github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-02 19:23:59 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
8f001bdb1b
discourse/app
History
Sam Saffron 8f001bdb1b SECURITY: mini profiler enabled incorrectly for admins 
We expect mini profiler only to show up on accounts that are flagged as
developer accounts.

Unfortunately there was a bypass on any controllers that mix in ApplicationHelper
2019-10-09 12:50:58 +11:00
..
assets DEV: Allow specifying button class in reviewable action definitions (#8093) 2019-10-08 15:06:15 -03:00
controllers FIX: Improve protection against problematic usernames (#8097) 2019-09-13 15:52:05 -03:00
helpers SECURITY: mini profiler enabled incorrectly for admins 2019-10-09 12:50:58 +11:00
jobs FIX: Don't send notification email when user isn't allowed to see topic 2019-07-02 09:05:36 +10:00
mailers SECURITY: Strip HTML from invite emails 2019-07-05 14:58:46 -04:00
models DEV: Allow specifying button class in reviewable action definitions (#8093) 2019-10-08 15:06:15 -03:00
serializers DEV: Allow specifying button class in reviewable action definitions (#8093) 2019-10-08 15:06:15 -03:00
services FIX: :reject_user_delete action can only be handled by ReviewableUser (#8068) 2019-09-05 11:44:16 -03:00
views Revert "FEATURE: add Noindex to robots.txt for disallowed routes" 2019-07-30 11:37:00 +10:00