github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-16 06:39:46 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
20,120 Commits 214 Branches 500 Tags 960 MiB
f71c9758a9
Commit Graph

8272 Commits

Author SHA1 Message Date
Robin Ward
f71c9758a9 Backport get-owner API so plugins can use it safely 2016-11-21 11:16:49 -05:00
Guo Xiang Tan
515024a0ac SECURITY: Escape image title in lightbox. 2016-08-11 11:17:37 +08:00
Guo Xiang Tan
1acef41e51 Revert "UX: Centering Badge notification styles on mobile." 
This reverts commit fce902ab1e.
 2016-08-08 09:36:07 +08:00
Neil Lalonde
2499b56594 Merge master 2016-08-05 15:13:33 -04:00
Robin Ward
b17908fab1 SECURITY: XSS issue on Admin users list 2016-08-05 12:48:33 -04:00
Robin Ward
3d62e5dd98 SECURITY: XSS issue on Admin users list 2016-08-05 12:01:16 -04:00
Guo Xiang Tan
33e7df977d FIX: Row resize zone should be full width of composer. 2016-08-05 10:02:01 +08:00
Sam
9b011cb75d UX: increase mobile line height for readability 2016-08-05 09:22:54 +10:00
Guo Xiang Tan
2332422a85 UX: Text wasn't centered properly in badge notification. 2016-08-04 10:51:11 +08:00
Guo Xiang Tan
66f14ab0b8 Draw grippie with CSS. 2016-08-04 10:24:14 +08:00
Guo Xiang Tan
927bf19d93 UX: Disable dismiss notifications button when there is nothing to dismiss. 2016-08-04 09:48:10 +08:00
Robin Ward
331135a88e Deuglify the admin dashboard loading state. Also clean up the code 2016-08-03 15:36:41 -04:00
Robin Ward
19fa24d888 Add a warning if a user tries to PM themselves 2016-08-03 13:58:24 -04:00
Neil Lalonde
5f67cd7b45 FIX: tag input detects when a tag is not allowed and won't offer to create it anyway 2016-08-03 13:18:56 -04:00
Régis Hanol
cb809784df refactor version-check to ES6 2016-08-03 16:13:02 +02:00
Régis Hanol
35c13bca6c Merge pull request #4363 from cpradio/version-link-shows-compare 
FEATURE: Installed Version link shows GitHub Compare to branch being followed
 2016-08-03 16:03:57 +02:00
Régis Hanol
a21d52951a don't use startsWith just yet 2016-08-03 14:31:52 +02:00
Robin Ward
1ae625ec2e FIX: Archetype class wasn't being applied on refresh 2016-08-02 15:26:07 -04:00
Robin Ward
2d7b036b9a UX: Display nicer looking numbers for unread in categories 2016-08-02 15:16:07 -04:00
Robin Ward
857d54162b Redirect to Summary when viewing yourself 2016-08-02 13:21:24 -04:00
Robin Ward
7a6cd15c4a FIX: Disable events on hidden timeline buttons 2016-08-02 11:34:27 -04:00
cpradio
1b89c2f0ef FEATURE: Installed Version link shows GitHub Compare to branch being followed 2016-08-02 06:18:44 -04:00
Guo Xiang Tan
dc2dae2cc4 FIX: Logs notice was not displaying the right Date. 2016-08-02 12:40:28 +08:00
Guo Xiang Tan
bf683178a8 FIX: Remove tag plugin code from tag hashtag check. 2016-08-02 10:59:12 +08:00
Jeff Atwood
138e2071c5 slightly increase mobile post body font size 2016-08-01 16:23:41 -07:00
Régis Hanol
0fa458c5a7 Merge pull request #4356 from acshi/datapayloadarchetype 
data.archetype should be data.payload.archetype in topic_tracking_state.js.es6
 2016-08-01 14:10:51 +02:00
Sam
9018de39ed FEATURE: allow shipping bio markdown via SSO 
- Also adds site setting for sso_overrides_bio to disable bio editing by end users
 2016-08-01 15:29:28 +10:00
Rafael dos Santos Silva
5d91355c97 FIX upload hints 2016-07-30 15:39:11 -03:00
Robin Ward
9cb8d5d19e FIX: Whitelist the big tag 2016-07-29 16:11:18 -04:00
Acshi Haggenmiller
26e8eed83b changed data.archetype typo to data.payload.archetype in topic_tracking_state.js.es6 2016-07-29 11:23:00 -04:00
Robin Ward
9adfccfad1 FIX: Regression with escaping on badge page 
In this branch (stable) we can't run the sanitizer because the bundle is not
loaded. The long badge description is not sanitized, but it
has to be created by an admin so it's extremely low risk.

In the beta / tests-passed branches the text is sanitized.
 2016-07-28 16:11:41 -04:00
Robin Ward
efc6408b1d FIX: Regression with escaping on badge page 2016-07-28 15:57:06 -04:00
Robin Ward
f416634ea0 SECURITY: Cross-Site Scripting in Category and Group Settings 2016-07-28 15:30:53 -04:00
Robin Ward
90a3cc7f18 SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions 2016-07-28 15:29:05 -04:00
Robin Ward
cf5b756b1a SECURITY: Cross-Site Scripting in Category and Group Settings 2016-07-28 11:57:59 -04:00
Robin Ward
2f8ab8cd30 SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions 2016-07-28 11:38:12 -04:00
Guo Xiang Tan
0128fdfc46 FIX: Discourse.ajax is deprecated. 2016-07-28 18:20:24 +08:00
Guo Xiang Tan
36ddb1787e FEATURE: Add toggle topic visibility button in popup menu. 2016-07-28 16:57:04 +08:00
Sam
c6dbaca0dc SECURITY: disable user entered badge SQL by default 
- Hidden site settings now must be change via rails console
 2016-07-28 09:03:00 +10:00
Régis Hanol
e848c336bb FIX: only prevent clicks on links in the preview 2016-07-27 20:53:45 +02:00
Régis Hanol
c4b52b1a19 GET is a more RESTy verb for '/users/:username/emails' 2016-07-27 20:15:28 +02:00
Régis Hanol
ea59283c1e FIX: PM automatic groups via URL 2016-07-27 19:16:31 +02:00
Andre Pereira
8cbd585e20 FEATURE: Allow staff users to merge posts. 2016-07-27 12:04:14 +08:00
Neil Lalonde
3af27a6d83 FIX: category settings should not limit number of tags 2016-07-26 16:04:11 -04:00
Neil Lalonde
3c0df3510a FIX: tags index should show all tags belonging to a category even if they have never been used 2016-07-26 16:04:11 -04:00
Robin Ward
5ba8612fa8 UX: Button had wrong margin on iOS 2016-07-26 15:10:14 -04:00
Robin Ward
424bb143db FIX: Jump to post on iOS was broken - replace with prompt 2016-07-26 15:08:04 -04:00
Neil Lalonde
de99853dee FIX: routes for tag nav items 2016-07-26 12:39:36 -04:00
Robin Ward
fbfd3124a0 Whitelist some more tags and add extra tests 2016-07-26 11:02:09 -04:00
Guo Xiang Tan
2242568507 UX: Missing spinning wheel on topics list. 2016-07-26 17:31:28 +08:00