't show the Quote popup if posting is disabled 2018-11-16 11:00:22 -05:00
Guo Xiang Tan
9e86b425bc FIX: Job to clean up old URL settings when new setting has been set.
Related to 44391ee8ab
2018-11-16 09:33:31 +08:00
Kris
9157fdd69c UX: Better related messages condensed layout 2018-11-15 20:21:22 -05:00
Sam
f2afb69f72 Revert "UX: maintain aspect ratio of cropped image thumbnails"
This reverts commit e7fa4c5dd1.

causes page wobble with images while loading
2018-11-16 11:38:04 +11:00
Kyle Zhao
7cb6082f91 FIX: S3 CDN for markdown it bundle 2018-11-15 16:55:20 -05:00
Kris
817135fbbf Show related messages before suggested 2018-11-15 16:32:35 -05:00
Joffrey JAFFEUX
078705bcc0
minor refactoring (#6615) 2018-11-15 21:41:05 +01:00
Joffrey JAFFEUX
dcc6527dff
FIX: s/save/finish for wizard exit early button (#6614) 2018-11-15 21:26:26 +01:00
Joffrey JAFFEUX
1730e0bc73
UX: shows a save changes for intermediate steps (#6612) 2018-11-15 20:44:19 +01:00
Vinoth Kannan
d5df746cc3 UX: Improve category reordering functionality 2018-11-16 00:52:10 +05:30
Kyle Zhao
5f754b43f1
extract inline onpopstate handler on 404 page (#6613) 2018-11-15 13:35:38 -05:00
Kris
f0760908e3 Missing space between class names 2018-11-15 12:17:37 -05:00
Kris
5a542327e7 IE11 Fix: Select-kit items shouldn't have flex-grow 2018-11-15 10:09:49 -05:00
Joffrey JAFFEUX
9911a41f4c
FIX: improves category/tag drops header shortcuts (#6610)
- wont appear when filtering
- can now be selected with keyboard
- fix bugs on click with safari/firefox
2018-11-15 15:21:40 +01:00
Vinoth Kannan
fdccfcfa59 FIX: Only use blockquote which is immediate child of aside 2018-11-15 18:07:16 +05:30
Joe
e7fa4c5dd1
UX: maintain aspect ratio of cropped image thumbnails 2018-11-15 20:24:56 +08:00
Guo Xiang Tan
901611cb4e Fix migrate upload url site settings to rescue from invalid URLs. 2018-11-15 15:16:14 +08:00
Sam
6556a87629 FIX: only check for conflict on edit drafts
In some unknown cases non edit drafts are being checked for conflict
2018-11-15 13:14:07 +11:00
Guo Xiang Tan
ee60ecc71f UX: Switch to neutral background color for image uploader in site settings. 2018-11-15 08:24:50 +08:00
Joffrey JAFFEUX
761003c8bd
FIX: makes sure an hex is always at 6 chars (#6608)
eg: #aaa should be converted to #aaaaaa
2018-11-15 00:52:47 +01:00
Régis Hanol
1c678c8c54 This should not have been removed 2018-11-14 23:23:02 +01:00
Régis Hanol
0f5aeab003 DEV: enable no-alert & no-console eslint rules 2018-11-14 23:17:56 +01:00
Kris
6a990d4f95 Removing overly-specific style 2018-11-14 16:37:46 -05:00
Leo McArdle
7bc121a065 allow CSP reports to be sent when header isn't set by Discourse (#6594) 2018-11-14 16:23:29 -05:00
Régis Hanol
4bac77800a DEV: remove 'console.log' (cc @eviltrout) 2018-11-14 21:45:41 +01:00
Maja Komel
c701036034 FIX: reset bump date resets bumped_at to the last regular post in topic (#6605) 2018-11-14 18:56:22 +01:00
Régis Hanol
20899654aa Make code prettier 💅 2018-11-14 17:57:22 +01:00
