github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-02 02:40:44 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
817b6c24c8
discourse/spec
History
Roman Rizzi 5e4c0e2caa
FEATURE: Treat site settings as plain text and add a new HTML type. (#12618) 
To add an extra layer of security, we sanitize settings before shipping them to the client. We don't sanitize those that have the "html" type.

The CookedPostProcessor already uses Loofah for sanitization, so I chose to also use it for this. I added it to our gemfile since we installed it as a transitive dependency.
2021-04-07 12:51:19 -03:00
..
components FEATURE: Treat site settings as plain text and add a new HTML type. (#12618) 2021-04-07 12:51:19 -03:00
fabricators FEATURE: New way to dismiss new topics (#11927) 2021-02-04 11:27:34 +11:00
fixtures FEATURE: Allow admins to pre-populate user fields (#12361) 2021-03-29 14:03:19 +03:00
helpers A11Y: sets the html lang to user's locale when possible (#12007) 2021-02-10 16:12:09 +01:00
import_export FEATURE: Rake task to export groups (#9450) 2020-04-17 14:59:54 -07:00
initializers FIX: We need to skip users with associated reviewables when auto-approving (#9080) 2020-03-02 14:33:52 -05:00
integration DEV: Retry-after header values should be strings (#12475) 2021-03-23 20:32:36 +01:00
integrity FEATURE: Add anchor links to headings (#12379) 2021-03-23 10:45:06 +02:00
jobs FIX: "confirm new email" emails were failing for EmailChangeRequest records with blank requested_by_user_id field (#12579) 2021-04-01 16:39:28 +05:30
lib Revert "FEATURE: Introduce theme/component QUnit tests (#12517)" (#12632) 2021-04-07 17:45:49 +03:00
mailers FIX: Correctly use invite to topic email templates (#12411) 2021-03-16 17:08:54 +02:00
models Revert "FEATURE: Introduce theme/component QUnit tests (#12517)" (#12632) 2021-04-07 17:45:49 +03:00
multisite DEV: Prevents rate limits for new feature checks on multisite (#12053) 2021-02-12 08:52:59 -05:00
requests Revert "FEATURE: Introduce theme/component QUnit tests (#12517)" (#12632) 2021-04-07 17:45:49 +03:00
script/import_scripts DEV: If disabled do not change setting after import (#12142) 2021-02-19 09:33:35 -07:00
serializers FIX: Only refresh the review count when the user can see the review queue. (#12453) 2021-03-19 16:20:41 -03:00
services FIX: Make HTML scrubber work with deep HTML (#12619) 2021-04-07 17:02:00 +10:00
support FEATURE: Allow using invites when DiscourseConnect SSO is enabled (#12419) 2021-03-19 10:20:10 +10:00
tasks FIX: remove migrate_from_s3 task that silently corrupts data (#11703) 2021-01-17 22:33:29 +01:00
views/omniauth_callbacks FEATURE: Use full page redirection for all external auth methods (#8092) 2019-10-08 12:10:43 +01:00
rails_helper.rb DEV: Better SimpleCov configuration (#12544) 2021-03-29 21:01:35 +03:00
swagger_helper.rb api docs example (#11997) 2021-02-08 10:09:44 -07:00