Commit Graph

29601 Commits

Author SHA1 Message Date
Sam
2f5c21e28c FIX: return a 400 error instead of 500 for null injections
Many security scanners like to inject NULL in inputs causing application
to exception out and return a 500

We now handle this exception and render a 400 status back
2018-09-04 12:11:52 +10:00
Guo Xiang Tan
0a14e0a256 Ensure params[:files] responds to map in Lograge. 2018-09-04 09:22:54 +08:00
Sam
fcae21c4fc remove test that is no longer relevant 2018-09-04 10:52:12 +10:00
Sam
3748d3e281 UX: hide associate accounts if second factor is enabled
Once second factor is enabled all login via associated accounts is banned
showing this section just leads to confusion
2018-09-04 10:42:39 +10:00
Sam
155eb02c7e UX: remove auth token log from user page
This feature is not quite ready so we are deferring on it for a few more weeks
2018-09-04 10:28:33 +10:00
Gerhard Schlager
eeedc3901e FIX: Replying to deleted post via email should create new reply to topic 2018-09-03 23:06:40 +02:00
Vinoth Kannan
fe6c3b7d2e Make prettier happy 2018-09-04 00:31:41 +05:30
Vinoth Kannan
24a14af15a FIX: Respect invalidate_oneboxes option for inline oneboxes 2018-09-03 22:33:43 +05:30
Guo Xiang Tan
ecf60c0c33 DEV: More attempts at stablizing specs in Travis.
Re-enable skipped test because it doesn't fail locally
for me to debug it.
2018-09-03 14:52:15 +08:00
Gerhard Schlager
f33433bf9e Validation of params should restrict to max int (#6331)
* FIX: Validation of params should restrict to max int

* FIX: Send status 400 when "page" param isn't between 1 and max int
2018-09-03 14:45:32 +10:00
Guo Xiang Tan
747c9bb47f
Merge pull request #6317 from nbianca/ignore_blacklisted_domains
FIX: Ignore OneBox blacklisted domains.
2018-09-03 11:10:52 +08:00
Guo Xiang Tan
59c9051a2e REFACTOR: Rescue error at the specific spot that is raising the error. 2018-09-03 11:04:58 +08:00
Guo Xiang Tan
0fac6cdba9 DEV: Better debugging information when test fails. 2018-09-03 10:55:25 +08:00
Guo Xiang Tan
7256b3bf68 REFACTOR: Use UserAuthTokenLogSerializer instead of conditionals. 2018-09-03 10:44:22 +08:00
Guo Xiang Tan
45f092a49d Extract badge_posts view management logic into a service object.
* Avoid defininig a global constant and method.