Régis Hanol
c78dcde973 FIX: only send originalText when we need to 2018-11-14 17:47:59 +01:00
Kris
1e15c16f77 UX: Condense layout when suggested and related messages are available 2018-11-14 11:01:50 -05:00
Robin Ward
ea075fa4f7 FIX: Don't hide information from the card that is visible in the topic
It doesn't make sense to show less information on the card than already
visible.
2018-11-14 09:56:31 -05:00
Guo Xiang Tan
5b320e6652 DEV: Don't warn about using deprecated site settings in clean up uploads job. 2018-11-14 20:58:06 +08:00
Guo Xiang Tan
df111259fe More URL site settings into a onceoff job.
* Doing it in a post migration was a bad idea
  because the migration will fail if the site
  is down while trying to download uploads
  which points to the instance. This mainly
  affects self-hosters using `discourse_docker`
  where `./launcher rebuild` will take the
  existing container down.
2018-11-14 20:29:20 +08:00
Bianca Nenciu
fce0a0ccc8 FEATURE: Compute distance between logins to generate login alerts. (#6562) 2018-11-14 13:26:47 +01:00
Penar Musaraj
f6fb079129 Disable wizard invites step when local_logins are turned off 2018-11-14 13:05:32 +01:00
Bianca Nenciu
34e4d82f1a FEATURE: Report edit conflicts when saving draft. (#6585) 2018-11-14 12:56:25 +01:00
Vinoth Kannan
d078808144 UX: Use header top to calculate docking position 2018-11-14 16:31:39 +05:30
Guo Xiang Tan
2220345a8b Fix the build. 2018-11-14 17:32:32 +08:00
Guo Xiang Tan
72370b9c36 Add deprecation warnings for url based site settings. 2018-11-14 16:09:26 +08:00
Guo Xiang Tan
44391ee8ab
FEATURE: Upload Site Settings. (#6573) 2018-11-14 15:03:02 +08:00
David Taylor
17bc82765b FEATURE: Log password changes in UserHistory (#6600) 2018-11-14 08:32:42 +08:00
Kyle Zhao
38a9bc740d FIX: change title when primary group changes (#6602) 2018-11-14 08:28:41 +08:00
Robin Ward
fc9aafaa6a New outlet above the main container 2018-11-13 14:34:20 -05:00
Robin Ward
467be59d75 FEATURE: Allow expanded posts to return user custom fields 2018-11-13 12:44:54 -05:00
Kris
1570b01184 IE11 select-kit fix 2018-11-13 11:21:19 -05:00
Kris
c09a407f65 composer alignment fixes 2018-11-13 11:12:58 -05:00
Kris
af6569c396 Mobile group page flair alignment 2018-11-13 10:29:16 -05:00
Joffrey JAFFEUX
7fa21ce199
UX: minor tweaks to theme components selection UI (#6596) 2018-11-13 14:57:50 +01:00
Joffrey JAFFEUX
c1e82e7442
FIX: category row title (#6597) 2018-11-13 13:35:45 +01:00
Joe
ac7b058849
UX: take custom markup into account when docking header 2018-11-13 14:47:12 +08:00
Sam
80ceb57c76 DEV: add API endpoint to destroy_timings only of last post
Previously API only allowed you to nuke all timings from a topic,
new API is less punishing and allows you just to remove 1 post.
2018-11-13 16:07:48 +11:00
Joe
7707e42441 DEV: moves print-specific styles from internal style tag to external print sheet (#6581)
* DEV: removes internal styles from print view

