In core, `escapeExpression` was being applied during the model loading phase. However, plugin consumers of the UserStreamItem component were not necessarily doing the same.
This commit moves the emoji-replacement logic (which also safely handles escaping) into the component template, so that it is safe-by-default, regardless of how it's used by plugins.
This commit drops the `before_action :preload_json` callback in `ApplicationController` as it adds unnecessary complexity to `ApplicationController` as well as other controllers which has to skip this callback. The source of the complexity comes mainly from the following two conditionals in the `preload_json` method:
```
# We don't preload JSON on xhr or JSON request
return if request.xhr? || request.format.json?
# if we are posting in makes no sense to preload
return if request.method != "GET"
```
Basically, the conditionals solely exists for optimization purposes to ensure that we don't run the preloading code when the request is not a GET request and the response is not expected to be HTML. The key problem here is that the conditionals are trying to expect what the content type of the response will be and this has proven to be hard to get right. Instead, we can simplify this problem by running the preloading code in a more deterministic way which is to preload only when the `application` layout is being rendered and this is main change that this commit introduces.
* DEV: add outlet wrapper for categories boxes (#28860)
* DEV: add outlet wrapper for category boxes
* Put plugin outlet after categories boxes
* DEV: Add outlet wrapper for badges template (#28928)
* DEV: Add outlet wrapper for badges template
* Apply suggestions from code review
Co-authored-by: Sérgio Saquetim <1108771+megothss@users.noreply.github.com>
---------
Co-authored-by: Sérgio Saquetim <1108771+megothss@users.noreply.github.com>
* DEV: Add aditional args to plugin outlet (#28948)
* DEV: Add outlet wrapper for user card information replacement (#29523)
* DEV: Add outlet wrapper for user card information replacement
* Fix format issues
* Fix format issues
* format file
* DEV: add outlet wrapper for small user list (#29763)
* DEV: add outlet wrapper for small user list
* DEV: use value transformer to extend small user attrs function
* Update app/assets/javascripts/discourse/app/components/small-user-list.gjs
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
---------
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
* Fix lint issue
* remove extra html
* remove extra value transformers
* disable template formatting rule
* remove aria hidden
---------
Co-authored-by: Sérgio Saquetim <1108771+megothss@users.noreply.github.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Encrypt's tests are known to be flaky, and now seem to be impacting the poll plugin specs somehow. The plugin is end-of-life, with almost no users, so let's skip it on stable CI.
Currently, when the MessageFormat compiler fails on some translations,
we just have the raw output from the compiler in the logs and that’s not
always very helpful.
Now, when there is an error, we iterate over the translation keys and
try to compile them one by one. When we detect one that is failing, it’s
added to a list that is now outputted in the logs. That way, it’s easier
to know which keys are not properly translated, and the problems can be
addressed quicker.
---
The previous implementation of this patch had a bug: it wasn’t handling
locales with country/region code properly. So instead of iterating over
the problematic keys, it was raising an error.
When a post has some replies, and the user click on the button to show them, we would load ALL the replies. This could lead to DoS if there were a very large number of replies.
This adds support for pagination to these post replies.
Internal ref t/129773
XHR requests are handled differently by the application and the
responses do not have any preloaded data so the cache key needs to
differntiate between those requests.
Currently, when the MessageFormat compiler fails on some translations,
we just have the raw output from the compiler in the logs and that’s not
always very helpful.
Now, when there is an error, we iterate over the translation keys and
try to compile them one by one. When we detect one that is failing, it’s
added to a list that is now outputted in the logs. That way, it’s easier
to know which keys are not properly translated, and the problems can be
addressed quicker.