Fixes https://github.com/discourse/discourse/pull/6318
2018-09-03 09:51:35 +08:00
Jeff Atwood
c3a898795a
Merge pull request #6351 from gschlager/btn_primary
UX: Primary button didn't have hover effect anymore
2018-09-02 14:26:40 -07:00
Maja Komel
182d9a4666 FIX: escape regex chars when searching site texts 2018-09-02 17:25:57 +10:00
Bianca Nenciu
f5e0356fb2 correct miscellaneous issues with user login history 2018-09-02 17:24:54 +10:00
Osama Sayegh
8e70b82baa FIX: maintain theme preview when refreshing (#6356) 2018-09-02 17:23:46 +10:00
Rishabh Nambiar
4194d1f875 UX: Add padding between fa-chevron-up/down and heading for groups page 2018-09-01 10:14:54 +05:30
Gerhard Schlager
16974df1e9 FIX: Resetting site setting didn't remove "overriden" state 2018-09-01 02:09:23 +02:00
Jeff Atwood
690908993f reduce default post deletions per day 2018-08-31 13:27:25 -07:00
Neil Lalonde
f0b551b684 UX: avatar on collapsed user profile was the wrong size 2018-08-31 10:38:58 -04:00
Bianca Nenciu
39414068ff FIX: User agent browser detection (#6352) 2018-08-31 14:49:38 +02:00
Gerhard Schlager
ddfd02ad36 FIX: Deleting backup failed after uploading backup 2018-08-31 13:50:32 +02:00
Osama Sayegh
60eff9421a FIX: precompile desktop_theme and mobile_theme stylesheets
required for environments that pre stage docker images and keep old image running during the deploy
2018-08-31 21:23:55 +10:00
Gerhard Schlager
91b3f200f4 UX: Primary button didn't have hover effect anymore 2018-08-31 12:14:41 +02:00
Gerhard Schlager
5310b4841d UX: Show Rollback and Backup buttons on same line 2018-08-31 12:01:59 +02:00
Arpit Jalan
8ce8edaf40 bump onebox version 2018-08-31 15:10:11 +05:30
Guo Xiang Tan
5a214a687c FIX: Exclude UserAuthToken and UserAuthTokenLog in user webhook. 2018-08-31 17:25:56 +08:00
Guo Xiang Tan
ae2f00ee73 DEV: Include the thread in the error message. 2018-08-31 17:14:19 +08:00
Régis Hanol
6ada825a4d fix linting 2018-08-31 10:49:44 +02:00
Bianca Nenciu
931cffcebe FEATURE: Let users see their user auth tokens. (#6313) 2018-08-31 10:18:06 +02:00
Sam
b3aab1770f FIX: set old last modified date for invalid avatars
In some cases Akami was holding tight to these invalid avatars,
to avoid this happening we explain the avatar image is ancient
then when a new upload is added it automatically is older than
this.
2018-08-31 17:07:31 +10:00
Sam
1866a8e8da correct invalid spec 2018-08-31 15:06:30 +10:00
Sam
e1975e293f FIX: when uploads are destroyed clear up avatar refs in user table
This also auto corrects twice daily when we ensure consistency
2018-08-31 14:46:42 +10:00
Arpit Jalan
6b9aeeea73 bump onebox version 2018-08-31 08:40:36 +05:30
Sam
9b7cab589a FIX: revert diacritic stripping
See more details in test case and at: https://meta.discourse.org/t/discourse-should-ignore-if-a-character-is-accented-when-doing-a-search/90198/16?u=sam
2018-08-31 11:46:55 +10:00
Guo Xiang Tan
81b99efc68 DEV: Raise an error if thread doesn't return within expected time. 2018-08-31 09:26:28 +08:00
Joshua Rosenfeld
f3afc0cf76 Add raw date to title attribute on old flags page (#6349) 2018-08-31 11:01:10 +10:00
Vinoth Kannan
297e8aaf2e FIX: Escape regex pattern variable before using it 2018-08-31 03:02:24 +05:30
Blake Erickson
c6f339a0b5 format json better with spaces in my test 2018-08-30 14:39:40 -06:00
Blake Erickson
ae532f8548 FIX: return 422 for an invalid group name on category create 2018-08-30 14:28:55 -06:00
Neil Lalonde
4b6381367e add support for Excon connection options in hub requests 2018-08-30 15:57:11 -04:00
Neil Lalonde
415201e1b4 Version bump to v2.1.0.beta6 2018-08-30 10:53:20 -04:00
Joffrey JAFFEUX
2dfb097dd9
DEV: plugin generator support for spec/test/controller/routes (#6344) 2018-08-30 16:38:25 +02:00
Neil Lalonde
1062d45430 recover translations for Terms of Service 2018-08-30 10:31:10 -04:00
Neil Lalonde
5a4d6f9656 Update translations 2018-08-30 09:40:31 -04:00
Joffrey JAFFEUX
ceae3d0a93
fix js tests (#6343) 2018-08-30 15:09:08 +02:00
Joffrey JAFFEUX
bb93179609
FEATURE: charts will now use tertiary color (#6342) 2018-08-30 14:56:11 +02:00