discourse/lib
Sam Saffron d5d8db7fa8 FEATURE: improve honeypot and challenge logic
This feature amends it so instead of using one challenge and honeypot
statically per site we have a rotating honeypot and challenge value which
changes every hour.

This means you must grab a fresh copy of honeypot and challenge value once
an hour or account registration will be rejected.

We also now cycle the value of the challenge when after successful account
registration forcing an extra call to hp.json between account registrations

Client has been made aware of these changes.

Additionally this contains a JavaScript workaround for:
https://bugs.chromium.org/p/chromium/issues/detail?id=987293

This is client side code that is specific to Chrome user agent and swaps
a PASSWORD type honeypot with a TEXT type honeypot.
2019-10-16 16:53:44 +11:00
..
active_record/connection_adapters FIX: Race-condition in fallback handlers (#8005) 2019-08-21 15:47:44 +02:00
auth FEATURE: Use full page redirection for all external auth methods (#8092) 2019-10-08 12:10:43 +01:00
autospec DEV: make parallel spec optional with autospec 2019-06-21 11:00:28 +10:00
backup_restore DEV: Split max decompressed setting for themes and backups (#8179) 2019-10-11 14:38:10 -03:00
common_passwords DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
compression DEV: Split max decompressed setting for themes and backups (#8179) 2019-10-11 14:38:10 -03:00
content_security_policy FEATURE: Calculate CSP based on active themes (#6976) 2019-02-11 12:32:04 +00:00
demon FIX: Revert Demon::DemonBase back to Demon::Base (#8132) 2019-10-02 14:54:08 +10:00
email FIX: during concurrent emails generation renderer should not be reused 2019-10-10 08:50:48 +11:00
emoji FEATURE: adds early support for new emojis (#7785) 2019-06-20 11:30:09 +02:00
es6_module_transpiler DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
file_store FIX: Correctly encode non-ASCII filenames in HTTP header 2019-08-07 19:10:50 +02:00
freedom_patches PERF: avoid regex for hot path 2019-10-08 13:43:54 +11:00
generators The generated plugin should also freeze strings 2019-10-03 11:43:36 -04:00
guardian FEATURE: Add site setting to show more detailed 404 errors. (#8014) 2019-10-08 14:15:08 +03:00
highlight_js DEV: already defined constant 'HIGHLIGHTJS_DIR' 2019-01-21 10:12:23 +01:00
i18n DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
import DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
import_export SECURITY: Safely decompress files. (#8124) 2019-10-03 10:19:35 -03:00
javascripts FEATURE: Add Belarusian language 2019-07-04 11:37:37 +02:00
middleware FIX: Fix options given to per-minute rate limiter 2019-09-20 10:48:59 +01:00
migration FIX: Drop readonly function when dropping table 2019-08-09 11:39:46 +02:00
onebox DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
plugin DEV: Add discourse-restricted-replies as official plugin 2019-10-15 22:49:46 +01:00
pretty_text FIX: use upload's cdn url in composer preview if available. 2019-10-14 08:47:15 +05:30
rate_limiter DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
reviewable DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
scheduler FEATURE: log long running jobs in the defer queue 2018-10-12 17:03:47 +11:00
search FEATURE: when under extreme load disable search 2019-07-02 11:22:01 +10:00
seed_data FIX: Consistently handle category param 2019-05-27 16:39:56 +08:00
sidekiq DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_settings FIX: Check for category conflicts in SiteSetting validations (#8137) 2019-10-06 20:50:07 +02:00
stylesheet DEV: improves speed of live reload css in core and plugins (#8161) 2019-10-10 16:10:23 +11:00
svg_sprite DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
tasks DEV: Bump uglifyjs (#7834) 2019-10-09 10:02:49 -03:00
theme_store DEV: Split max decompressed setting for themes and backups (#8179) 2019-10-11 14:38:10 -03:00
turbo_tests DEV: support --fail-fast in bin/turbo_rspec (#8170) 2019-10-09 09:40:06 -05:00
validators DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
webauthn DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
wizard DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
admin_confirmation.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
admin_constraint.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
admin_user_index_query.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
age_words.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
archetype.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
auth.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
avatar_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
backup_restore.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
badge_posts_view_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
badge_queries.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
base62.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
browser_detection.rb FIX: Detect DiscourseHub user agent. 2019-08-09 11:58:15 +03:00
cache.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
canonical_url.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_badge.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
comment_migration.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
composer_messages_finder.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
configurable_urls.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
content_buffer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
