discourse/app/services
David Taylor 68b4fe4cf8
SECURITY: Expand and improve SSRF Protections (#18815)
See https://github.com/discourse/discourse/security/advisories/GHSA-rcc5-28r3-23rr

Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2022-11-01 16:33:17 +00:00
..
notifications FEATURE: Before consolidation callbacks. (#15428) 2021-12-30 15:40:16 -03:00
spam_rule DEV: Use AR enums in reviewables related code 2022-09-22 14:44:27 +02:00
anonymous_shadow_creator.rb FIX: fallback to anonymous not user when suggesting usernames for anonymous users (#15354) 2021-12-21 21:09:55 +04:00
badge_granter.rb DEV: Refactor user_badge_granted DiscourseEvent logic (#17579) 2022-07-22 09:06:02 +08:00
base_bookmarkable.rb PERF: Only load the current user's topic_user for bookmarks list (#17873) 2022-08-17 09:40:24 +08:00
color_scheme_revisor.rb FEATURE: User selectable color schemes (#10544) 2020-08-28 10:36:52 -04:00
destroy_task.rb DEV: Avoid $ globals (#15453) 2022-01-08 23:39:46 +01:00
email_settings_exception_handler.rb FEATURE: Improve group email settings UI (#13083) 2021-05-28 09:28:18 +10:00
email_settings_validator.rb FEATURE: Improve group email settings UI (#13083) 2021-05-28 09:28:18 +10:00
email_style_updater.rb FEATURE: support SCSS in custom email style 2019-10-23 15:42:37 -04:00
external_upload_manager.rb FEATURE: Direct S3 multipart uploads for backups (#14736) 2021-11-11 08:25:31 +10:00
group_action_logger.rb FEATURE: Experimental support for group membership via google auth (#14835) 2021-12-09 12:30:27 +00:00
group_mentions_updater.rb FIX: Mentions updater should work regardless of .notify 2020-02-18 16:02:26 -05:00
group_message.rb FIX: Don't delete previous messages when we're inside the sent_recently window. (#18239) 2022-09-13 12:43:24 -03:00
handle_chunk_upload.rb DEV: Fix methods removed in Ruby 3.2 (#15459) 2022-01-05 18:45:08 +01:00
hashtag_autocomplete_service.rb FEATURE: Generic hashtag autocomplete sorting (#18718) 2022-10-25 08:59:17 +10:00
heat_settings_updater.rb FIX: round the calculated heat values 2019-06-06 15:44:55 -04:00
inline_uploads.rb FIX: Ensure pull-hotlinked can rewrite lone oneboxes (#17354) 2022-07-06 11:46:33 +01:00
notification_emailer.rb DEV: Update more Jobs#enqueue calls to use strings (#15823) 2022-02-04 19:58:34 +00:00
post_action_notifier.rb FEATURE: Add setting to disable notifications for topic tags edits (#14794) 2021-11-02 13:53:21 -04:00
post_alerter.rb FIX: Don't notify topic author about small action posts (#18789) 2022-10-31 06:26:20 +08:00
post_bookmarkable.rb PERF: Only load the current user's topic_user for bookmarks list (#17873) 2022-08-17 09:40:24 +08:00
post_owner_changer.rb FIX: update 'posted' column on post owner change (#16367) 2022-04-04 22:42:38 +05:30
push_notification_pusher.rb FIX: fallback to default push notification icon if none exists (#16961) 2022-06-01 12:00:05 +10:00
random_topic_selector.rb FIX: add support for pipelined and multi redis commands (#16682) 2022-05-10 08:19:02 +10:00
registered_bookmarkable.rb PERF: Only load the current user's topic_user for bookmarks list (#17873) 2022-08-17 09:40:24 +08:00
search_indexer.rb Revert "FEATURE: Include participants in PN search data (#16855)" (#16904) 2022-05-25 15:08:36 +10:00
sidebar_site_settings_backfiller.rb FIX: Ignore unique conflicts when backfilling sidebar defaults (#18785) 2022-10-28 07:47:41 +08:00
site_settings_task.rb DEV: Fix rubocop issues (#14715) 2021-10-27 11:39:28 +03:00
staff_action_logger.rb FIX: Restore trust level when leaving group (#17954) 2022-08-29 13:00:48 +03:00
themes_install_task.rb DEV: Add an option to skip a theme update from the themes:install task. (#12905) 2021-04-30 09:31:41 -07:00
topic_bookmarkable.rb FIX: Remove last_unread_post excerpt logic for bookmarks (#17979) 2022-08-19 09:35:25 +10:00
topic_status_updater.rb FIX: Update user stat counts when post/topic visibility changes. (#15883) 2022-02-11 09:00:58 +08:00
topic_timestamp_changer.rb FIX: when updating timestamps on topic set a correct bump date (#13746) 2021-07-16 11:56:51 +04:00
tracked_topics_updater.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
trust_level_granter.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_action_manager.rb DEV: Remove PostAction/UserAction bookmark refs (#16681) 2022-05-10 10:42:18 +10:00
user_activator.rb DEV: Hash tokens stored from email_tokens (#14493) 2021-11-25 09:34:39 +02:00
user_anonymizer.rb FIX: Destroy associated user api keys when making a user anonymous. (#11760) 2021-01-25 11:07:22 -03:00
user_authenticator.rb DEV: Hash tokens stored from email_tokens (#14493) 2021-11-25 09:34:39 +02:00
user_destroyer.rb PERF: Update all user_histories with one query in UserDestroyer (#16717) 2022-05-11 13:39:31 +01:00
user_merger.rb FIX: Prevent "integer out of range" when merging post timings (#15723) 2022-01-26 23:34:28 +01:00
user_notification_renderer.rb DEV: Upgrade Rails to 6.1.3.1 (#12688) 2021-04-21 12:36:32 +03:00
user_notification_schedule_processor.rb FEATURE: Create notification schedule to automatically set do not disturb time (#11665) 2021-01-20 10:31:52 -06:00
user_silencer.rb DEV: Fix silence user context message (#15040) 2021-11-22 19:44:20 +01:00
user_stat_count_updater.rb DEV: Drop user_stats count column constraints (#15949) 2022-02-16 12:49:11 +11:00
user_updater.rb FEATURE: allow user to set preferred sidebar list destination (#18594) 2022-10-18 13:21:52 +11:00
username_changer.rb FEATURE: when suggesting usernames skip input that consist entirely of disallowed characters (#15368) 2021-12-21 21:13:05 +04:00
username_checker_service.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
web_hook_emitter.rb SECURITY: Expand and improve SSRF Protections (#18815) 2022-11-01 16:33:17 +00:00
wildcard_domain_checker.rb SECURITY: vulnerability in WildcardUrlChecker 2019-12-13 09:29:09 -05:00
wildcard_url_checker.rb FIX: Allow any protocol in wildcard url checker (#8651) 2020-01-02 16:03:13 +00:00
word_watcher.rb FIX: Make word watcher work with nil strings (#17830) 2022-08-08 16:34:51 -03:00