Martin Brennan fa6b87a1bf

SECURITY: Strip unrendered unicode bidirectional chars in code blocks (#15032) ...

When rendering the markdown code blocks we replace the
offending characters in the output string with spans highlighting a textual
representation of the character, along with a title attribute with
information about why the character was highlighted.

The list of characters stripped by this fix, which are the bidirectional
characters considered relevant, are:

U+202A
U+202B
U+202C
U+202D
U+202E
U+2066
U+2067
U+2068
U+2069

2021-11-22 10:43:03 +10:00

..

assets

SECURITY: Strip unrendered unicode bidirectional chars in code blocks (#15032)

2021-11-22 10:43:03 +10:00

controllers

DEV: Extract shared external upload routes into controller helper (#14984)

2021-11-18 09:17:23 +10:00

helpers

DEV: Allow actions to change the manifest endpoint (#14522)

2021-10-06 15:41:52 -05:00

jobs

FIX: Drop malformed CC addresses in GroupSmtpEmail job (#14934)

2021-11-16 08:15:11 +10:00

mailers

FIX: Do not show recipient user in email participants list (#14642)

2021-10-19 15:26:22 +10:00

models

PERF: Reduce records queried in UserStat.update_first_unread_pm. (#15016)

2021-11-19 15:30:39 +11:00

serializers

FIX: rename action_code_href to action_code_path (#14834)

2021-11-08 14:32:17 +11:00

services

FIX: Cache all watched words (#14992)

2021-11-17 18:59:44 +02:00

views

PERF: Move preload hints to the <head> (#15008)

2021-11-18 18:02:16 +00:00