content_security_policy.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
cooked_post_processor.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
crawler_detection.rb FIX: use crawler layout when saving url in Wayback Machine (#7667) 2019-06-03 12:13:32 +10:00
csrf_token_verifier.rb DEV: Provide method for auth plugins to generate a CSRF token 2019-08-13 01:13:08 +01:00
current_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
custom_renderer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
custom_setting_providers.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
db_helper.rb FIX: Clear banner topic cache after remapping 2019-08-15 11:24:20 +01:00
directory_helper.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_cookie_store.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_diff.rb FIX: Show a correct diff when editing consecutive paragraphs (#8177) 2019-10-11 03:50:37 -04:00
discourse_event.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_hub.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
discourse_iife.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_ip_info.rb FIX: exception which was meant to be ignored and logged was failing 2019-05-28 11:45:12 +10:00
discourse_logstash_logger.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_plugin_registry.rb FIX: properly load desktop and mobile only plugin css assets. 2019-08-22 08:39:10 +05:30
discourse_plugin.rb DEV: debundle plugin css assets and don't load if disabled (#7646) 2019-08-20 22:09:52 +05:30
discourse_redis.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
discourse_tagging.rb FIX: Provide an error message if no valid tags were selected 2019-07-25 12:46:16 -04:00
discourse_updates.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse.rb FEATURE: Add site setting to show more detailed 404 errors. (#8014) 2019-10-08 14:15:08 +03:00
disk_space.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
distributed_cache.rb REFACTOR: distributed_cache is moved to the message_bus gem 2018-10-15 15:01:45 -04:00
distributed_memoizer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
distributed_mutex.rb FIX: Harden DistributedMutex 2019-10-02 13:00:41 +00:00
edit_rate_limiter.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
email_backup_token.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
email_cook.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_updater.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
encodings.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
enum_site_setting.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
enum.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
excerpt_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
feed_element_installer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
feed_item_accessor.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
file_helper.rb FIX: Gravatar uploads being dependent on authorized_extensions. 2019-08-01 16:24:09 +08:00
filter_best_posts.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
final_destination.rb fix the build 2019-08-07 16:39:58 +05:30
flag_query.rb DEV: Remove FlagQuery class and old code (#8064) 2019-09-12 13:21:33 -03:00
flag_settings.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
gaps.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
global_path.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
guardian.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
has_errors.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
headless-ember.js
hijack.rb Take 2 of 0f5161af19. 2019-04-29 16:41:35 +08:00
homepage_constraint.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
html_prettify.rb Revert "FEATURE: Use configured quotation marks in fancy topic title" 2019-07-18 11:55:49 +02:00
html_to_markdown.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
image_sizer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
import_export.rb DEV: clean up dependencies in spec 2019-10-02 14:50:54 +10:00
inline_oneboxer.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
introduction_updater.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
ip_addr.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
js_locale_helper.rb FIX: Overriding _MF texts didn't work for en_US 2019-08-27 13:17:07 +02:00
json_error.rb FIX: Fix build. 2019-05-22 17:39:44 +03:00
letter_avatar.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
markdown_linker.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
mem_info.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
message_bus_diags.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
method_profiler.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
mini_sql_multisite_connection.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
mobile_detection.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
new_post_manager.rb FIX: first post true if user creates topic first (#8139) 2019-10-02 15:51:40 -04:00
new_post_result.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
notification_levels.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
oneboxer.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
onpdiff.rb FIX: Show a correct diff when editing consecutive paragraphs (#8177) 2019-10-11 03:50:37 -04:00
pbkdf2.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
permalink_constraint.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