* DEV: adds styles to print sheet
2018-11-13 14:45:55 +11:00
Guo Xiang Tan
7b44339529 FIX: Prevent uploads used in site settings from being deleted. 2018-11-13 09:15:16 +08:00
Kris
27ce8cf851 UX: Improving group directory layout for small screens 2018-11-12 18:13:42 -05:00
Kyle Zhao
d25ae13f0f FIX: stricter window.opener checks (#6578) 2018-11-13 09:56:31 +11:00
Robin Ward
0cb33d2b52 UX: Rename Most Disagreed Flaggers report to "User Flagging Ratio" 2018-11-12 16:23:37 -05:00
Vinoth Kannan
dda1824270 Use hijack in inline onebox controller 2018-11-13 02:39:20 +05:30
Vinoth Kannan
44d95ad5ab FIX: Cache url data for failed inline oneboxes 2018-11-13 01:44:20 +05:30
Kris
486d7f2e5d Select-kit dropdown fix 2018-11-12 12:21:54 -05:00
David Taylor
ba00fcc371 FIX: Translation improvements for unused tags (d89ffbe) 2018-11-12 16:36:56 +00:00
David Taylor
d89ffbeffd
FEATURE: Add button to delete unused tags (#6587)
This is particularly useful if you have uploaded a CSV file, and wish
to bulk-delete all of the tags that you uploaded.
2018-11-12 16:24:34 +00:00
Bianca Nenciu
5af9a69a3b FIX: Do not check for suspicious login when impersonating. (#6534)
* FIX: Do not check for suspicious login when impersonating.

* DEV: Add 'impersonate' parameter to log_on_user.
2018-11-12 15:34:12 +01:00
Maja Komel
012da86a07 FIX user directory time period count (#6586) 2018-11-12 15:30:05 +01:00
Joffrey JAFFEUX
599ab4e966
UX: inform users old dashboard is going to b removed (#6592) 2018-11-12 15:20:00 +01:00
Joffrey JAFFEUX
9c616e0679
FIX: handles not found reports in bulk loading (#6582) 2018-11-12 13:47:24 +01:00
Gerhard Schlager
7c4d4331bc FEATURE: Better handling of quotation marks in site text search
It also matches 3 dots with the ellipsis symbol.
2018-11-12 13:26:41 +01:00
Guo Xiang Tan
c7377e2f2d UX: Trash icon displaying when there is no upload take 2. 2018-11-12 16:19:17 +08:00
Guo Xiang Tan
d50f4fdd7a Oops. 2018-11-12 16:07:33 +08:00
Guo Xiang Tan
10c6211cdf UX: Trash icon displaying when there is no upload. 2018-11-12 16:06:32 +08:00
Sam
d1684a1652 PERF: avoid left joins and distinct on posts_for query
Previously this was extremely expensive due to the `distict` and
`left join` clauses, this eliminates it and makes query much faster
2018-11-12 13:26:41 +11:00
Sam
e17a13ce19 FEATURE: additional "related messages" section
This splits out previous message correspondence from suggeted and instead
has a dedicated section called "related messages"
