Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse""

This reverts commit 20780a1eee. * SECURITY: re-adds accidentally reverted commit: 03d26cd6: ensure embed_url contains valid http(s) uri * when the merge commit e62a85cf was reverted, git chose the 2660c2e2 parent to land on instead of the 03d26cd6 parent (which contains security fixes)
2025-02-25 18:55:32 -06:00 · 2020-05-23 00:56:13 -04:00
parent 20780a1eee
commit d9a02d1336
236 changed files with 1031 additions and 715 deletions
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -23,6 +23,7 @@ Discourse::Application.routes.draw do
  post "webhooks/sparkpost" => "webhooks#sparkpost"

  scope path: nil, constraints: { format: /.*/ } do
+    Sidekiq::Web.set :sessions, Rails.application.config.session_options
    if Rails.env.development?
      mount Sidekiq::Web => "/sidekiq"
      mount Logster::Web => "/logs"
@@ -120,7 +121,6 @@ Discourse::Application.routes.draw do
      put "unsuspend"
      put "revoke_admin", constraints: AdminConstraint.new
      put "grant_admin", constraints: AdminConstraint.new
-      post "generate_api_key", constraints: AdminConstraint.new
      put "revoke_moderation", constraints: AdminConstraint.new
      put "grant_moderation", constraints: AdminConstraint.new
      put "approve"
@@ -950,8 +950,6 @@ Discourse::Application.routes.draw do
  get "/safe-mode" => "safe_mode#index"
  post "/safe-mode" => "safe_mode#enter", as: "safe_mode_enter"

-  get "/themes/assets/:ids" => "themes#assets"
-
  unless Rails.env.production?
    get "/qunit" => "qunit#index"
    get "/wizard/qunit" => "wizard#qunit"