discourse

mirror of https://github.com/discourse/discourse.git synced 2024-12-14 23:44:09 +08:00

History

Robin Ward 20a8a2f396 SECURITY: Ensure the invite JSON API matches the UX Anonymous users could query the invite json and see counts and summaries which is not allowed in the UX of Discourse. This commit has those endpoints return a 403 unless the user is allowed to invite.		2020-03-05 09:55:45 -05:00
..
assets	FIX: allows to select the action when agreeing with penalty (#9099 )	2020-03-04 10:32:20 -05:00
controllers	SECURITY: Ensure the invite JSON API matches the UX	2020-03-05 09:55:45 -05:00
helpers	FIX: blank popular posts in summary emails due to lightbox images	2020-02-21 16:18:38 -05:00
jobs	FEATURE: limit number of notifications per user to 10,000	2020-02-24 11:42:50 +11:00
mailers	FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528 )	2019-12-12 12:49:21 +10:00
models	FEATURE: limit number of notifications per user to 10,000	2020-02-24 11:42:50 +11:00
serializers	FIX: tag info misleading message saying it's not restricted	2020-02-05 15:23:39 -05:00
services	FIX: ensures destroying a user with security keys doesn't fail (#9042 )	2020-02-25 14:07:57 -05:00
views	FIX: Sync Ember and non-Ember layouts (#9028 )	2020-02-25 15:31:04 +02:00