discourse/lib
Martin Brennan 27e94f2f98
FIX: Make secure image onebox check more robust (#11179)
When embedding secure images which have been oneboxed, we checked to see if the image's parent's parent had the class onebox-body. This was not always effective as if the image does not get resized/optimized then it does not have the aspect-image div wrapping it. This would cause the image to embed in the email but be huge.

This PR changes the check to see if any of the image's ancestors have the class onebox-body, or if the image has the onebox-avatar class to account for variations in HTML structure.
2020-11-10 12:55:18 +10:00
..
auth DEV: remove instagram login site settings and auth classes. (#11073) 2020-10-30 09:09:56 +05:30
autospec REFACTOR: Move javascript tests inside discourse app 2020-10-02 11:29:36 -04:00
backup_restore PERF: Disable Sidekiq only during database restore (#10857) 2020-10-16 15:19:02 +02:00
common_passwords DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
compression FIX: Decompressing lots of small files triggered error 2020-01-09 15:11:31 +01:00
content_security_policy FEATURE: Add Google Universal Analytics v4 as an option (#11123) 2020-11-06 14:15:36 -06:00
demon DEV: Review fixes (#10641) 2020-09-10 13:41:46 +10:00
email FIX: Stop bypassing email checks for invite emails (#11113) 2020-11-04 09:18:22 +10:00
emoji DEV: supports unicorn emoji 13.0beta (#8402) 2019-11-25 10:23:18 +01:00
file_store Replace base_uri with base_path (#10879) 2020-10-09 12:51:24 +01:00
freedom_patches PERF: apply sprockets patch in a test environment (#11034) 2020-10-27 10:17:21 +11:00
generators REFACTOR: Move javascript tests inside discourse app 2020-10-02 11:29:36 -04:00
guardian FEATURE: Allow category group moderators to delete topics (#11069) 2020-11-05 12:18:26 -05:00
highlight_js DEV: already defined constant 'HIGHLIGHTJS_DIR' 2019-01-21 10:12:23 +01:00
i18n FIX: Pluralized translation overrides didn't work for en_US 2020-08-29 00:11:46 +02:00
imap DEV: IMAP log to database (#10435) 2020-08-14 12:01:31 +10:00
import DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
import_export FEATURE: Include category position when exporting categories (#9658) 2020-05-07 12:17:15 +10:00
javascripts REFACTOR: Support bundling our admin section as an ember addon 2020-09-22 15:14:29 -04:00
middleware PERF: introduce aggressive rate limiting for anonymous (#11129) 2020-11-05 16:36:17 +11:00
migration FIX: Allow post migrations using #change to carry out unsafe migration 2020-05-15 14:23:27 +08:00
onebox FEATURE: Additional control of iframes in oneboxes (#10523) 2020-08-27 20:12:13 +01:00
plugin DEV: Make discourse-subscriptions official (#11103) 2020-11-02 12:59:30 -06:00
pretty_text FIX: Missing files from previous commit 2020-09-15 10:59:41 -04:00
rate_limiter DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
reviewable FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
scheduler FEATURE: log long running jobs in the defer queue 2018-10-12 17:03:47 +11:00
search FIX: Limit PG headline based search blurb generation to 200 characters. 2020-08-12 15:34:27 +08:00
seed_data DEV: correct some Ruby 2.7 deprecations 2020-07-16 17:43:20 +10:00
sidekiq DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
site_settings FIX: Do not enable published page if secure media enabled (#11131) 2020-11-06 10:33:19 +10:00
stylesheet FEATURE: WCAG compliant color schemes (#10882) 2020-10-15 14:05:48 -04:00
svg_sprite UI: Slow mode tweaks. (#11081) 2020-10-30 11:22:56 -03:00
tasks DEV: Rake task for creating admin should ask for full name if required (#11096) 2020-11-02 11:12:42 +01:00
theme_store FIX: allow plugin pinning to fetch missing commits 2020-08-12 20:03:37 -07:00
turbo_tests DEV: Add seed explicitly in turbo_rspec so that runs can be reproduced 2020-08-07 16:51:53 +01:00
validators DEV: Make site setting type uploaded_image_list use upload IDs (#10401) 2020-10-13 16:17:06 +03:00
webauthn SECURITY: 2FA with U2F / TOTP 2020-01-15 11:27:12 +01:00
wizard UX: Minor cosmetic fixes to the wizard (#11172) 2020-11-09 15:14:57 -05:00
admin_confirmation.rb DEV: Upgrade Redis to 4.2.1. 2020-06-15 10:05:22 +08:00
admin_constraint.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
admin_user_index_query.rb DEV: Standardize table sorting verbiage (#9757) 2020-05-14 20:10:59 -06:00
age_words.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
archetype.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
auth.rb DEV: remove instagram login site settings and auth classes. (#11073) 2020-10-30 09:09:56 +05:30
backup_restore.rb FIX: Killing a Unicorn worker shouldn't kill a running backup or restore process 2020-10-13 19:48:53 +02:00
badge_posts_view_manager.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