2018-11-12 13:04:42 +11:00
David Taylor
c3c9299c44 FIX: Improve performance for Group.posts_for (#6588) 2018-11-12 08:44:20 +08:00
Kris
cee1f5b2c1 Remove unneeded color assignment from user profile 2018-11-09 18:42:19 -05:00
Kris
00ad6e8e37 signup width fix 2018-11-09 12:10:38 -05:00
Joffrey JAFFEUX
f8838ac9cd
FIX: fix/removes broken elements of old dashboard 2018-11-09 17:18:19 +01:00
David Taylor
9ddd40df13 FIX: Fix vertical scrolling in modals
Partially reverts 57af43b
2018-11-09 14:35:29 +00:00
Arpit Jalan
1151c093ad bump onebox version
- Better Google Photos oneboxing
2018-11-09 15:44:06 +05:30
Sam
64d9be726f the protection I placed was in the wrong path moved to /session/sso
correct previous commit
2018-11-09 17:18:01 +11:00
Sam
3ae4fcd1f7 Improve redirect avoidance for /sso paths
e6b3310577 was missing an ege case
where return url included current_hostname
2018-11-09 17:03:58 +11:00
Sam
e6b3310577 FIX: never redirect back to /sso it will cause a loop
If for any reason our return url is set to `/sso` bypass using it
for login redirect
2018-11-09 14:27:36 +11:00
Sam
15991677d4 FIX: ensure we never cache login redirects by mistake 2018-11-09 11:14:35 +11:00
Gerhard Schlager
24e5be3f0c FIX: Relative links in translations should work with subfolder 2018-11-08 23:31:05 +00:00
Robin Ward
242a5fc5ef Add DiscourseEvents for when users as unsuspended/unsilenced 2018-11-08 16:33:38 -05:00
Kris
667af9debd height fix 2018-11-08 16:06:41 -05:00
Kris
57af43b142 UX: Make long sign-up forms scrollable in modal 2018-11-08 15:25:10 -05:00
Kris
1a96556f38 stacked nav archive alignment adjustment 2018-11-08 12:49:29 -05:00
Kris
b39d949a8e fix d-editor height for user profile input 2018-11-08 11:28:58 -05:00
Sam
42572ff138 Revert font awesome 5 changes
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
Penar Musaraj
09dc922b3b Fix several FontAwesome 5 issues
add missing icons, update SvgSprite methods (to fix ruby 2.4 issues), update whisper icon in composer, fix alignment issues
2018-11-07 22:20:53 -05:00
David Taylor
37fb8fc0e7
FIX: Do not display broken image on crawler/print view (#6575) 2018-11-07 22:28:45 +00:00
Penar Musaraj
9a34c6153e Fix small issues with FA5 icons 2018-11-07 16:39:04 -05:00
Penar Musaraj
a5871b6dd1 Rename conflicting SCSS mixin 2018-11-07 14:18:55 -05:00
Penar Musaraj
005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs (#6557)
* First take on subsetting svg icons

