github-mirror/discourse
github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-24 20:43:28 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
discourse/spec/requests
History
David Taylor 6b6b31a97f
FEATURE: Allow admins to opt-in to seamless redirects on /auth/* (#31235) 
By default, when multiple login providers are enabled, Discourse
requires user interaction before triggering an external auth flow. This
is defense-in-depth against "Login CSRF" attacks.

This commit introduces a setting to control this behavior, so that it
can be disabled when admins fully trust the downstream systems, and need
an interaction-free login flow on a site with multiple login providers.

Default behavior remains unchanged.
2025-02-07 11:43:39 +00:00
..
admin
FEATURE: Gracefully handle unhandled reviewables (#31118)
2025-02-05 14:38:45 +11:00
api
FEATURE: Add attribution to staff notice and rename functionality (#30920)
2025-01-24 09:29:22 +10:00
examples
about_controller_spec.rb
FIX: crawler view with unicode usernames (#27051)
2024-05-16 17:11:24 +02:00
application_controller_spec.rb
FEATURE: Dark/light mode selector (#31086)
2025-02-07 03:28:34 +03:00
associate_accounts_controller_spec.rb
badges_controller_spec.rb
bookmarks_controller_spec.rb
DEV: Call Discourse.redis.flushdb after the end of each test (#29117)
2024-10-09 07:19:31 +08:00
categories_controller_spec.rb
FIX: Filter out secured categories first (#29916)
2024-11-28 17:09:16 +02:00
clicks_controller_spec.rb
composer_controller_spec.rb
composer_messages_controller_spec.rb
csp_reports_controller_spec.rb
DEV: Don’t replace Rails logger in specs (#29721)
2024-11-13 08:47:39 +08:00
directory_columns_controller_spec.rb
directory_items_controller_spec.rb
FIX: Allow user directory searches to return more than 20 matching results (#31032)
2025-01-29 11:02:42 -04:00
do_not_disturb_controller_spec.rb
drafts_controller_spec.rb
FIX: corrently handle hidden tags when checking for edit conflicts
2024-12-09 19:17:16 +01:00
edit_directory_columns_controller_spec.rb
email_controller_spec.rb
embed_controller_spec.rb
DEV: Upgrade Rails to version 7.1
2024-07-04 10:58:21 +02:00
emojis_controller_spec.rb
DEV: unifies emoji picker (#28277)
2025-01-08 11:41:36 +01:00
exceptions_controller_spec.rb
export_csv_controller_spec.rb
FEATURE: Allow admins to export users (#30918)
2025-01-24 08:13:25 +11:00
extra_locales_controller_spec.rb
DEV: Upgrade the MessageFormat library (JS)
2024-07-10 09:51:25 +02:00
finish_installation_controller_spec.rb
form_templates_controller_spec.rb
forums_controller_spec.rb
groups_controller_spec.rb
FEATURE: Allow add group member endpoint to skip invite emails (#29962)
2024-11-27 11:33:09 -06:00
hashtags_controller_spec.rb
DEV: Fix flaky test (#25935)
2024-02-28 20:32:14 +02:00
highlightjs_controller_spec.rb
inline_onebox_controller_spec.rb
SECURITY: Limit /inline-onebox to 10 URLs at a time
2025-02-04 13:32:53 -03:00
invites_controller_spec.rb
UX: Do not use generic username suggestions for invites (#31175)
2025-02-07 10:52:41 +00:00
list_controller_spec.rb
DEV: Add per_page as public param for TopicQuery (#30716)
2025-01-14 09:19:19 -06:00
metadata_controller_spec.rb
net_http_timeout_spec.rb
FIX: Set sane default for Net::HTTP when processing a request (#28141)
2024-08-06 07:12:42 +08:00
noscript_escape_spec.rb
SECURITY: Properly escape user content within <noscript>
2024-01-30 09:10:09 -07:00
notifications_controller_spec.rb
Add dedicated user_api_key_clients table to allow for 1:many use cases (#28119)
2024-11-08 12:05:03 -05:00
offline_controller_spec.rb
omniauth_callbacks_controller_spec.rb
FEATURE: Allow admins to opt-in to seamless redirects on /auth/* (#31235)
