Vinoth Kannan
42b10a646d
FIX: return 404 only if upload url also not internal.
2019-05-15 02:06:54 +05:30
Sam Saffron
30990006a9
DEV: enable frozen string literal on all files
...
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.
Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Sam Saffron
1be01f8dd4
DEV: Add support for Rails 6
...
Minor fixes to add Rails 6 support to Discourse, we now will boot
with RAILS_MASTER=1, all specs pass
Only one tiny deprecation left
Largest change was the way ActiveModel:Errors changed interface a
bit but there is a simple backwards compat way of working it
2019-05-02 16:23:25 +10:00
Guo Xiang Tan
58b0e945bd
UX: Lightbox support for image uploader. ( #7034 )
2019-02-21 10:13:37 +08:00
Robin Ward
6f656f6e7d
FIX: Better error handling if a file cannot be sent
...
If for some reason `Discourse.store.path_for` returns `nil`, the
forum would throw an error rather than returning 404.
Why would it be `nil`? One cause could be changing the type of
file store and having the `url` field no longer be relative.
2019-01-29 16:47:25 -05:00
Bianca Nenciu
1a4f592749
FIX: Always allow admins upload selectable avatars.
2018-12-05 21:55:23 +01:00
Guo Xiang Tan
44391ee8ab
FEATURE: Upload Site Settings. ( #6573 )
2018-11-14 15:03:02 +08:00
Guo Xiang Tan
e1b16e445e
Rename FileHelper.is_image?
-> FileHelper.is_supported_image?
.
2018-09-12 09:22:28 +08:00
Guo Xiang Tan
2b57239389
FIX: Upload's content is the only source of truth for the file type.
2018-08-07 13:15:00 +08:00
Guo Xiang Tan
142571bba0
Remove use of rescue nil
.
...
* `rescue nil` is a really bad pattern to use in our code base.
We should rescue errors that we expect the code to throw and
not rescue everything because we're unsure of what errors the
code would throw. This would reduce the amount of pain we face
when debugging why something isn't working as expexted. I've
been bitten countless of times by errors being swallowed as a
result during debugging sessions.
2018-04-02 13:52:51 +08:00
Sam
41986cdb2f
Refactor requires login logic, reduce duplicate code
...
This also corrects the positioning in the chain of the check
and removes misuse of prepend_before_action
2018-02-01 15:17:59 +11:00
Sam
f2e7b74d88
FIX: don't return 200s when login is required to paths
...
When running `ensure_login_required` it should always happen prior to
`check_xhr` cause check xhr will trigger a 200 response
2018-02-01 12:26:45 +11:00
Régis Hanol
f5e170c6b5
FIX: catch all server-side error when uploading a file
...
UX: always show a message to the user whenever an error happens on the server when uploading a file
2017-12-27 16:33:25 +01:00
Sam
eb428ef54d
FEATURE: uploads are processed a faster
...
Also cleans up API to always return 422 on upload error. (previously returned 200)
Uploads are processed using new hijack pattern
2017-11-27 12:43:35 +11:00
Sam
49f97d75b7
FIX: make uploads safe for block that can run later
2017-11-23 17:28:18 +11:00
Sam
a92f61e926
FIX: allow login required sites access to attachements
2017-11-22 10:50:55 +11:00
Guo Xiang Tan
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
Sam
d7a2584c6e
FEATURE: image uploads now have short urls
...
Shorten all image uploads to use short urls, this is the client
side implementation.
2017-08-22 16:40:08 -04:00
Régis Hanol
a9c0df0b58
FIX: always try to convert PNG to JPG when pasting an image
2017-06-23 12:13:48 +02:00
Régis Hanol
5d63a7f4a6
FIX: pull hotlinked images even when they have no extension
2017-06-13 13:27:05 +02:00
Régis Hanol
54e8fb0d89
FEATURE: new 'allow_staff_to_upload_any_file_in_pm' site setting
2017-06-12 22:41:29 +02:00
Robin Ward
cdbe027c1c
Refactor FileHelper
to use keyword arguments.
2017-05-24 13:54:26 -04:00
Arpit Jalan
1fd8e426f2
FIX: better uploads error page
2017-05-18 23:29:37 +05:30
Régis Hanol
13e489b4ca
replace the upload type whitelist with a sanitizer
2017-05-18 12:13:13 +02:00
Régis Hanol
9641d2413d
REFACTOR: upload workflow creation into UploadCreator
...
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
2017-05-11 00:16:57 +02:00
Guo Xiang Tan
e7c972ac89
FIX: Don't use backticks that take in inputs.