* FontAwesome 5 svg subset WIP

* Include icons from plugins/badges into svg sprite subset

* add svg icon support to themes

* Add spec for SvgSprite

* Misc. SVG icon fixes

* Use FA5 svgs in local-dates plugin

* CSS adjustments, fix SVG icons in group flair

* Use SVG icons in poll plugin

* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
Gerhard Schlager
6b60646330 FIX: Relative links in templates should work with subfolders 2018-11-07 11:35:04 +01:00
Sam
0a442e319c FIX: correct svg handling for images
We regressed and optimized images no longer worked with svg

The following adds the correct logic to simply copy file for svgs
and bypasses resizing for svg avatars
2018-11-07 15:29:26 +11:00
Guo Xiang Tan
7534042427 DEV: Update annotations. 2018-11-07 11:11:19 +08:00
Bianca Nenciu
2070edf889 FIX: Clarify User.group_locked_trust_level.
* Rename User.group_locked_trust_level to User.group_granted_trust_level.

* Remove the column from users table.
2018-11-07 10:27:44 +08:00
Matthew Campbell
a2044c4528 UX: Make the edits indicator a real link for accessibility (#6570)
This link didn't have an `href` attribute, so it wasn't in the tab
order. This commit fixes that, while adding a call to `preventDefault`
in the event handler to avoid any regression in event handling.
2018-11-07 10:11:52 +11:00
Kris
ef368ec2ff Minor spacing adjustments for new search results 2018-11-06 10:01:24 -05:00
Joffrey JAFFEUX
75b1865d15
UX: adds new categories layouts to the wizard (#6569) 2018-11-06 15:52:13 +01:00
Joffrey JAFFEUX
fdad24e2e4
FIX: edit category tags select-kit inputs width were wrong (#6568) 2018-11-06 11:30:12 +01:00
Jeff Atwood
afbdf9c2d2
Merge pull request #6558 from pmusaraj/disallow-flagging-deleted-post
FIX: disable flagging hidden posts
2018-11-05 11:05:32 -08:00
Kris
d7e38d2be8 Adding IE11 Grid support for admin dashboard 2018-11-05 12:52:02 -05:00
Maja Komel
ae9eddb002 FIX: don't allow adding a value containing vertical bar char to the secret list 2018-11-05 12:14:56 +01:00
Joffrey JAFFEUX
cc9869a61b
FIX: topic-map spec with VDOM and i18n plural (#6564)
It appears that in vdom nodes, pluralized i18n strings are not compiled into a string before widget is compiled and result in an error as VDOM is expecting a string and not an object.
2018-11-05 12:02:18 +01:00
Joffrey JAFFEUX
4d74688b50
UX: uses presentation role for accessibility in topic map (#6561)
Co-Authored-By: mwcampbell <mwc+github@mwcampbell.us>
2018-11-05 09:45:32 +01:00
Penar Musaraj
94f628fb4c FIX: disable flagging hidden posts 2018-11-02 13:54:45 -04:00
Robin Ward
931c3d165b Revert "FIX: We shouldn't include topics when mobile view is enabled"
This reverts commit 2feadcdafb.
2018-11-02 10:29:44 -04:00
Joffrey JAFFEUX
4417faa7e5 Revert "FIX: uses more semantically correct spans in post map (#6555)"
This reverts commit 5cd055fd30.
2018-11-02 15:07:22 +01:00
Joffrey JAFFEUX
8067f8a32c
FIX: disables dates filtering on most_disagreed_flags report (#6556) 2018-11-02 14:42:52 +01:00
Joffrey JAFFEUX
5cd055fd30
FIX: uses more semantically correct spans in post map (#6555) 2018-11-02 13:09:58 +01:00
Joffrey JAFFEUX
4e0f033fae
FEATURE: adds ignored flags to most_disagreed_flags report (#6554) 2018-11-02 11:08:00 +01:00
Sam
d84256a876 FEATURE: add Noindex to robots.txt for disallowed routes
This strips pages out of indexes that should not exist see:

https://meta.discourse.org/t/pages-listed-in-the-robots-txt-are-crawled-and-indexed-by-google/100309/11?u=sam
2018-11-02 16:39:47 +11:00
Joe
4234058358 UX: don't show crawler navigation in print view (#6551)
* UX: adds CSS classes to crawler navigation links

* UX: hide crawler navigation in print view
2018-11-02 09:18:07 +11:00
Robin Ward
c4ca5ed50b FIX: Translation error 2018-11-01 17:44:55 -04:00
Kyle Zhao
f9b36820ef
FIX: only extract script tags with certain types (#6553)
`script` tags with custom types (e.g. `text/template`) are not executed
by the browser, and should not be extracted into an external theme
JavaScript
2018-11-01 16:01:46 -04:00
Robin Ward
2feadcdafb FIX: We shouldn't include topics when mobile view is enabled
This setting was set to be the opposite of what we want
2018-11-01 14:47:06 -04:00
Robin Ward
ec91450aae FEATURE: Track how many user flags are agreed/disagreed/ignored
Display the percentage when reviewing flags.
2018-11-01 09:59:50 -04:00
Sam
ceafcbc898 FEATURE: show added date when looking at group members 2018-11-01 15:33:28 +11:00
Sam
aa044623bd FIX: do not create superflous sessions when logged on
In some SSO implementations we may want to issue SSO pipelines for
already logged on users

