discourse

mirror of https://github.com/discourse/discourse.git synced 2024-12-12 02:53:45 +08:00

History

Ted Johansson 0c11acf6cf SECURITY: Encode embed url (#21134 ) The embed_url in "This is a companion discussion..." could be used for XSS. Co-authored-by: Blake Erickson <o.blakeerickson@gmail.com>		2023-04-18 15:05:33 +08:00
..
assets	SECURITY: Fix XSS in full name composer reply	2023-03-16 16:25:48 -06:00
controllers	SECURITY: Ensure site setting being updated is a configurable site setting (#21132 )	2023-04-18 14:32:21 +08:00
helpers	DEV: Apply syntax_tree formatting to `app/*`	2023-01-09 14:14:59 +00:00
jobs	DEV: Fix threading error when running jobs immediately in system tests (#19811 )	2023-01-10 13:41:25 +08:00
mailers	DEV: Apply syntax_tree formatting to `app/*`	2023-01-09 14:14:59 +00:00
models	SECURITY: Encode embed url (#21134 )	2023-04-18 15:05:33 +08:00
serializers	FIX: Preload user sidebar attrs when `?enable_sidebar=1` (#19843 )	2023-01-25 13:48:49 +02:00
services	FIX: Do not add empty use/svg tags in ExcerptParser (#19969 )	2023-01-25 13:48:49 +02:00
views	UX: add btn-primary class on email confirm page (#19803 )	2023-01-09 15:26:56 -05:00