* DEV: Remove the margin from widget-dropdown
Generic components should not have a margin. Those should be styled in the place where they are used.
* DEV: Remove margin from the dropdown body
It triggered a warning in popper and was effectively a no-op as popper positions dropdowns on its own using `position: fixed` and `top/right/bottom/left` properties.
When creating a bookmark reminder that deletes the bookmark on reminder, if the user clicked on the notification and got taken to the post in the topic the bookmark icon still showed as blue with the reminder clock indicator. This was because the response JSON for reloading a topic post was not including the bookmark attributes, not even the bookmarked boolean.
We now return the correct attributes in the serializer, and if bookmarked is false we clear all the bookmark related attributes on the post for the notification to make sure nothing of the old bookmark remains in the UI.
This was only a problem if the user did not refresh the app completely inbetween setting the reminder and receiving the notification.
* strip out the href and xlink:href attributes from use element that
are _not_ anchors in svgs which can be used for XSS
* adding the content-disposition: attachment ensures that
uploaded SVGs cannot be opened and executed using the XSS exploit.
svgs embedded using an img tag do not suffer from the same exploit
We have a couple of examples of enormous amounts of text being entered in the name column of bookmarks. This is not desirable...it is just meant to be a short note / reminder of why you bookmarked this.
This PR caps the column at 100 characters and truncates existing names in the database to 100 characters.
* This is causing issues where sometimes bookmarked is out of sync with what is in the Bookmark table. The BookmarkManager handles updating this column now.
* Add migration to fix bookmarked column that is incorrectly marked false when a Bookmark record exists.
Before this change:
- first full page load would get category defaults defined un cateory settings
- a navigation to a topic and then back to categories list would reset defaut to the ones defined in discovery/topics
* add composer:saved, composer:created-post, and composer:edited-post
appEvents inside the composer controller, to make it easier to detect
these events in plugins
* FIX: Fix race condition when resolving tag and category hashtags
If the category hashtags were resolved first and then tag hashtags, then
the tags would overwrite the categories. Similarly, if the category
hashtags were resolved last it would overwrite even hashtags which ended
with '::tag'.
* DEV: Add test
* DEV: Fix test
Bianca Nenciu
Jarek Radosz
Arpit Jalan
Bianca Nenciu
Krzysztof Kotlarek
David Taylor
Dan Ungureanu
Martin Brennan
Kris
Rafael dos Santos Silva
Mark VanLandingham
Robin Ward
Martin Brennan
Guo Xiang Tan
Jordan Vidrine
Penar Musaraj
marielaSAG
Kane York
jjaffeux