In these cases do not re-log-in a user if they are clearly logged on
2018-11-01 12:54:01 +11:00
Vinoth Kannan
0084b0c26e
Merge pull request #6548 from vinothkannans/category-drop-search
UX: Include subcategories in search result of all categories drop down
2018-10-31 23:44:54 +05:30
Vinoth Kannan
28cf4d535e UX: Include subcategories in search result of all categories drop down 2018-10-31 23:03:24 +05:30
Bianca Nenciu
fa0e421af3 FIX: Do not leak information about post revisions. (#6536) 2018-10-31 14:47:00 +00:00
David Taylor
ff6676094f FIX: Correct bookmark button class 2018-10-31 11:22:24 +00:00
Régis Hanol
0bf52d422c FEATURE: new 'simultaneous_uploads' site setting 2018-10-31 10:58:09 +01:00
Kris
f97cf10676 Removing edit button from mobile category list 2018-10-30 22:57:06 -04:00
Sam
23423ba112 correct spec and error reporting
previous commit misused warn_exception which caused a spec to fail
2018-10-31 13:38:05 +11:00
Blake Erickson
589e3fcaa0 FIX: return 400 for missing required params (#6546)
If a required param is missing return a 400 and show a message
displaying which param was missing. Added this to the application
controller so that we don't have to add this logic to every controller
action.
2018-10-31 13:02:48 +11:00
Sam
32b1f34910 PERF: avoid DNS lookups when getting IP info
Also cleans up interface in DiscourseIpInfo
grew cache to 2000 entries
2018-10-31 12:38:57 +11:00
Bianca Nenciu
e0ccd36dbe FEATURE: Suspicious logins report. (#6544) 2018-10-30 22:51:58 +00:00
Bianca Nenciu
e1e392f15b DEV: Use DiscourseIpInfo for all IP queries. (#6482)
* DEV: Use DiscourseIpInfo for all IP queries.

* UX: Use latitude and longitude for more precision.
2018-10-30 22:08:57 +00:00
Bianca Nenciu
4b7ab97a01 FIX: Add 'log in via link' to email templates. (#6545) 2018-10-30 19:15:05 +00:00
Joffrey JAFFEUX
11ee07093c FEATURE: revamps search-menu layout (#6543) 2018-10-30 10:44:49 -04:00
Gerhard Schlager
733b8af47b FIX: Uploads didn't work for subfolder anymore 2018-10-30 12:53:57 +01:00
Gerhard Schlager
5b14f713a0 Use class instead of inline style 2018-10-30 11:25:51 +01:00
Joffrey JAFFEUX
af465effef
FIX: prevents y-axis labels to show useless/wrong values 2018-10-30 09:58:03 +01:00
Vinoth Kannan
92bf3c667e FIX: Flash authentication data not rendered in latest iOS safari browser 2018-10-30 04:00:36 +05:30
Sam
f8305f53c7 FEATURE: special offline support restricted to Android only
The special offline page with fetch interception in service worker
is only strongly required on Android ad a pre-req for PWAs

This is now strongly restricted only to Android while iOS PWA support
gets better

Long term if we build offline support we can unlock it more globally
2018-10-29 16:29:19 +11:00
Jeff Atwood
760e09907b add a tad more width for user pref forms 2018-10-27 20:20:01 -07:00
Jeff Atwood
817cf8b229 remove extraneous two factor auth info popup 2018-10-27 14:10:26 -07:00
Jeff Atwood
58b53f7841 update copy for "was this you?" login dialog 2018-10-27 13:57:30 -07:00
David Taylor
375bba3c31 FIX: Add String.includes polyfill for IE11 2018-10-26 23:10:03 +01:00
Kris
cd9a41be55 IE11 fix for create account modal alignment 2018-10-26 17:04:28 -04:00
Kris
0bf413be3e IE11 fix for category dropdown search icon position 2018-10-26 13:28:05 -04:00
Kris
1f88f69a7f IE11 Fix for tracking dropdown 2018-10-26 12:55:26 -04:00
Rafael dos Santos Silva
84f858fc23 FIX: Remove orientation from the webmanifest
We don't really care about orientation, so let the user OS handle it.
2018-10-26 13:48:14 -03:00
Rafael dos Santos Silva
2450f178ca FEATURE: Allow admins to control PWA display mode per user agent 2018-10-26 13:47:22 -03:00
Kris
fb15e04e48 Fixing broken badge grant layout 2018-10-26 11:06:31 -04:00
Kris
7c2618e914
Adding classes to login for external auth and user fields (#6535) 2018-10-26 10:33:06 -04:00
Joffrey JAFFEUX
b2585524a9
FEATURE: adds a most disagreed flaggers report 2018-10-26 15:59:04 +02:00
David Taylor
e955a1f24b DEV: Skip ESLint on polyfill 2018-10-26 13:54:03 +01:00
David Taylor
af84949f25 FIX: Add polyfill so that Array.includes works in IE11 2018-10-26 13:45:29 +01:00
Joffrey JAFFEUX
398f98c568
FIX: ensures reports links are correct on subfolder installs 2018-10-26 12:32:02 +02:00
Penar Musaraj
3c92202654 Set individual future-date-input components as clearable, fixes admin Safari bug (#6522) 2018-10-26 11:34:55 +11:00
Penar Musaraj
ed9c21e42c FEATURE: hide muted categories from /categories list (#6531) 2018-10-26 11:34:39 +11:00
Régis Hanol
d17c8df926 Only check for suspicious login for staff members 2018-10-26 00:29:28 +02:00
Kyle Zhao
a6eca28ec6
CSP - extract all other inline JavaScripts (#6528)
* wizard page inline js

