github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-26 05:33:40 +08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
188cb58daa
discourse/app/assets/javascripts
History
Natalie Tay 188cb58daa
SECURITY: Fixes for main (#28137) 
* SECURITY: Update default allowed iframes list

Change the default iframe url list to all include 3 slashes.

* SECURITY: limit group tag's name length

Limit the size of a group tag's name to 100 characters.

Internal ref - t/130059

* SECURITY: Improve sanitization of SVGs in Onebox

---------

Co-authored-by: Blake Erickson <o.blakeerickson@gmail.com>
Co-authored-by: Régis Hanol <regis@hanol.fr>
Co-authored-by: David Taylor <david@taylorhq.com>
2024-07-30 14:19:01 +08:00
..
admin DEV: Move config area site setting fetch into new controller (#28136) 2024-07-30 15:41:28 +10:00
custom-proxy Build(deps-dev): Bump glob from 10.4.2 to 10.4.3 (#27751) 2024-07-08 08:40:31 +08:00
deprecation-silencer DEV: Silence whitespace-eating-comment warnings (#27129) 2024-05-22 16:21:51 +02:00
dialog-holder Build(deps-dev): Bump webpack from 5.92.1 to 5.93.0 (#27882) 2024-07-12 01:30:31 +02:00
discourse SECURITY: Fixes for main (#28137) 2024-07-30 14:19:01 +08:00
discourse-common DEV: Fix random typos (#28103) 2024-07-26 23:13:12 +02:00
discourse-hbr DEV: Convert discourse-hbr to a regular package (#26562) 2024-04-08 20:00:34 +01:00
discourse-i18n FIX: Don't crash when MF definitions are missing 2024-07-29 18:13:17 +02:00
discourse-markdown-it SECURITY: Fixes for main (#28137) 2024-07-30 14:19:01 +08:00
discourse-plugins Build(deps): Bump the babel group across 1 directory with 2 updates (#27943) 2024-07-17 11:41:52 +01:00
discourse-widget-hbs Build(deps): Bump the babel group across 1 directory with 2 updates (#27943) 2024-07-17 11:41:52 +01:00
docs
ember-addons
ember-cli-progress-ci PERF: Improve production JS build in low-memory environments (#26849) 2024-05-02 11:43:59 +01:00
ember-production-deprecations DEV: Drop unused shims for Ember 3 deprecations (#26563) 2024-04-09 09:22:37 +01:00
float-kit DEV: Fix random typos (#28103) 2024-07-26 23:13:12 +02:00
locales FEATURE: Add Uyghur language (#27183) 2024-05-27 09:58:18 +02:00
pretty-text Build(deps): Bump the babel group across 1 directory with 2 updates (#27943) 2024-07-17 11:41:52 +01:00
select-kit DEV: Clean up imports (#28060) 2024-07-25 15:09:06 +02:00
theme-transpiler Build(deps): Bump terser from 5.31.2 to 5.31.3 (#27944) 2024-07-17 11:42:10 +01:00
truth-helpers Build(deps): Bump ember-auto-import from 2.7.3 to 2.7.4 (#27615) 2024-06-26 01:35:06 +02:00
.npmrc
handlebars-shim.js
polyfills.js
run-patch-package
service-worker.js.erb DEV: Drop workbox dependency (#26735) 2024-04-24 10:19:12 +01:00