pinned_check.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plain_text_to_markdown.rb FIX: use URI.regexp to find URLs in plain text 2019-06-07 01:26:06 +02:00
plugin_gem.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plugin_initialization_guard.rb DEV: Add a plugin incompatibility message (#8151) 2019-10-06 20:47:33 +02:00
post_action_creator.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_action_destroyer.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_action_result.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_creator.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_destroyer.rb Feature/Fix: Flagged posts user notifications (#8041) 2019-08-30 10:27:52 -03:00
post_jobs_enqueuer.rb FEATURE: Publish read state on group messages. (Originally introduced in #7989) (#8025) 2019-08-27 09:09:00 -03:00
post_locker.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_merger.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_revisor.rb FIX: Do not log 'pull_hotlinked_images' edits in the staff action log 2019-09-12 15:55:45 +01:00
pretty_text.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
primary_group_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
promotion.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
quote_comparer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
rate_limiter.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
read_only_header.rb DEV: rename ReadOnly module to ReadOnlyHeader 2019-05-06 16:07:49 +02:00
retrieve_title.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
route_format.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
rtl.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
s3_helper.rb FIX: don't include multisite upload path to source URL if already exist. 2019-08-02 07:57:27 +05:30
s3_inventory.rb DEV: S3Inventory#unsorted_files should always return an array (#8034) 2019-08-23 17:59:31 +10:00
score_calculator.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
screening_model.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
search.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
secure_session.rb FEATURE: improve honeypot and challenge logic 2019-10-16 16:53:44 +11:00
single_sign_on_provider.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
single_sign_on.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_icon_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_setting_extension.rb FIX: remove site setting 'shadowed-by-global' option (#8061) 2019-10-08 12:43:26 -04:00
slug.rb FIX: Properly encoded slugs when configured to (#8158) 2019-10-11 12:38:16 -03:00
socket_server.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
source_url.rb Correct some missing spots for frozen_string_literal 2019-05-13 09:31:32 +08:00
spam_handler.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
sql_builder.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
staff_constraint.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
staff_message_format.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
suggested_topics_builder.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
system_message.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
text_cleaner.rb FEATURE: English locale with international date formats 2019-05-20 13:47:20 +02:00
text_sentinel.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_javascript_compiler.rb DEV: Upgrades to Ember 3.10 (#7871) 2019-07-16 12:45:15 +02:00
theme_settings_manager.rb FEATURE: Load theme setting descriptions from theme locale files 2019-05-31 14:49:59 +01:00
theme_settings_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
timeline_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_creator.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
topic_list_responder.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_publisher.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_query_params.rb FEATURE: Embed topics list on remote sites via Javascript API. (#8008) 2019-08-15 13:41:06 -04:00
topic_query_sql.rb DEV: Rails 5.2 upgrade and global gem upgrade 2018-06-07 14:21:33 +10:00
topic_query.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
topic_retriever.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_subtype.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_view.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
topics_bulk_action.rb FIX: mark topics in sub categories as unread when dismissing parent 2019-06-27 13:26:48 +10:00
trust_level.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
turbo_tests.rb FIX: Made turbo_rspec display errors in shared groups correctly 2019-08-29 12:41:14 +01:00
twitter_api.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
unread.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
upload_creator.rb FIX: ensure we remove tempfiles from disk when creating an upload 2019-10-11 11:13:10 +02:00
upload_fixer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
upload_markdown.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
upload_recovery.rb FEATURE: allow UploadRecovery to be run on a single post (#8094) 2019-10-02 14:57:36 +10:00
url_helper.rb FIX: 'local_cdn_url' method should work for local relative urls too. 2019-10-14 11:39:16 +05:30
user_name_suggester.rb FIX: Respect unicode whitelist when suggesting username 2019-10-01 20:33:09 +02:00
version.rb Version bump to v2.4.0.beta6 2019-10-10 11:46:28 -04:00
webauthn.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
wizard.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00