* print topic inline js

* drop JS for preventing double submission

this is the default behavior with Rails' UJS `disable_with` helper

* omniauth complete redirect JS

* account activate inline js
2018-10-25 09:52:01 -04:00
Bianca Nenciu
effbef7d0b UX: Use user locale for locations. (#6527)
* UX: Use user locale for locations.

* DEV: Added MaxMindDB test data and fixed test.
2018-10-25 10:54:01 +00:00
Joffrey JAFFEUX
8e274f7296 UX: bumps the user-api-key version to 3 (#6526)
* UX: bumps the user-api-key version to 3

* fix spec
2018-10-25 09:46:34 +00:00
Bianca Nenciu
2a77550f8c FIX: Do not track right clicks. (#6530) 2018-10-25 09:46:04 +00:00
Bianca Nenciu
6a3767cde7 FEATURE: Warn users via email about suspicious logins. (#6520)
* FEATURE: Warn users via email about suspicious logins.

* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
Sam Saffron
abaa3f0650 FEATURE: add server:before-head-close-crawler outlet for plugins
This outlet allows plugins to inject html prior to closing head tag
2018-10-25 16:31:05 +11:00
Kris
1d7720ef99 UX: Adding Google-compliant logo 2018-10-24 22:11:19 -04:00
Jeff Atwood
c62a8ee335 switch topic jump glyphs to better signify move to top/bottom 2018-10-24 18:41:41 -07:00
Jeff Wong
0ead513fb0 PERF: remove total unread notifications from message bus (#6529) 2018-10-25 12:14:34 +11:00
Kris
36e2f863ee UX: Increase size of topic title tap target on mobile 2018-10-24 20:43:38 -04:00
Kris
c219a5fb1e
Add btn-default class to all default buttons (#6521) 2018-10-24 16:09:36 -04:00
Kris
0140844eb0 Remove whitespace in template so we can use :empty psuedo 2018-10-24 16:00:22 -04:00
Matthew Campbell
05438d99a8 FIX: Ensure the like button always has a title, for accessibility (#6525)
The like button previously didn't have a title for anonymous users,
because the `canToggleLike` flag wasn't set, but the `liked` flag wasn't
set either. This made the button inaccessible to blind users.
2018-10-24 13:58:42 +00:00
Sam
5fd94d3211 PERF: limit unread count to 99 in blue circle
This revises: e605542c4e