2017-03-17 15:33:51 +08:00
Régis Hanol
3ce3abef8f
FIX: add Content-Disposition and Content-Type headers when downloading attachments
2017-02-20 15:59:01 +01:00
Guo Xiang Tan
18007ed34b
FIX: Can't use an internal name here if SiteSetting.convert_pasted_images_to_hq_jpg
is false
.
2017-02-01 14:51:56 +08:00
Guo Xiang Tan
f6d9745c5f
Bye bye byebug.
2017-02-01 14:50:14 +08:00
Guo Xiang Tan
6c8c91dca4
UX: Change default filename for images that have been pasted.
2017-02-01 14:44:41 +08:00
Sam
15b5fddd49
SECURITY: protect upload params, only allow very strict filenames
2016-12-19 10:16:18 +11:00
Robin Ward
af83c8dc14
Upload Logos Step
2016-09-22 09:52:19 -04:00
Régis Hanol
6dac9075dc
new 'convert_pasted_images_quality' site setting
2016-07-27 19:59:44 +02:00
Régis Hanol
be099bb637
only convert pasted images to HQ jpg when it's at least 5% smaller
2016-07-27 19:55:13 +02:00
Régis Hanol
749b981759
FEATURE: new 'convert_pasted_images_to_hq_jpg' site setting
2016-07-25 23:01:28 +02:00
Régis Hanol
7fca6f502f
fix and improve image downsizing algorithm
2016-06-20 12:35:07 +02:00
Régis Hanol
a5d8dfb07e
FIX: don't hardcode maximum file size
2016-04-06 22:51:28 +02:00
Régis Hanol
4d981cec53
FIX: don't try to optimize large PNGs (takes too much time)
2016-02-22 12:57:24 +01:00
Jeff Atwood
e1f90d12f1
formally remove IE9 support
2016-01-02 23:49:52 -08:00
Régis Hanol
09bfe49254
FIX: don't automagically downsize uploaded images that are larger than 10MB
...
FIX: don't optimize GIFs since ImageOption was disabled for GIFs (too slow)
2015-11-26 18:16:47 +01:00
Régis Hanol
16f509afb9
FIX: enforce 'allow_uploaded_avatars' & 'sso_overrides_avatar' server-side
2015-11-12 10:26:45 +01:00
Régis Hanol
d541018bb2
FIX: automagic image downsizing wasn't working for GIFs...
2015-11-09 15:09:08 +01:00
Régis Hanol
a3831a7003
FIX: uploading an animated user card/profile background was converted to a still image
2015-09-20 22:01:03 +02:00
Régis Hanol
4c2df814de
FIX: ensure a file is present when creating an upload
2015-08-18 11:39:51 +02:00
Régis Hanol
827ea641b0
FIX: Use File.size instead of IO.size
2015-08-17 18:57:28 +02:00
Régis Hanol
ffbaf8c542
FEATURE: automatically downsize large images
2015-08-12 18:33:13 +02:00
Sam
0c267e5952
maintain exact old behavior
2015-07-24 09:44:16 +10:00
Sam
719f558746
multisite fix, allow show through (security is handled in the controller)
2015-07-24 09:41:46 +10:00
Régis Hanol
b0802abae2
FIX: crop & optimize user background profile/card images
2015-07-15 17:15:43 +02:00
Konstantin Ilchenko
131cf643ce
FIX: Allow api to send uploads with :url
2015-06-21 14:54:59 +03:00
Régis Hanol
1ac3941130
FEATURE: allow API to upload files synchronously
2015-06-15 16:12:15 +02:00
Régis Hanol
0483f05154
make sure we pass in the user_id when creating avatar thumbnails
2015-05-29 18:11:19 +02:00
Sam
bb3fb37650
FIX: when uploading same file was pasted into multiple composers
2015-05-28 15:08:54 +10:00
Régis Hanol
992154533f
remove debugging letfovers
2015-05-26 20:08:19 +02:00
Régis Hanol
85d4d3223c
FIX: crop avatars on the server instead of the client
...
FIX: support for dots in S3 bucket names
2015-05-26 15:54:25 +02:00
Régis Hanol
bb0c2813ac
FEATURE: generate (avatar) thumbnails in a background task
...
FIX: keep the "uploading..." indicator until the server replies via the MessageBus
FIX: text was disapearing when uploading an avatar
PERF: always use a region for S3 (defaults to 'us-east-1')
FEATURE: ApplyCDN middleware when using S3
FIX: use the same pattern to store files on S3 and locally
PERF: keep a local cache of uploads when generating thumbnails
FEATURE: migrate_to_s3 rake task
2015-05-25 17:59:00 +02:00
Régis Hanol
bcd98c8f0f
FIX: API can provide a URL to create an upload
2015-05-20 17:38:06 +02:00
Régis Hanol
8d967d9065
FEATURE: move all uploads to a single endpoint + defer upload creation in a background thread
2015-05-20 16:45:48 +02:00
Régis Hanol
7d3b7a5657
fix the build
2015-05-20 15:32:31 +02:00
Régis Hanol
b44488b618
FIX: keep to old attachment route
2015-05-20 14:55:42 +02:00
Sam
e5888cf090
PERF: avoid preloading json in cases where it is not needed
...