badge_queries.rb FEATURE: multiple use invite links (#9813) 2020-06-09 20:49:32 +05:30
base62.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
bookmark_manager.rb FIX: Make deleted topic post bookmarks more resilient (#10619) 2020-09-07 14:52:14 +10:00
bookmark_query.rb FIX: Bookmark search fixes (#10239) 2020-07-17 15:55:07 +10:00
bookmark_reminder_notification_handler.rb FIX: dont error when bookmark topic is nil (#10555) 2020-08-31 09:15:36 +10:00
browser_detection.rb FIX: Detect DiscourseHub user agent. 2019-08-09 11:58:15 +03:00
cache.rb DEV: Upgrade Redis to 4.2.1. 2020-06-15 10:05:22 +08:00
canonical_url.rb FEATURE: default canonical URL (#9738) 2020-05-12 09:13:20 +10:00
category_badge.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
comment_migration.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
composer_messages_finder.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
configurable_urls.rb Replace base_uri with base_path (#10879) 2020-10-09 12:51:24 +01:00
content_buffer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
content_security_policy.rb FIX: Allow CSP to work correctly for non-default hostnames/schemes (#9180) 2020-03-19 19:54:42 +00:00
cooked_post_processor.rb FIX: Make sure rel attributes are correctly set. (#10645) 2020-09-10 12:59:51 -03:00
crawler_detection.rb FIX: use allowlist and blocklist terminology (#10209) 2020-07-27 10:23:54 +10:00
csrf_token_verifier.rb DEV: Provide method for auth plugins to generate a CSRF token 2019-08-13 01:13:08 +01:00
current_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
custom_renderer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
custom_setting_providers.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
db_helper.rb DEV: Skip readonly tables when remapping content (#10461) 2020-08-18 08:53:12 +01:00
directory_helper.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_cookie_store.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_diff.rb FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
discourse_event.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_hub.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
discourse_ip_info.rb FIX: MaxMind DB file not downloading correctly 2020-01-05 22:08:13 +11:00
discourse_js_processor.rb FEATURE: Add Google Universal Analytics v4 as an option (#11123) 2020-11-06 14:15:36 -06:00
discourse_logstash_logger.rb FIX: Use 'hostname' when Discourse.os_hostname is not available 2020-02-18 13:37:39 +02:00
discourse_plugin_registry.rb DEV: Introduce plugin API to contribute user api key scopes 2020-10-19 10:40:55 +01:00
discourse_redis.rb DEV: Use rails_failover gem for ActiveRecord and Redis failover handling 2020-06-15 15:47:07 +08:00
discourse_tagging.rb FIX - don't hide tags if user has correct permissions (#11046) 2020-10-27 14:17:13 -04:00
discourse_updates.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
discourse.rb Revert "DEV: enable cors to all cdn get requests from workbox. (#10684)" (#11076) 2020-10-30 16:05:35 +11:00
disk_space.rb FIX: correct upload statistics report for external storage 2020-02-20 15:15:53 +11:00
distributed_cache.rb REFACTOR: distributed_cache is moved to the message_bus gem 2018-10-15 15:01:45 -04:00
distributed_memoizer.rb DEV: Replace Time.new with Time.now (#9142) 2020-03-09 17:37:49 +01:00
distributed_mutex.rb FIX: Off-by-one error setting the distributed mutex key to expire 2020-02-03 14:54:50 +00:00
edit_rate_limiter.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
email_backup_token.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
email_cook.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_updater.rb FIX: When admin changes an email for the user the user must confirm the change (#10830) 2020-10-07 13:02:24 +10:00
email.rb FEATURE: IMAP delete email sync for group inboxes (#10392) 2020-08-12 10:16:26 +10:00
encodings.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
enum_site_setting.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
enum.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
excerpt_parser.rb FIX: do not raise error if 'class' attribute is not found. 2020-05-01 10:03:40 +05:30
feed_element_installer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
feed_item_accessor.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
file_helper.rb SECURITY: Add content-disposition: attachment for SVG uploads 2020-07-09 13:31:48 +10:00
filter_best_posts.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
final_destination.rb FIX: use allowlist and blocklist terminology (#10209) 2020-07-27 10:23:54 +10:00
flag_query.rb FIX: use allowlist and blocklist terminology (#10209) 2020-07-27 10:23:54 +10:00
flag_settings.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
