github-mirror/discourse
github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-24 10:58:39 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
discourse/spec
History
David Taylor 6b6b31a97f
FEATURE: Allow admins to opt-in to seamless redirects on /auth/* (#31235) 
By default, when multiple login providers are enabled, Discourse
requires user interaction before triggering an external auth flow. This
is defense-in-depth against "Login CSRF" attacks.

This commit introduces a setting to control this behavior, so that it
can be disabled when admins fully trust the downstream systems, and need
an interaction-free login flow on a site with multiple login providers.

Default behavior remains unchanged.
2025-02-07 11:43:39 +00:00
..
fabricators
FEATURE: Improve wizard quality and rearrange steps (#30055)
2025-01-02 09:28:23 +10:00
fixtures
FEATURE: Remove unnecessary org names from PR oneboxes (#31102)
2025-02-01 01:05:08 +01:00
generator
helpers
SECURITY: Preload data only when rendering application layout
2025-02-04 13:32:30 -03:00
import_export
initializers
integration
SECURITY: When enabled only allow Discourse Connect logins
2024-12-19 13:13:23 -03:00
integrity
DEV: Add spec to ensure app works with multiple tagged loggers
2024-08-13 18:10:03 +02:00
jobs
DEV: Refresh translation override status when updating (#31233)
2025-02-07 14:12:28 +08:00
lib
FIX: do not notify admins about PMs when suppress is on (#31232)
2025-02-07 15:04:08 +11:00
mailers
FEATURE: add support for One-Click unsubscribe (RFC 8058)
2024-12-31 15:28:59 +01:00
migrations
DEV: update fa6 icons to drop fa prefix (#30100)
2024-12-05 10:00:41 +08:00
models
DEV: Refresh translation override status when updating (#31233)
2025-02-07 14:12:28 +08:00
multisite
FIX: Include original filename in s3 uploads even if not attachment (#30789)
2025-01-15 18:08:18 +08:00
requests
FEATURE: Allow admins to opt-in to seamless redirects on /auth/* (#31235)
2025-02-07 11:43:39 +00:00
script/import_scripts
serializers
FEATURE: add first post likes data serializer (#31216)
2025-02-06 20:50:30 +05:30
services
UX: Show parent category name for category hashtags (#31188)
2025-02-05 12:31:50 +10:00
support
DEV: Remove invalid parsing options (#30545)
2025-01-03 13:17:49 +01:00
system
UX: Do not use generic username suggestions for invites (#31175)
2025-02-07 10:52:41 +00:00
tasks
DEV: Fix constant redefinition warnings when running specs (#29837)
2024-11-20 15:17:36 +11:00
views
rails_helper.rb
DEV: Add base admin page page object (#30814)
2025-01-16 12:52:41 +08:00
regenerate_swagger_docs
swagger_helper.rb