Commit graph

1268 commits

Author SHA1 Message Date
Sam
fe46d1dd3b PERF: avoid cookies for all static, public, cached forever assets 2015-05-22 16:15:46 +10:00
Sam
96dbeb8608 fix stylesheet cache to recover if file is on disk 2015-05-22 11:22:12 +10:00
Robin Ward
0ed1c8011c FIX: About page error when login_required 2015-05-21 14:37:49 -04:00
Sam
a0090a4585 fix incorrect handling of date on "globally enabled" stylesheet. 2015-05-21 17:23:54 +10:00
Sam
44fc8e42dc nginx is stripping ETags, just use last modified instead 2015-05-21 17:05:22 +10:00
Sam
4fbfc6ddbc PERF: missing caching on CSS and Site Customizations 2015-05-21 16:09:23 +10:00
Régis Hanol
b7f8680618 fix build (:fired:) 2015-05-20 17:51:33 +02:00
Régis Hanol
bcd98c8f0f FIX: API can provide a URL to create an upload 2015-05-20 17:38:06 +02:00
Régis Hanol
c91634c09a FIX: support for async uploads of emojis 2015-05-20 16:45:48 +02:00
Régis Hanol
8d967d9065 FEATURE: move all uploads to a single endpoint + defer upload creation in a background thread 2015-05-20 16:45:48 +02:00
Robin Ward
7d23826cee FIX: Keep around the page when redirecting 2015-05-20 10:16:17 -04:00
Régis Hanol
7d3b7a5657 fix the build 2015-05-20 15:32:31 +02:00
Régis Hanol
b44488b618 FIX: keep to old attachment route 2015-05-20 14:55:42 +02:00
Sam
e5888cf090 PERF: avoid preloading json in cases where it is not needed
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Sam
14ab9c45b6 Merge pull request #3470 from ahuling13/expired-nonce-return-status
In the case of an expired nonce, return a 400 status code instead of 500
2015-05-20 12:08:17 +10:00
Sam
d1d703718a Merge pull request #3476 from paulkaplan/sso-distrust-email
Add SSO setting to not trust emails automatically
2015-05-20 12:07:14 +10:00
Andrew Huling
e44ddff9bb Change the expired nonce return status code from 400 to 419. 2015-05-19 13:13:14 -04:00
Régis Hanol
9ded21e4c6 FIX: consistent and future-proof upload storage pattern 2015-05-19 12:31:12 +02:00
Paul Kaplan
b8a43e153c Use session controller to prevent inactive SSO users 2015-05-15 12:15:06 -05:00
Régis Hanol
93273cd17a Merge pull request #3451 from ossobv/sso_login_unapproved_account
Stop sso login processing after rendering error
2015-05-15 14:33:19 +02:00
Antonin Hildebrand
11852056a8 Add missing events for discourse-hipchat-plugin
https://github.com/binaryage/discourse-hipchat-plugin
2015-05-15 15:52:12 +08:00
Andrew Huling
e1d2ecef10 In the case of an expired nonce, return a 400 status code instead of a 500.
500 status codes are for unexpected server-side error scenarios. When an expired nonce is used by the client, a 4XX-level error is more appropriate because the client has submitted a bad request (by using an expired nonce). A 500 also causes Internet Explorer to show its default 500 page which does not show the error message and leads to a bad end user experience. I am choosing 400 for the new status rather than 401 or 403 because 401 requires a WWW-Authenticate header which would be difficult to generate in an SSO scenario and a 403 implies that no re-authentication will address the failure.
2015-05-14 16:03:02 -04:00
Robin Ward
0b65c88003 Upgrade Notifications to fix deprecations and use store 2015-05-11 11:20:45 -04:00
Harm Geerts
d9a3e82516 Stop sso login processing after rendering error
This prevents a DoubleRenderError triggered on the redirect_to.
2015-05-11 14:17:32 +02:00
Arpit Jalan
fc30b771cf FIX: reply count is off by one 2015-05-11 13:58:53 +05:30
Sam
8277a586bb usage of raise corrected 2015-05-07 11:00:51 +10:00
Sam
77cc087b13 FIX: proper error message when account created is hit with no session 2015-05-07 11:00:22 +10:00
Sam
376b28b0ed FIX: raise a 404 if click tracker gets no url 2015-05-06 11:27:41 +10:00
Sam
0f53fc8328 correct emergency regeneration in the controller 2015-05-06 07:33:32 +10:00
Sam
ea670118c1 Add better error handling, correct the location on disk of stylesheet 2015-05-05 23:28:40 +10:00
Sam
f58d85edea FEATURE: move stylesheet cache out of the uploads directory 2015-05-05 15:50:13 +10:00
Sam
803feefd54 MessageBus handles readonly redis now, no need to wrap it 2015-05-04 12:21:00 +10:00
Arpit Jalan
23fd16850a FIX: include youtube link in embedded comments 2015-05-01 18:34:45 +05:30
Robin Ward
16408cee06 Allow Postgres to trigger readonly mode for the site. 2015-04-29 11:49:58 -04:00
Sam
729aaa826b Merge pull request #3404 from techAPJ/patch-1
FEATURE: magic login route for admin when SSO is enabled
2015-04-28 07:47:50 +10:00
Robin Ward
ecafbb0a63 Can delete users via the moderation queue 2015-04-27 15:06:20 -04:00
Robin Ward
3cb4554bbb Can refresh queued posts via button 2015-04-27 13:52:54 -04:00
Neil Lalonde
cce8693354 FIX: canonical link tag when using relative_url_root 2015-04-27 13:34:22 -04:00
Arpit Jalan
2932284293 FEATURE: magic login route for admin when SSO is enabled 2015-04-27 22:54:48 +05:30
Robin Ward
3a6efa25f0 Allow ReadOnly to propogate up to the Ember app via Response Header 2015-04-24 14:37:16 -04:00
Robin Ward
5b3f99aa50 Don't blow up if Redis switches to READONLY 2015-04-24 14:37:16 -04:00
Neil Lalonde
ae028a5bb1 FIX: support for redirects to external url in permalinks table was broken 2015-04-23 16:45:28 -04:00
Régis Hanol
a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Robin Ward
53ca51654d FIX: Avoid cookie overflows by truncating the referer we store in flash 2015-04-22 12:41:49 -04:00
Robin Ward
5bf8c31af4 Users can see their pending posts 2015-04-21 16:44:47 -04:00
Robin Ward
2cdd967188 Adds support for invisible approval queues, which we'll need for Akismet 2015-04-20 17:19:05 -04:00
Neil Lalonde
a3b6e3cb97 FIX: permalinks redirects with relative_url_root 2015-04-19 23:36:09 -04:00
Sam Saffron
6d2e651862 Revert "FIX: Missing letter avatars"
This reverts commit 03943554c6.
2015-04-20 06:41:08 +10:00
Sam
72ab1b9714 Merge pull request #3385 from tancnle/each-key-refactor
Replace Hash#keys.each with Hash#each_key for some perf boost
2015-04-20 06:17:27 +10:00
Robin Ward
03943554c6 FIX: Missing letter avatars
cc @zogstrip

It seems that the version string was ammended to return the ImageMagick
version. This caused the guard in the user avatars method to fail as the
versions weren't the same.

I changed it so it is comparing the right version, but I wonder if this
is bad as the controller is no longer using the ImageMagick version. Can
you please review?
2015-04-19 10:48:53 -04:00