gaps.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
global_path.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
guardian.rb FIX: Do not enable published page if secure media enabled (#11131) 2020-11-06 10:33:19 +10:00
has_errors.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
hijack.rb DEV: Add more debugging context to onebox generation 2020-10-22 12:50:22 +08:00
homepage_constraint.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
html_prettify.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
html_to_markdown.rb Revert "DEV: Add logging for stack level too deep exception in HtmlToMarkdown" 2020-07-09 13:41:33 +01:00
http_language_parser.rb FIX: Include resolved locale in anonymous cache key (#10289) 2020-07-22 18:00:07 +01:00
image_sizer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
import_export.rb FEATURE: Rake task to export groups (#9450) 2020-04-17 14:59:54 -07:00
inline_oneboxer.rb FIX: use allowlist and blocklist terminology (#10209) 2020-07-27 10:23:54 +10:00
introduction_updater.rb FIX: replace default welcome topic post with new value from wizard 2020-04-01 15:42:45 -04:00
ip_addr.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
js_locale_helper.rb PERF: ensure we run full GC on contexts 2020-05-15 14:01:54 +10:00
json_error.rb FIX: Fix build. 2019-05-22 17:39:44 +03:00
letter_avatar.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
markdown_linker.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
mem_info.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
message_bus_diags.rb PERF: avoid shelling to get hostname aggressively 2020-02-18 15:13:19 +11:00
method_profiler.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
mini_sql_multisite_connection.rb DEV: Allow DB.after_commit to be used outside of a transaction 2020-05-04 09:42:41 +01:00
mobile_detection.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
new_post_manager.rb FEATURE: Review posts with media. (#10693) 2020-09-18 12:45:09 -03:00
new_post_result.rb Support for custom messages and redirects when creating posts (#8434) 2019-11-29 09:30:54 -05:00
notification_levels.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
oneboxer.rb FEATURE: Additional control of iframes in oneboxes (#10523) 2020-08-27 20:12:13 +01:00
onpdiff.rb FIX: Show a correct diff when editing consecutive paragraphs (#8177) 2019-10-11 03:50:37 -04:00
pbkdf2.rb DEV: Switch our fast_xor gem for xorcist (#10565) 2020-08-31 13:20:44 -06:00
permalink_constraint.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
pinned_check.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plain_text_to_markdown.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
plugin_gem.rb FEATURE: allow specifying platform name for platform specific gems (#10559) 2020-08-31 12:36:04 +10:00
plugin_initialization_guard.rb DEV: Print backtrace of error when plugin fails to initialize. 2020-06-09 10:25:43 +08:00
post_action_creator.rb FIX: Reviews that are auto-hidden by a trusted spam flagger should always have enough weight. (#10284) 2020-07-22 11:42:15 -03:00
post_action_destroyer.rb FIX: Unlike own posts on ownership transfer (#10446) 2020-08-19 09:21:02 -06:00
post_action_result.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_creator.rb FEATURE: new setting to create a linked topic on autoclosing mega topics (#11001) 2020-11-02 12:18:48 +05:30
post_destroyer.rb FEATURE: Allow category group moderators to delete topics (#11069) 2020-11-05 12:18:26 -05:00
post_jobs_enqueuer.rb FIX: the muted message should be sent after edit (#9593) 2020-05-01 08:33:57 +10:00
post_locker.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_merger.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_revisor.rb FIX: Staff can create and edit posts even if a topic is in slow mode. (#11057) 2020-10-28 16:47:50 -03:00
pretty_text.rb FIX: Make secure image onebox check more robust (#11179) 2020-11-10 12:55:18 +10:00
promotion.rb FIX: TL2 promotion message and advance training (#10679) 2020-09-22 10:17:52 +10:00
quote_comparer.rb FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
rake_helpers.rb Try fix upload_spec flakys and remove logging from tasks/uploads_spec 2020-02-18 15:08:58 +10:00
rate_limiter.rb PERF: introduce aggressive rate limiting for anonymous (#11129) 2020-11-05 16:36:17 +11:00
read_only_header.rb DEV: rename ReadOnly module to ReadOnlyHeader 2019-05-06 16:07:49 +02:00
retrieve_title.rb FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
route_format.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
route_matcher.rb REFACTOR: Introduce RouteMatcher class 2020-10-19 10:40:55 +01:00
rtl.rb Check site default locale if Rtl class is initialized without a user (#8417) 2019-11-26 15:01:37 -05:00
