This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.

David Taylor 6520697b5c FIX: Remove plugin.enabled? checks at initialization time (#6166) ... Checking `plugin.enabled?` while initializing plugins causes issues in two ways: - An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times. - In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster. Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods. I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality: - `post_custom_fields_whitelist` - `whitelist_staff_user_custom_field` - `add_permitted_post_create_param`		2018-07-25 16:51:45 +01:00
..
assets	SECURITY: prevents XSS when showing tooltip	2018-06-27 14:53:31 +02:00
controllers	FIX: Remove plugin.enabled? checks at initialization time (#6166)	2018-07-25 16:51:45 +01:00
helpers	FIX: allow user quotes in HTML digest emails	2018-05-13 18:23:17 +02:00
jobs	FIX: Use the username formatter when updating cooked usernames	2018-05-25 17:29:06 -04:00
mailers	FIX: check for existence of topic before looking for category	2018-05-17 10:49:01 +05:30
models	FIX: Remove plugin.enabled? checks at initialization time (#6166)	2018-07-25 16:51:45 +01:00
serializers	FIX: do not show SSO external_email to moderators	2018-06-12 11:48:10 -04:00
services	FIX: ensure 'notifications_state' is up to date after creating a notification	2018-05-26 02:09:48 +02:00
views	FIX: redirect to sso_destination_url after account activation	2018-05-11 19:57:04 +02:00