2025-02-07 11:43:39 +00:00
onebox_controller_spec.rb
permalinks_controller_spec.rb
FIX: Permalink.create didn't work as expected anymore (#29895)
2024-11-22 21:11:26 +01:00
post_action_users_controller_spec.rb
DEV: Add post_action_users_list modifier for PostActionUsersController (#25740)
2024-02-20 09:48:09 +10:00
post_actions_controller_spec.rb
post_readers_controller_spec.rb
posts_controller_spec.rb
FEATURE: new fast_typing_threshold site setting (#30865)
2025-01-28 09:53:03 +11:00
presence_controller_spec.rb
DEV: Call Discourse.redis.flushdb after the end of each test (#29117)
2024-10-09 07:19:31 +08:00
published_pages_controller_spec.rb
push_notification_controller_spec.rb
qunit_controller_spec.rb
reviewable_claimed_topics_controller_spec.rb
FEATURE: Support designating multiple groups as mods on category (#28655)
2024-09-04 04:38:46 +03:00
reviewables_controller_spec.rb
FEATURE: Reason and deleted content support in the review queue (#30295)
2024-12-17 11:44:46 +11:00
robots_txt_controller_spec.rb
safe_mode_controller_spec.rb
search_controller_spec.rb
DEV: Add proper error response when searching with an invalid page param (#31026)
2025-01-28 15:12:52 -05:00
session_controller_spec.rb
SECURITY: When enabled only allow Discourse Connect logins
2024-12-19 13:13:23 -03:00
sidebar_sections_controller_spec.rb
DEV: remap all core icons for fontawesome 6 upgrade (#28715)
2024-09-13 16:50:52 +01:00
similar_topics_controller_spec.rb
site_controller_spec.rb
DEV: Introduce stylelint (#29852)
2025-01-20 15:27:42 +00:00
sitemap_controller_spec.rb
DEV: Remove unnecessary rails_helper requiring (#26364)
2024-03-26 11:32:01 +01:00
slugs_controller_spec.rb
DEV: Call Discourse.redis.flushdb after the end of each test (#29117)
2024-10-09 07:19:31 +08:00
static_controller_spec.rb
FIX: Do not ignore redirects containing "/login" in the path (#29960)
2024-11-27 11:22:45 -05:00
steps_controller_spec.rb
stylesheets_controller_spec.rb
svg_sprite_controller_spec.rb
DEV: enable raise_error in test envs for deprecated icons in svg_sprite.rb (#30980)
2025-02-04 21:21:20 +08:00
tag_groups_controller_spec.rb
FEATURE: Log tag group changes in staff action log (#28787)
2024-09-09 10:50:48 +08:00
tags_controller_spec.rb
Don't allow loading tagged PMs in another user's inbox.
2025-02-04 13:32:46 -03:00
theme_javascripts_controller_spec.rb
topic_view_stats_controller_spec.rb
FEATURE: topic_view_stats table with daily fidelity (#27197)
2024-05-27 15:25:32 +10:00
topics_controller_spec.rb
DEV: Clean up topics_controller_spec (#30553)
2025-01-05 01:09:23 +01:00
uploads_controller_multisite_spec.rb
DEV: Upgrade Rails to version 7.1
2024-07-04 10:58:21 +02:00
uploads_controller_spec.rb
FIX: Extension-less secure uploads (#29914)
2024-11-25 12:18:21 +00:00
user_actions_controller_spec.rb
FEATURE: Restrict profile visibility of low-trust users (#29981)
2024-12-09 13:07:59 +03:00
user_api_key_clients_controller_spec.rb
Add user api key client rate limit settings (#30402)
2024-12-30 11:10:48 -05:00
user_api_keys_controller_spec.rb
Require permitted scopes when registering a client (#29718)
2024-11-19 15:28:04 -05:00
user_avatars_controller_spec.rb
user_badges_controller_spec.rb
FEATURE: Restrict profile visibility of low-trust users (#29981)
2024-12-09 13:07:59 +03:00
user_status_controller_spec.rb
users_controller_spec.rb
SECURITY: Disable access to "activate-account" route for existing users
2025-02-04 13:32:38 -03:00
users_email_controller_spec.rb
DEV: Fix flaky users_email_controller_spec test case (#30318)
2024-12-17 18:20:01 +08:00
webhooks_controller_spec.rb
wizard_controller_spec.rb