s3_helper.rb FIX: AWS S3 errors don't necessarily include a message 2020-08-12 17:00:09 -04:00
s3_inventory.rb FIX: inconsistency in S3 inventory config (#11112) 2020-11-05 08:39:40 -05:00
score_calculator.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
screening_model.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
search.rb FIX: Properly handle quotes and backslash in Search.set_tsquery_weight_filter 2020-10-23 08:43:34 +08:00
secure_session.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
shrink_uploaded_image.rb FIX: Handle the case where upload goes missing during downsizing 2020-07-06 18:51:38 +02:00
single_sign_on_provider.rb FIX: Handle missing provider return sso url 2020-05-12 18:16:50 -06:00
single_sign_on.rb FEATURE: support SSO website and location overrides 2020-04-28 16:06:35 +10:00
site_icon_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_setting_extension.rb DEV: Make site setting type uploaded_image_list use upload IDs (#10401) 2020-10-13 16:17:06 +03:00
slug.rb FIX: If a prettified slug is a number, return defaultt (#8554) 2019-12-17 10:34:20 +10:00
socket_server.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
spam_handler.rb FIX: use allowlist and blocklist terminology (#10209) 2020-07-27 10:23:54 +10:00
sql_builder.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
staff_constraint.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
staff_message_format.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
suggested_topics_builder.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
system_message.rb FIX: TL2 promotion message and advance training (#10679) 2020-09-22 10:17:52 +10:00
text_cleaner.rb FEATURE: English locale with international date formats 2019-05-20 13:47:20 +02:00
text_sentinel.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_javascript_compiler.rb DEV: Remove Discourse.RAW_TEMPLATES (#9630) 2020-05-05 12:15:03 -04:00
theme_modifier_helper.rb DEV: Allow plugins to add theme modifiers via db migrations (#9192) 2020-03-12 16:35:28 +00:00
theme_settings_manager.rb FEATURE: add support for upload format in theme settings. 2020-04-15 18:34:02 +05:30
theme_settings_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
timeline_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_creator.rb FIX - downcase strings consistently (#10861) 2020-10-08 11:28:07 +11:00
topic_list_responder.rb DEV: Refactor draft attributes for CategoryList and TopicList. 2020-07-24 10:11:30 +08:00
topic_publisher.rb FIX: Use destroy_all instead of delete_all for shared drafts 2020-03-05 11:13:43 -08:00
topic_query_params.rb Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse"" 2020-05-23 00:56:13 -04:00
topic_query_sql.rb DEV: Rails 5.2 upgrade and global gem upgrade 2018-06-07 14:21:33 +10:00
topic_query.rb FIX: Respect show_category_definitions_in_topic_lists in category lists (#10853) 2020-10-07 14:19:48 -04:00
topic_retriever.rb FIX: An opts hash was not, in fact, optional :) 2020-04-20 14:17:13 -04:00
topic_subtype.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_upload_security_manager.rb FEATURE: Update upload security status on post move, topic conversion, category change (#8731) 2020-01-23 12:01:10 +10:00
topic_view.rb FEATURE: Allow category group moderators to delete topics (#11069) 2020-11-05 12:18:26 -05:00
topics_bulk_action.rb FEATURE: bulk remove tags (#10831) 2020-10-06 22:41:55 +05:30
trust_level.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
turbo_tests.rb FIX: Made turbo_rspec display errors in shared groups correctly 2019-08-29 12:41:14 +01:00
twitter_api.rb DEV: Update rubocop-discourse from 2.3.2 to 2.4.0 (#11079) 2020-10-30 15:04:29 +01:00
unicorn_logstash_patch.rb DEV: Fix lint. 2020-07-21 15:55:03 +08:00
unread.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
upload_creator.rb FIX - don't attempt to optimized animated images (#11031) 2020-10-26 15:10:19 -04:00
upload_fixer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
upload_markdown.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
upload_recovery.rb DEV: Recover missing files of existing uploads (#10757) 2020-10-01 14:54:45 +02:00
upload_security.rb DEV: Fix flaky UploadSecurity spec 2020-09-18 14:36:41 -04:00
url_helper.rb Replace base_uri with base_path (#10879) 2020-10-09 12:51:24 +01:00
user_lookup.rb PERF: Combine avatar_lookup and primary_group_lookup into user_lookup (#10253) 2020-07-17 10:48:08 +01:00
user_name_suggester.rb FIX: use allowlist and blocklist terminology (#10209) 2020-07-27 10:23:54 +10:00
version.rb Version bump to v2.6.0.beta5 (#11084) 2020-10-30 12:20:12 -04:00
webauthn.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
wizard.rb DEV: Allow plugins to add wizard steps after specific steps (#9315) 2020-04-01 08:36:50 -05:00