This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.

Dan Ungureanu 34a76bf106 FIX: Do not set destination_url cookie after deleting own account. (#8028) ... destination_url cookie is used to redirect the user to the a private page after they have logged in. After deleting own account, a user's pages would be refreshed which would set the destination_url, cookie that can cause a redirect to an invalid page after logging in again. Reproduction steps: 1. User is at `/u/:username/preferences/account` and deletes account by requesting DELETE `/u/:username.json`. 2. User is being destroyed and a MessageBus message (`file-change`, `['refresh']`) is published. 3. User receives response to DELETE request, but page may be or not refreshed. Anyway, since they can no longer see the preferences page, they are redirected to `/login` and `destination_url` cookie is set, that will redirect on next login (but to the previous preferences page).		2019-08-22 17:42:45 +02:00
..
assets	prettier (#8031)	2019-08-22 15:27:45 +02:00
controllers	FIX: Allow topic edits when using a hidden tag	2019-08-21 16:33:01 -04:00
helpers	SECURITY: add rate limiting to anon JS error reporting	2019-08-20 11:29:11 +10:00
jobs	FIX: Don't try to delete staged, unused admins and mods	2019-08-21 15:29:51 +02:00
mailers	FEATURE: customization of html emails (#7934)	2019-07-30 15:05:08 -04:00
models	FIX: Regularly reset unknown extension of uploads	2019-08-21 10:23:20 +02:00
serializers	Revert "FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)"	2019-08-20 13:29:22 -03:00
services	FIX: Do not set destination_url cookie after deleting own account. (#8028)	2019-08-22 17:42:45 +02:00
views	FIX: properly load desktop and mobile only plugin css assets.	2019-08-22 08:39:10 +05:30