discourse/app/controllers/admin
Roman Rizzi 10565e4623
SECURITY: Safely decompress files. (#8124)
* FEATURE: Adds an extra protection layer when decompressing files.

* Rename exporter/importer to zip importer. Update old locale

* Added a new composite class to decompress a file with multiple strategies

* Set max file size inside a site setting

* Ensure that file is deleted after compression

* Sanitize path and files before compressing/decompressing
2019-10-03 10:19:35 -03:00
..
admin_controller.rb DEV: add a few frozen string literals 2019-05-02 16:57:12 +10:00
api_controller.rb DEV: add a few frozen string literals 2019-05-02 16:57:12 +10:00
backups_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
badges_controller.rb DEV: Prefer public_send over send. 2019-05-07 09:33:21 +08:00
color_schemes_controller.rb DEV: add a few frozen string literals 2019-05-02 16:57:12 +10:00
dashboard_controller.rb DEV: add a few frozen string literals 2019-05-02 16:57:12 +10:00
email_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_styles_controller.rb FEATURE: customization of html emails (#7934) 2019-07-30 15:05:08 -04:00
email_templates_controller.rb DEV: Remove unused "Email Reject No Account" template (#8022) 2019-08-20 12:43:51 +02:00
embeddable_hosts_controller.rb DEV: add a few frozen string literals 2019-05-02 16:57:12 +10:00
embedding_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
emojis_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
groups_controller.rb FEATURE: Publish read state on group messages. (Originally introduced in #7989) (#8025) 2019-08-27 09:09:00 -03:00
impersonate_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
permalinks_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plugins_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
reports_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
robots_txt_controller.rb FEATURE: Allow customization of robots.txt (#7884) 2019-07-15 20:47:44 +03:00
screened_emails_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
screened_ip_addresses_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
screened_urls_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
search_logs_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_settings_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_texts_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
staff_action_logs_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
themes_controller.rb SECURITY: Safely decompress files. (#8124) 2019-10-03 10:19:35 -03:00
user_fields_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
users_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
versions_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
watched_words_controller.rb FEATURE: Watched words improvements (#7899) 2019-07-22 14:59:56 +03:00
web_hooks_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00