discourse/spec/components
Jarek Radosz 4302097b3b
SECURITY: Prevent arbitrary file write when decompressing files (stable) (#18423)
* SECURITY: Prevent arbitrary file write when decompressing files
* FIX: Allow decompressing files into symlinked directories

Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
Co-authored-by: Gerhard Schlager <gerhard.schlager@discourse.org>
2022-09-29 20:07:58 +02:00
..
auth FIX: Logout could fail due to cached user 2022-07-04 17:01:45 +02:00
common_passwords DEV: Fix methods removed in Ruby 3.2 (#15459) 2022-01-05 18:45:08 +01:00
concern DEV: Clear custom field preload proxy on preload_custom_fields (#15671) 2022-01-21 14:29:51 +10:00
email FIX: don't trigger topic_created event for reply posts via email. (#15485) 2022-01-10 13:54:10 +05:30
file_store FIX: make tests work with higher starting upload id (#15237) 2021-12-08 13:13:59 -06:00
freedom_patches FIX: translation precedence was different on client and server 2021-12-17 14:03:35 +01:00
guardian FEATURE: Allow admins to permanently delete posts and topics (#14406) 2021-10-13 12:53:23 +03:00
highlight_js
imap DEV: Move imap_helper to spec/support directory (#14776) 2021-10-29 20:46:25 +02:00
import
middleware SECURITY: Ensure user-agent-based responses are cached separately (stable) (#16476) 2022-04-14 14:26:00 +01:00
migration
plugin DEV: Fix methods removed in Ruby 3.2 (#15459) 2022-01-05 18:45:08 +01:00
pretty_text
rate_limiter
scheduler
site_settings DEV: Drop env-based SiteSetting deprecation errors (#15273) 2021-12-13 17:36:29 +01:00
stylesheet FIX: Ensure theme names are escaped in HTML attributes (#15272) 2021-12-13 10:50:09 +00:00
svg_sprite PERF: Make tests faster by prefabricating more things (#15392) 2021-12-22 11:09:43 -06:00
theme_store SECURITY: Prevent arbitrary file write when decompressing files (stable) (#18423) 2022-09-29 20:07:58 +02:00
validators FEATURE: Humanize file size error messages (#14398) 2021-09-22 07:59:45 +10:00
wizard FEATURE: Enable auto dark mode on new instances (#14208) 2021-09-02 14:55:38 -04:00
admin_confirmation_spec.rb
admin_user_index_query_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
archetype_spec.rb
cache_spec.rb FIX: ensures defined expired_in is passed from write to write_entry (#11622) 2021-01-04 10:34:44 +01:00
category_badge_spec.rb
composer_messages_finder_spec.rb FEATURE: Make allow_uploaded_avatars accept TL (#14091) 2021-08-24 10:46:28 +03:00
content_buffer_spec.rb
cooked_post_processor_spec.rb DEV: Allow for taller images in posts and oneboxes (#15395) 2021-12-22 16:01:34 -07:00
crawler_detection_spec.rb FEATURE: Implement browser update in crawler view (#12448) 2021-03-22 19:41:42 +02:00
current_user_spec.rb FEATURE: Apply rate limits per user instead of IP for trusted users (#14706) 2021-11-17 23:27:30 +03:00
directory_helper_spec.rb
discourse_diff_spec.rb Escape values of HTML attributes 2021-08-10 10:25:15 -04:00
discourse_event_spec.rb DEV: Plugin API to add directory columns (#13440) 2021-06-22 13:00:04 -05:00
discourse_hub_spec.rb
discourse_plugin_registry_spec.rb DEV: Remove deprecated plugins variables importer (#12168) 2021-02-23 16:20:59 -05:00
discourse_redis_spec.rb DEV: Pass kwargs to the redis gem when calling methods/commands that we don't wrap (#14530) 2021-10-06 17:42:04 +03:00
discourse_spec.rb SECURITY: Remove ember-cli specific response from application routes (#15155) 2021-12-01 16:10:40 +00:00
discourse_tagging_spec.rb FIX: Keep existent tags when editing tag topics (#15050) 2021-11-23 13:00:45 +02:00
discourse_updates_spec.rb FIX: Regression introduced in #14715 (#14842) 2021-11-09 17:20:09 +11:00
distributed_memoizer_spec.rb
distributed_mutex_spec.rb
email_cook_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
email_updater_spec.rb DEV: Hash tokens stored from email_tokens (#14493) 2021-11-25 09:34:39 +02:00
enum_spec.rb
excerpt_parser_spec.rb
feed_element_installer_spec.rb
feed_item_accessor_spec.rb FIX: Select best link from Atom feed (#15663) 2022-01-21 17:54:18 +02:00
file_helper_spec.rb
filter_best_posts_spec.rb
final_destination_spec.rb SECURITY: Onebox response timeout and size limit (#15927) 2022-02-14 12:13:22 +11:00
flag_settings_spec.rb
gaps_spec.rb
global_path_spec.rb
guardian_spec.rb PERF: Make tests faster by prefabricating more things (#15392) 2021-12-22 11:09:43 -06:00
has_errors_spec.rb
hijack_spec.rb FEATURE: Apply rate limits per user instead of IP for trusted users (#14706) 2021-11-17 23:27:30 +03:00
html_prettify_spec.rb
html_to_markdown_spec.rb FIX: Hoisting linebreaks shouldn't fail for HTML5 elements (#14364) 2021-09-17 10:41:34 +02:00