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Régis Hanol
9ded21e4c6
FIX: consistent and future-proof upload storage pattern
2015-05-19 12:31:12 +02:00
Régis Hanol
0e5c9b2590
small upload code refactor
2015-02-03 18:44:18 +01:00
Régis Hanol
cd2c9edb46
FIX: 🐛 upload on IE9 wasn't working :'(
...
- FIX: make sure we set a default name to a pasted image only on Chrome (the only browser that supports it)
- FIX: use ".json" extension to uploads endpoints since IE9 doesn't pass the correct header
- FIX: pass the CSRF token in a query parameter since IE9 doesn't pass it in the headers
- FIX: display error messages comming from the server when there is one over the default error message
- FIX: HACK around IE9 security issue when clicking a file input via JavaScript (use a label and set `visibility:hidden` on the input)
- FIX: hide the "cancel" upload on IE9 since it's not supported
- FIX: return "text/plain" content-type when uploading a file for IE9 in order to prevent it from displaying the save dialog
- FIX: check the maximum file size on the server 💥
- update jQuery File Upload Plugin to v. 5.42.2
- update JQuery IFram Transport Plugin to v. 1.8.5
- update jQuery UI Widget to v. 1.11.1
2015-01-28 19:43:20 +01:00
Sam
4fc3834dd6
FEATURE: allow inline disposition on uploads
...
when linking an upload allow ?inline=1 to display upload inline
2014-11-13 08:50:55 +11:00
Sam
58eabb03e5
FEATURE: api support for arbitrary unlinked assets
...
admins can set retain periods for assets
2014-09-23 16:50:17 +10:00
Régis Hanol
eb34ecfc0c
FEATURE: new 'prevent anons from download files' site setting
2014-09-09 18:41:13 +02:00
Sam
03c8f09be8
PERF: finalize porting to new incoming links structure
2014-08-04 16:43:57 +10:00
Sam
40af9ce612
FIX: do not store incoming links on avatars or uploads
2014-07-25 15:10:06 +10:00
Sam
ca4c72e648
BUGFIX: 500 error on some invalid uploads
2014-05-14 10:51:09 +10:00
Louis Rose
1574485443
Perform the where(...).first to find_by(...) refactoring.
...
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Régis Hanol
9cd8476453
REFACTOR: use an options hash instead of multiple nil-able parameters
2014-04-15 17:17:10 +02:00
Régis Hanol
542d54e6bf
BUGFIX: uploads to S3
2014-04-15 13:04:14 +02:00
Régis Hanol
2505d18aa9
FEATURE: support email attachments
2014-04-14 22:55:57 +02:00
Sam
3830f41e5f
BUGFIX: attachments bust under multisite
2014-03-25 10:37:31 +11:00
Régis Hanol
7e7d951152
do not pull hotlinked images when max_image_size_kb == 0
2013-11-13 17:30:48 +01:00
Régis Hanol
45b838009c
proper content-disposition header when downloading attachments
2013-09-06 19:23:56 +02:00
Régis Hanol
be9217d4c8
add server-side filesize check on uploads
2013-07-24 00:54:41 +02:00
Régis Hanol
5ce05ff5cb
adds the max_attachment_size_kb
setting
...
so that we can specify a different max upload size for attachments and images.
2013-07-16 02:01:36 +02:00
Régis Hanol
27ab5f471c
support arbitrary attachments
2013-07-10 22:59:53 +02:00
Régis Hanol
6ea91b4416
remove useless upload topic direct association
2013-06-17 02:49:33 +02:00
Ian Christian Myers
41528f5d11
Implemented strong_parameters for Upload/UploadsController.
...
The topic_id param is now required using strong_parameters' #require method. If the parameter is missing ActionController::ParameterMissing will be raised instead of Discourse::InvalidParameters.
2013-06-05 00:55:55 -07:00
Régis Hanol
e3e55d4dad
fix image uploads on s3/imgur
2013-06-05 00:35:42 +02:00
Régis Hanol
dca2fbcefc
add meaningful error message on upload [ fixes #773 ]
2013-04-27 20:26:17 +02:00
Régis Hanol
1692350336
added some tests for uploads
2013-04-07 17:52:46 +02:00
Régis Hanol
2b120ef886
add UploadsController specs
2013-04-03 01:17:17 +02:00
Robin Ward
21b5628528
Initial release of Discourse
2013-02-05 14:16:51 -05:00