github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-23 10:41:45 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
097851c135
discourse/app/controllers
History
Martin Brennan 097851c135
FIX: Change secure media to encompass attachments as well (#9271) 
If the “secure media” site setting is enabled then ALL files uploaded to Discourse (images, video, audio, pdf, txt, zip etc. etc.) will follow the secure media rules. The “prevent anons from downloading files” setting will no longer have any bearing on upload security. Basically, the feature will more appropriately be called “secure uploads” instead of “secure media”.

This is being done because there are communities out there that would like all attachments and media to be secure based on category rules but still allow anonymous users to download attachments in public places, which is not possible in the current arrangement.
2020-03-26 07:16:02 +10:00
..
admin FIX: update email_digests user option when default_email_digest_frequency updated. 2020-03-20 00:55:47 +05:30
users FIX: correctly remove authentication_data cookie on oauth login flow 2020-03-21 14:34:25 -07:00
about_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
application_controller.rb FIX: Fix html response in development after ApplicationController reload 2020-03-15 21:00:42 +00:00
badges_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
bookmarks_controller.rb FEATURE: Send notifications for time-based and At Desktop bookmark reminders (#9071) 2020-03-12 10:16:00 +10:00
categories_controller.rb UX: Introduce automatic 'categories topics' setting (#8804) 2020-01-29 20:30:48 +02:00
category_hashtags_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
clicks_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
composer_messages_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
csp_reports_controller.rb allow CSP reports to be sent when header isn't set by Discourse (#6594) 2018-11-14 16:23:29 -05:00
directory_items_controller.rb SECURITY: Ensure user can see group and group members 2020-03-24 11:59:41 +02:00
draft_controller.rb FIX: Confirm draft_key is present on GET 2020-02-14 11:06:12 -05:00
drafts_controller.rb SECURITY: Respect topic permissions when loading draft metadata 2020-03-23 11:30:40 +00:00
email_controller.rb DEV: Implement a faster Discourse.cache 2019-11-27 16:11:49 +11:00
embed_controller.rb FEATURE: Create New Topic button on embed with params (#8280) 2019-11-01 14:19:10 -05:00
exceptions_controller.rb FEATURE: Add site setting to show more detailed 404 errors. (#8014) 2019-10-08 14:15:08 +03:00
export_csv_controller.rb fix the build. 2019-12-24 15:56:44 +05:30
extra_locales_controller.rb FIX: Better error handling for invalid locale bundle versions 2019-11-11 22:30:32 +01:00
finish_installation_controller.rb DEV: update rubocop to version 0.77 2019-12-10 11:48:39 +11:00
forums_controller.rb DEV: shutdown_ok parameter to /srv/status 2020-03-09 14:06:13 -07:00
groups_controller.rb DEV: Move requested_group_id custom field from post to topic (#9127) 2020-03-24 11:12:52 +02:00
highlight_js_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
inline_onebox_controller.rb FIX: Make inline oneboxes work with secured topics in secured contexts (#8895) 2020-02-12 12:11:28 +02:00
invites_controller.rb FEATURE: Add timezone to core user_options (#8380) 2019-11-25 10:49:27 +10:00
list_controller.rb FIX: Make category slug validation less strict (#8915) 2020-02-11 17:01:12 +02:00
metadata_controller.rb FEATURE: Ensure we always fill the short_name in the web manifest 2020-02-04 14:16:00 -03:00
notifications_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
offline_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
onebox_controller.rb FIX: Cache failed onebox URL request server-side (#8421) 2019-11-28 07:48:29 +10:00
permalinks_controller.rb FIX: Check for permalinks before showing the 404 page 2020-03-23 16:31:07 -07:00
post_action_users_controller.rb UX: pluralize "likes/read this" 2019-12-13 22:18:28 +01:00
post_actions_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_readers_controller.rb DEV: '= true' is not necessary 2019-12-03 11:32:45 -03:00
posts_controller.rb FEATURE: Allow custom date + time for bookmark reminders (#9185) 2020-03-12 10:52:15 +10:00
push_notification_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
qunit_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
reviewable_claimed_topics_controller.rb FIX: Make reviewable claiming work with deleted topics (#9040) 2020-02-25 15:49:23 +02:00
reviewables_controller.rb DEV: update rubocop to version 0.77 2019-12-10 11:48:39 +11:00
robots_txt_controller.rb FEATURE: Allow customization of robots.txt (#7884) 2019-07-15 20:47:44 +03:00
safe_mode_controller.rb FEATURE: Always disable customizations on the /safe-mode route (#9052) 2020-02-28 10:53:11 +00:00
search_controller.rb FEATURE: unconditionally skip indexing on search controller 2020-02-28 09:21:31 +11:00
session_controller.rb FIX: Handle SSO Provider Parse exception 2020-02-12 16:08:04 -07:00
similar_topics_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
site_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
static_controller.rb FEATURE: add short site description on login page title 2019-10-14 11:40:09 +05:30
steps_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
stylesheets_controller.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
svg_sprite_controller.rb UX: introduces icon-picker component for badges (#8844) 2020-02-05 00:41:10 +01:00
tag_groups_controller.rb DEV: Tag group improvements (#8252) 2019-10-30 16:57:13 +01:00
tags_controller.rb FIX: Make category slug validation less strict (#8915) 2020-02-11 17:01:12 +02:00
theme_javascripts_controller.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
themes_controller.rb Fix string literal when switching theme in dev env 2019-05-13 10:25:51 -04:00
topics_controller.rb FIX: post edited webhook does not reflect updated topic title 2020-03-21 07:43:11 -06:00
uploads_controller.rb FIX: Change secure media to encompass attachments as well (#9271) 2020-03-26 07:16:02 +10:00
user_actions_controller.rb FEATURE: Quick access panels in user menu (#8073) 2019-09-09 11:03:57 -04:00
user_api_keys_controller.rb SECURITY: Correct permission check when revoking user API keys 2019-12-17 10:56:16 +00:00
user_avatars_controller.rb FIX: Return blank avatar when downloading an avatar is not possible due to file size 2019-10-22 12:05:36 -03:00
user_badges_controller.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
users_controller.rb SECURITY: Respect topic permissions when loading bookmark metadata 2020-03-23 11:30:48 +00:00
users_email_controller.rb FIX: When admin changes another user's email auto-confirm the change (#9001) 2020-02-20 09:52:21 +10:00
webhooks_controller.rb DEV: Apply rubocop (#8926) 2020-02-11 16:21:03 +00:00
wizard_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00