Previous commit was faulty
2018-10-24 12:10:27 +11:00
Sam
e605542c4e PERF: limit unread count to 99 in the blue circle
This safeguard is in place to avoid very expensive queries on the server
side
2018-10-24 11:53:28 +11:00
Kris
0b4edfc7d6 UX: improve spacing on composer controls 2018-10-23 16:37:36 -04:00
Kris
a82dfbd2dc Mobile timeline fix 2018-10-23 07:59:00 -04:00
Kris
541b6a8446 UX: Allow vertical timeline to fit on narrower screens 2018-10-22 22:16:59 -04:00
Sam
de6b585368 minor, bypass gravatar update if user does not match
this protects against a race condition that can happen when a user record
is destroyed reasonably quickly
2018-10-23 12:20:41 +11:00
Daniel Hollas
cee51672c9 FIX: Strip accents from search query
4481836 introduced accent stipping in search_indexer,
but we need to strip it from the query itself as well

TODO in search with diacritics:
 - Still need to fix excerpts on search page
 - need to support accent stripping in in_topic search
 - need to make sure that in:title works correctly
 - need to fix "word boldening" in titles
2018-10-23 12:10:33 +11:00
Joffrey JAFFEUX
7d2e582b28 FIX: validates import theme form (#6513) 2018-10-23 12:09:06 +11:00
Sam
b74dd7d379 FIX: stop logging every 404 error when searching for gravatars 2018-10-23 11:43:14 +11:00
Kyle Zhao
2cc195f3d9 prettier linting fix 2018-10-22 14:18:26 -04:00
Bianca Nenciu
37fa7775f1 FIX: Fix order of recently connected devices. (#6517) 2018-10-22 17:30:23 +00:00
Kyle Zhao
e9a971a2b6
FEATURE: [Experimental] Content Security Policy (#6514)
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
Jeff Wong
ec2613699f Change box category view to use flexbox 2018-10-22 10:15:31 -07:00
Régis Hanol
b9261588f9 make the code prettier 2018-10-22 19:07:41 +02:00
Régis Hanol
3e232412e3 UX: show error when hitting the rate limit on password reset 2018-10-22 19:00:30 +02:00
David Taylor
3377f26eba FIX: Clean tag before searching for matches 2018-10-22 11:09:06 +01:00
David Taylor
37b7afa522 FIX: Sanitize tags before creation 2018-10-22 10:53:42 +01:00
Kyle Zhao
dca830cb73 Revert "FEATURE: [Experimental] Content Security Policy (#6504)"
This reverts commit fb8231077a.
2018-10-19 11:53:29 -04:00
Kris
b35c8fb336 Add offset to topic footer admin menu, to avoid header overlap 2018-10-19 11:30:11 -04:00
David Taylor
0dd717e641 Revert "FIX: Sanitize tags before creation"
This reverts commit 18ae8de9e5.
2018-10-19 15:49:05 +01:00
David Taylor
18ae8de9e5 FIX: Sanitize tags before creation 2018-10-19 15:43:31 +01:00
Kyle Zhao
fb8231077a
FEATURE: [Experimental] Content Security Policy (#6504) 2018-10-19 10:39:22 -04:00
Bianca Nenciu
b69652278f FEATURE: Add Wiki Editor badge. (#6511) 2018-10-19 15:30:27 +02:00
David Taylor
7166d7de9a
FIX: Prevent duplicate tags in tag-choosers (#6512)
* FIX: Prevent duplicate tags in tag-choosers

This reverts 5685b45, which fixes the duplicate tags problem.
The fix introduced by 5685b45 is re-implemented on the server.
2018-10-19 13:44:43 +01:00
Joffrey JAFFEUX
5f86564da1
FEATURE: adds latest to user-api-key session scope 2018-10-19 09:54:06 +02:00
Sam
9bfc939692 cleanup so gravatar download failures are consistent
previously we would ignore socket error, but this would mean that
there could be conditions where we would keep trying to download
gravatars forever (in an hourly job)
2018-10-19 12:51:55 +11:00
Angus McLeod
85ef8e5a9f auto is not a valid value for min/max height (#6509) 2018-10-18 21:33:45 -04:00
Bianca Nenciu
22ada32d4d FIX: Strip @ when searching for users and groups. (#6506) 2018-10-19 11:56:10 +11:00