osr-plastic/osr-discourse-src
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
13,032 Commits 130 Branches 462 Tags 739 MiB
38fbdf65ef
Commit Graph

34 Commits

Author SHA1 Message Date
Marcin Rataj
9dccd975d9 UX: whitelist OpenStreetMap iframes 2014-11-17 14:30:25 +01:00
Robin Ward
8199c3b440 Don't add the g flag 2014-11-07 12:09:45 -05:00
Robin Ward
0044a99000 Don't raise an error for global regexps; warn the plugin author instead. 2014-11-07 12:04:44 -05:00
Kane York
b79c835c07 Fix data-* behavior (failure to understand own docs) 2014-10-05 15:11:26 -07:00
riking
0532468499 Fix JSHint 2014-10-05 14:58:48 -07:00
riking
1436f75a9f FEATURE: Allow explicit rel="nofollow" on links 2014-10-05 14:58:48 -07:00
riking
0586b3dd25 Clean up validateAttribute() function 
Remove code duplication
 2014-10-05 14:58:47 -07:00
riking
32cc31319f FIX: Use lang- prefixes for HLJS; add nohighlight for ... 
text; use a proper whiteListTag() call.

Old posts are not affected - no global rebake is necessary.
 2014-10-05 14:58:47 -07:00
riking
22a4ceceee Auto-anchor attribute regexes, document _validTags 2014-10-05 12:17:56 -07:00
Jens Maier
543bc53598 FIX: double-escaped single quotes in URLs 2014-09-18 22:07:42 +02:00
Robin Ward
0fba445bc1 FIX: Broken build 2014-08-25 13:35:40 -04:00
Robin Ward
f10f9585ae Better Support for whitelisting caja tags 2014-08-25 13:11:20 -04:00
Neil Lalonde
5a33e6f00c Move FAQ, Terms of Service, and Privacy Policy into topics in the Staff category. First post of those topics will be rendered on their respective pages. Site settings and content are not used for these documents anymore. Translations of the default text is moved into the standard YML files. 2014-07-25 14:41:20 -04:00
Sam
fbbd4999b6 FIX: remove invalid hack, correct whitelist to use value returned from callback 2014-07-25 12:16:00 +10:00
Régis Hanol
c7330ed73f BUGFIX: errors when post-processing 'data images' 2014-07-18 17:54:18 +02:00
Sam
de7e6a9545 Feature: allow mods to cut pinned topic excerpts 2014-07-17 21:32:37 +10:00
Sam
91cd4f2d66 SECURITY: improve escaping protection 2014-07-17 16:11:10 +10:00
Sam
c12a131fb4 SECURITY: sanitizer allowing invalid attributes 2014-07-17 16:11:09 +10:00
Régis Hanol
a9342dbf92 SECURITY: fix XSS in link's href 2014-07-15 16:11:37 +02:00
Jason Taylor
df2c259836 BUGFIX: exception validating 'data-' attributes 2014-07-14 17:43:38 -07:00
Robin Ward
1886ffaff2 FIX: Work with phpBB import style links with ellipsis 2014-07-14 14:27:17 -04:00
Robin Ward
186ce78cb5 FIX: BBCode sanitization and tests 2014-07-14 11:24:25 -04:00
Sam
d54c28adc1 FIX: better whitelisting 2014-07-10 09:59:54 +10:00
Sam
9828a268b9 Fix: whitelist regex for bbcode too wide 2014-07-10 09:17:04 +10:00
Régis Hanol
6b45b635f8 FIX: properly whitelist <code> classes needed for syntax highlighting 2014-07-09 16:27:47 +02:00
Sam
9ffcbfca98 FIX: disable whitelist temporarily 
more complete fix to follow
 2014-07-09 22:13:27 +10:00
Sam
fcbc7729b6 FIX: missing BBCODE whitelists 
FEATURE: ability whitelist a RegExp
 2014-07-08 10:33:59 +10:00
Robin Ward
fc1ce96dbb FIX: Change the approach to sanitization. Includes a more detailed API 
for allowing classes and attributes for only certain tag names.
 2014-07-03 16:55:36 -04:00
Régis Hanol
c97de2c449 BUGFIX: markdown sanitize on null/undefined text 2014-05-14 12:14:33 +02:00
Régis Hanol
5edec22e28 fix the build 2014-03-27 16:57:46 +01:00
riking
593f5df503 Corrections to JSDoc 2014-03-18 18:19:20 -07:00
Vikhyat Korrapati
fad88c6cf3 Fix sanitization of smileys like <_< and <3. 2014-01-26 18:38:47 +05:30
Régis Hanol
9b6538832d whitelist google.com/maps iframes 2013-11-29 18:08:53 +01:00
Robin Ward
9adcd1579d Renamed components to lib in the JS project, as Ember has components and they mean something different. 2013-10-24 12:36:46 -04:00