Penar Musaraj 3debdc8131 SECURITY: XSS when oneboxing user profile location field ...

The XSS here is only possible if CSP is disabled. Low impact since CSP is enabled by default in SiteSettings.

2019-09-17 16:12:50 -04:00

..

components

SECURITY: XSS when oneboxing user profile location field

2019-09-17 16:12:50 -04:00

fabricators

FIX: Move read state when moving posts

2019-09-06 20:52:44 +02:00

fixtures

FEATURE: Add attachments to outgoing emails

2019-07-25 15:57:45 +02:00

helpers

FIX: Fallback to gzip compression if brotli isn't supported (#7895)

2019-07-16 11:05:37 -03:00

import_export

DEV: Prefabrication (test optimization) (#7414)

2019-05-07 13:12:20 +10:00

integration

SECURITY: Restrict message-bus access on login_required sites

2019-08-14 09:43:12 +01:00

integrity

FIX: Create readonly functions during backup

2019-08-09 11:39:46 +02:00

jobs

FIX: support <img> in code blocks when inlining uploads

2019-09-12 21:25:14 +02:00

lib

FIX: Detect DiscourseHub user agent.

2019-08-09 11:58:15 +03:00

mailers

DEV: Upgrade Discourse to Rails 6 (#8083)

2019-09-12 10:41:50 +10:00

models

FIX: Put back the TL3 -> TL0 spam thing

2019-09-17 16:04:46 -04:00

multisite

FIX: multisite upload urls must have either db name or the word 'short-url'.

2019-06-25 01:19:58 +05:30

requests

Add spec description

2019-09-13 17:16:35 -03:00

serializers

FEATURE: add support for group members visibility level (#8004)

2019-08-14 19:00:04 +05:30

services

FIX: add support for version query parameter in InlineUploads

2019-09-13 18:21:19 +02:00

support

FIX: DistributedMutex (#7953)

2019-08-01 09:12:05 +01:00

tasks

FEATURE: option to skip posts with ignored missing uploads

2019-05-09 05:11:15 +05:30

views/omniauth_callbacks

UX: Improve error handling for common OmniAuth exceptions (#7991)

2019-08-12 10:55:02 +01:00

rails_helper.rb

DEV: Split out multisite tests in bin/turbo_rspec

2019-08-29 11:47:58 +01:00