github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-04 00:04:04 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
a09dc2d5c2
discourse/spec
History
Alan Guo Xiang Tan a09dc2d5c2 SECURITY: BCC active user emails from group SMTP (#19724) 
When sending emails out via group SMTP, if we
are sending them to non-staged users we want
to mask those emails with BCC, just so we don't
expose them to anyone we shouldn't. Staged users
are ones that have likely only interacted with
support via email, and will likely include other
people who were CC'd on the original email to the
group.

Co-authored-by: Martin Brennan <martin@discourse.org>
2023-01-05 09:45:30 +08:00
..
components SECURITY: Restrict unlisted topic creation (#19258) 2022-12-02 15:55:17 +00:00
fabricators SECURITY: Restrict display of topic titles associated with user badges (#18768) (#18770) 2022-10-27 11:48:00 +08:00
fixtures FIX: Select best link from Atom feed (#15663) 2022-01-21 17:54:18 +02:00
helpers PERF: Redis snapshotting during tests (#15260) 2021-12-10 14:25:26 -06:00
import_export FEATURE: Rake task to export groups (#9450) 2020-04-17 14:59:54 -07:00
initializers FEATURE: A low priority filter for the review queue. (#12822) 2021-04-23 15:34:24 -03:00
integration FIX: Make thumbnail tests start with a clean slate (#15216) 2021-12-07 13:07:45 -06:00
integrity DEV: Fix a flaky Onceoff spec (#13314) 2021-06-07 20:38:31 +02:00
jobs SECURITY: BCC active user emails from group SMTP (#19724) 2023-01-05 09:45:30 +08:00
lib SECURITY: Expand and improve SSRF Protections (stable) (#18816) 2022-11-01 16:34:12 +00:00
mailers SECURITY: BCC active user emails from group SMTP (#19724) 2023-01-05 09:45:30 +08:00
models FIX: Backport invite fixes from main (#19218) 2022-11-28 15:15:00 +10:00
multisite FEATURE: Apply rate limits per user instead of IP for trusted users (#14706) 2021-11-17 23:27:30 +03:00
requests SECURITY: Convert send_digest to a post request (#19748) 2023-01-05 08:51:39 +08:00
script/import_scripts DEV: If disabled do not change setting after import (#12142) 2021-02-19 09:33:35 -07:00
serializers SECURITY: Restrict display of topic titles associated with user badges (#18768) (#18770) 2022-10-27 11:48:00 +08:00
services SECURITY: Expand and improve SSRF Protections (stable) (#18816) 2022-11-01 16:34:12 +00:00
support SECURITY: Expand and improve SSRF Protections (stable) (#18816) 2022-11-01 16:34:12 +00:00
tasks DEV: Clean up old bookmark code (#15455) 2022-01-05 10:02:02 +10:00
views/omniauth_callbacks
rails_helper.rb DEV: Avoid $ globals (#15453) 2022-01-08 23:39:46 +01:00
regenerate_swagger_docs DEV: Add API docs for uploads and API doc watcher (#15387) 2021-12-23 08:40:15 +10:00
swagger_helper.rb DEV: Add API docs for uploads and API doc watcher (#15387) 2021-12-23 08:40:15 +10:00