RFC 5322 allows special characters, including ? and =, to be used in e-mail addresses.
RFC 2047 is an extension that adds a feature called "encoded words" which let you embed different encodings in the same header. However, it explicitly says that these aren't allowed in e-mail address headers.
Encoded words have the format:
encoded-word = "=?" charset "?" encoding "?" encoded-text "?="
Where encoding is either Q or B, but could take on other values in the future.
After this change we consider e-mail addresses with an encoded word inside invalid.
Discourse message-bus traffic is not considered a 'public api' for
general consumption. However, it does make sense to have consistency
with the CORS behavior of the rest of the app, so that people can use it
at their own risk.
This is fairly minor because usually SVGs aren't focusable, but this
adds `aria-hidden='true'` to all SVGs by default unless either an
`aria-label` or `label` is provided. This gets reported to us in
automated tests from time to time.
So now:
1. SVG: `aria-hidden="true"` (new behavior, safe default when no label
is provided)
2. SVG with `label` param: `aria-hidden="true"` and `sr-only` label is
provided
3. SVG with `aria-label` param: `aria-hidden="false"` and `aria-label`
is provided
When typing `:emoji:` or `:)` to create emoji nodes through ProseMirror
inputrules, this PR changes the handler to enforce the use of the
existing marks in the current caret position (if it's a link, bold, etc)
so the newly created emoji is marked with the same marks(s).
We phased out the site setting for `max_similar_results` in #32934 -
this change is a follow up migration to delete the site setting from the
database.
This commit removes the color palette dropdown from the theme page and replaces it with a new "Colors" tab where the theme's color palette can be edited directly in that tab on the theme page. With this change, a theme's color palette is strongly tied to its theme and can't be linked to other themes and it can't be selected by users without using the theme as well.
All of the changes are behind a feature flag. To enable it, turn on the `use_overhauled_theme_color_palette` setting.
Co-authored-by: Ella <ella.estigoy@gmail.com>
Currently, if you configure a webhook with reviewable events and apply
categories/tags filtering, no webhook gets fired for reviewable events.
This is because when we schedule the `EmitWebHookEvent` job, we don't
pass to it the reviewable's category or tags, making it seem like the
reviewable doesn't belong to the filtering category/tags that webhook
specifies.
A few minor versions of Bullet were incompatible with Discourse because we use our own content security policy middleware.
This has now been fixed upstream and released in 8.0.7.
As part of the review queue refresh, we'll be adding the ability for moderators to make notes on individual reviewable items. As a first step, this change adds the new model and associated backend code.
Improves the styles for the [details] caret pseudo-element on the rich
editor.
Additionally, having `summary` have no `pointer-events` is important so
Firefox doesn't mess with our caret positioning when clicking it.
### Description
When accessing a category via
`<baseUrl>/c/<categoryId>.json?page={pageNumber}`, it issues a redirect
to `<baseUrl>/c/<categorySlug>/<categoryId>.json?.....`. During this
redirect, any numeric occurrence matching the categoryId in the query
string is also rewritten - including the page parameter - causing
incorrect behavior (e.g., `page=5` becoming `page=community/5`).
This PR fixes the logic ensuring that the query parameters remain
intact.
### How to reproduce?
Try opening this link https://meta.discourse.org/c/10.json?page=10 in
the browser. It will throw a 400 Bad Request error. When we inspect the
url, we will notice the page number has been replaced by the
`slug/categoryId`
Removes the composer educational tips for:
- upload avatar
- sequential replies
- reviving old topic
We are also removing the associated site settings that are now
redundant:
- Disable avatar education message
- Sequential replies threshold
- Warn reviving old topic age
This commit adds a `@resizable` argument to `<AceEditor />`
and sets it to true always for the FormKit code control.
This allows the user to vertically resize the editor inside
FormKit forms. Horizontal resizing is not allowed at this
time, it's more unpredictable for layout, and the vertical
resizing is mostly what's needed anyway.
Also changes the FormKit code control to use min-height of
250px so the inline style height takes precedence, before
it was a hardcoded !important height.
Currently, if a batch "copy" of an import step results in all rows being
skipped, the `after_commit_of_skipped_rows` callback is never triggered.
This happens because the callback is nested inside a block that only
runs when at least one row is inserted.
This change ensures the DB copy operation returns both inserted and
skipped rows, allowing the caller to respond appropriately in either
case.
---------
Co-authored-by: Gerhard Schlager <gerhard.schlager@discourse.org>
Uses a getter to reactively re-render the search context (eg. "in
messages").
Also fixes an issue where although the in:messages suggestion appeared,
it didn't work to add the PM context.
Starts defining a more generic API, so a different toolbar instance can
be used as a replacement on the main toolbar as well as a foundation for
rendering the same toolbar as a floating element.
This toolbar reuse started here for the link toolbar:
https://github.com/discourse/discourse/pull/32583, then got extracted to
this PR.
---------
Co-authored-by: Sérgio Saquetim <1108771+megothss@users.noreply.github.com>
