osr-plastic/osr-discourse-src
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.
13aed6fe3b
osr-discourse-src/spec/integration
History
David Taylor f45853676f
SECURITY: Ensure _forum_session cookies cannot be reused between sites (#14950) 
This only affects multisite Discourse instances (where multiple forums are served from a single application server). The vast majority of self-hosted Discourse forums do not fall into this category.

On affected instances, this vulnerability could allow encrypted session cookies to be re-used between sites served by the same application instance.
2021-11-15 15:50:12 +00:00
..
api_keys_spec.rb DEV: Introduce plugin API to contribute user api key scopes 2020-10-19 10:40:55 +01:00
auto_reject_reviewable_users_spec.rb FIX: do not send rejection emails to auto-deleted reviewable users (#12160) 2021-02-22 18:37:47 +05:30
category_tag_spec.rb FEATURE: Tag synonyms 2019-12-04 13:33:51 -05:00
content_security_policy_spec.rb FIX: Allow CSP to work correctly for non-default hostnames/schemes (#9180) 2020-03-19 19:54:42 +00:00
email_style_spec.rb FIX: Pluralized translation overrides didn't work for en_US 2020-08-29 00:11:46 +02:00
flags_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
group_spec.rb UX: Include public groups in mentionable groups set (#8516) 2019-12-12 13:13:40 +02:00
invite_only_registration_spec.rb DEV: Use response.parsed_body in specs (#9615) 2020-05-07 17:04:12 +02:00
message_bus_spec.rb SECURITY: Restrict message-bus access on login_required sites 2019-08-14 09:43:12 +01:00
multisite_cookies_spec.rb SECURITY: Ensure _forum_session cookies cannot be reused between sites (#14950) 2021-11-15 15:50:12 +00:00
multisite_spec.rb DEV: Improve multisite testing (#14884) 2021-11-11 16:44:58 +00:00
rate_limiting_spec.rb FEATURE: Add global admin api key rate limiter (#12527) 2021-06-03 10:52:43 +01:00
same_ip_spammers_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
spam_rules_spec.rb Migrate score settings to use sensitivities 2019-05-24 15:44:24 -04:00
topic_auto_close_spec.rb FIX: Auto close topic from category settings based on topic created_at (#12082) 2021-02-17 07:51:39 +10:00
topic_thumbnail_spec.rb PERF: we don't need to use a huge image to test thumbnails (#11025) 2020-10-27 12:39:52 +11:00
watched_words_spec.rb SECURITY: Escape watched word in error message (#14434) 2021-09-24 11:55:15 +03:00