image_sizer_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
inline_oneboxer_spec.rb FIX: Respect blocked domains list when redirecting (#15656) 2022-01-20 14:12:34 +08:00
js_locale_helper_spec.rb FEATURE: Add English (UK) as locale (#11768) 2021-01-20 21:32:22 +01:00
json_error_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
letter_avatar_spec.rb
method_profiler_spec.rb
new_post_manager_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
new_post_result_spec.rb
oneboxer_spec.rb FIX: Only block domains at the final destination (#15689) (#15783) 2022-02-03 09:42:06 +08:00
onpdiff_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
pbkdf2_spec.rb DEV: Load rails_helper in pbkdf2_spec (#14775) 2021-10-29 20:15:10 +02:00
pinned_check_spec.rb
plain_text_to_markdown_spec.rb
post_action_creator_spec.rb DEV: Create post actions without creating a notification and store custom data. (#15397) 2021-12-27 11:25:37 -03:00
post_creator_spec.rb PERF: Make tests faster by prefabricating more things (#15392) 2021-12-22 11:09:43 -06:00
post_destroyer_spec.rb PERF: Speed up the tests by pre-fabricating more things (#15318) 2021-12-15 11:41:14 -06:00
post_locker_spec.rb
post_merger_spec.rb FIX: TL4 users cannot delete others posts (#13554) 2021-06-30 15:51:35 +03:00
post_revisor_spec.rb PERF: Speed up the tests by pre-fabricating more things (#15318) 2021-12-15 11:41:14 -06:00
presence_channel_spec.rb DEV: Introduce PresenceChannel API for core and plugin use 2021-08-27 16:26:06 +01:00
pretty_text_spec.rb FIX: Improve top links section from user summary (#15675) 2022-01-24 11:33:23 +11:00
promotion_spec.rb FIX: check if BasicBadge is enabled for TL1 welcome message (#13983) 2021-08-11 08:39:25 +10:00
quote_comparer_spec.rb
rate_limiter_spec.rb No need to disable rate limiter after running tests (#13093) 2021-05-19 16:04:35 +04:00
redis_store_spec.rb
retrieve_title_spec.rb FIX: Only block domains at the final destination (#15689) (#15783) 2022-02-03 09:42:06 +08:00
rtl_spec.rb
s3_helper_spec.rb FIX: Ensure CORS rules exist for S3 using rake task (#14802) 2021-11-08 09:16:38 +10:00
s3_inventory_multisite_spec.rb DEV: Isolate multisite specs (#13634) 2021-07-07 18:57:42 +02:00
s3_inventory_spec.rb DEV: Isolate multisite specs (#13634) 2021-07-07 18:57:42 +02:00
score_calculator_spec.rb
scss_checker_spec.rb PERF: Eager load Theme associations in Stylesheet Manager. 2021-06-21 11:06:58 +08:00
search_spec.rb SECURITY: Advanced group search did not respect visiblity of groups. 2022-01-10 13:49:26 +08:00
secure_session_spec.rb
site_icon_manager_spec.rb
site_setting_extension_multisite_spec.rb DEV: Isolate multisite specs (#13634) 2021-07-07 18:57:42 +02:00
site_setting_extension_spec.rb DEV: Remove site_setting_saved event (#15164) 2021-12-02 09:33:03 -06:00
slug_spec.rb DEV: Correct typos and spelling mistakes (#12812) 2021-05-21 11:43:47 +10:00
spam_handler_spec.rb
suggested_topics_builder_spec.rb
system_message_spec.rb
text_cleaner_spec.rb FEATURE: Correctly convert topic title to uppercase and lowercase for Turkish default locale (#13115) 2021-05-24 18:13:30 +10:00
text_sentinel_spec.rb FIX: prevents exception when text input is nil (#12922) 2021-05-03 09:21:35 +02:00
theme_settings_manager_spec.rb DEV: use upload id to save in theme setting instead of URL. (#14341) 2021-09-16 07:58:53 +05:30
theme_settings_parser_spec.rb DEV: Don't user before(:all)/after(:all) (#13389) 2021-06-15 17:25:06 +02:00
timeline_lookup_spec.rb DEV: followup to 8edd2b38cb to use existing spec (#11830) 2021-01-25 12:04:27 +01:00
topic_creator_spec.rb FIX: include new tags in validation if user can create one. (#14744) 2021-10-28 11:59:46 +05:30
topic_publisher_spec.rb
topic_query_spec.rb PERF: Make tests faster by prefabricating more things (#15370) 2021-12-20 12:59:10 -06:00
topic_retriever_spec.rb FEATURE: Stop checking referer for embeds (#13756) 2021-07-16 15:25:49 -03:00
topic_view_spec.rb FIX: Display pending posts in a moderated category 2021-12-07 10:14:45 +01:00
topics_bulk_action_spec.rb FEATURE: Dismiss new and unread for PM inboxes. 2021-08-05 12:56:15 +08:00
trashable_spec.rb
trust_level_spec.rb
unread_spec.rb FEATURE: Add last visit indication to topic view page. (#13471) 2021-07-05 14:17:31 +08:00
url_helper_spec.rb FIX: errors loading secure uploads when secure uploads is disabled (#13047) 2021-06-08 13:25:51 -04:00
user_lookup_spec.rb REVERT "FIX: do not show private group flair on user avatars" (#13991) 2021-08-10 17:25:11 +05:30
user_name_suggester_spec.rb FEATURE: when suggesting usernames skip input that consist entirely of disallowed characters (#15368) 2021-12-21 21:13:05 +04:00
version_spec.rb