jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
6,757 Commits 1 Branch 0 Tags
8a012d4c91e47e4426ded1ffa97935202cfd2afa
Commit Graph

1046 Commits

Author SHA1 Message Date
Albert Yi
448ec81e97 Merge pull request #3541 from evazion/fix-3539 
Fix #3539: Open redirect vulnerabilities
 2018-03-08 16:02:02 -08:00
r888888888
3657cacd17 * post keeper is calculated synchronously 
* add fallback mechanism in case archive service is not up
* pass along most recently added tags to any keeper calculation
 2018-03-08 16:00:44 -08:00
r888888888
0c5dcbbf68 Revert "Revert "implement post keepers"" 
This reverts commit b9fcfe0442.
 2018-03-06 18:04:31 -08:00
evazion
5ad06a4034 Fix #3552: Upload filesize limits can be bypassed. 
* Change `http_get_streaming` to write the output file directly,
  instead of taking a callback.

* Track the filesize as the download progresses and abort when it
  exceeds the limit.

* Don't save the Content-Type (it's not used anywhere).
 2018-02-27 18:22:34 -06:00
Albert Yi
7d5ad1bcc4 Merge pull request #3563 from evazion/fix-3528 
Fix #3528: Add method to prevent image-hosting CloudFlare sites from altering the image
 2018-02-26 17:40:46 -08:00
evazion
78aba1c5b1 Fix #3554: approving BUR with nil forum_post_id doesn't update forum. 
Wrap `approve!` and `reject!` in transactions so that if there's an
error in approving or rejecting a BUR, it leaves the BUR's status
unchanged instead of updating the BUR but not updating the forum.
 2018-02-24 15:04:57 -06:00
evazion
2b8767d7f4 BulkUpdateRequest#approve!: don't swallow exceptions. 
Rescue `AliasAndImplicationImporter::Error` instead of `Exception`.
 2018-02-24 14:37:02 -06:00
evazion
c9eee7e4d4 Fix #3528: Prevent CloudFlare from altering images. 2018-02-24 13:42:00 -06:00
evazion
b859a1f714 downloads: add tests for untested sites. 2018-02-24 13:42:00 -06:00
evazion
3fefb73e90 Fix #3561: Tumblr: support answer posts. 2018-02-24 10:31:59 -06:00
Albert Yi
d8340f83db Revert "Fix #3528: Add method to prevent image-hosting CloudFlare sites from altering the image" 2018-02-21 17:20:13 -08:00
evazion
263fd0eef1 Fix #3528: Prevent CloudFlare from altering images. 2018-02-17 11:43:27 -06:00
evazion
84a0a89f4b Fix #3539: Open redirect vulnerabilities. 2018-02-07 19:52:52 -06:00
Albert Yi
b9fcfe0442 Revert "implement post keepers" 2018-02-07 12:28:56 -08:00
r888888888
32cc508edb hide uploader information on posts/show page, add keeper information 2018-02-01 14:38:03 -08:00
evazion
100c1d2828 Fix #3523: Feedback notification dmails should include the text of the feedback. 2018-01-28 14:32:38 -06:00
evazion
f8a5620768 Partial fix for #3514: Handle https://twitter.com/i/web/status/:id URL. 2018-01-23 23:07:21 -06:00
evazion
46b0f9e6d6 Update dotenv. 
dotenv-2.2.1 no longer loads .env.local in the test environment. Load it
manually for backwards compatibility.
 2018-01-20 19:04:48 -06:00
evazion
a923a64220 tests: fix pixiv profile image test. 2018-01-20 14:51:05 -06:00
evazion
53f7207716 tests: remove bad_id pixiv test. 2018-01-20 14:50:44 -06:00
evazion
e596a7fd0f tests: fix <char>_(cosplay) alias test. 2018-01-20 14:26:16 -06:00
evazion
83ab90d495 tests: fix tag removal warning tests. 2018-01-20 13:59:21 -06:00
evazion
e47c983cfd tests: fix pawoo tags test. 2018-01-20 13:25:13 -06:00
evazion
c29785268d tests: fix iqdb controller test (#3479). 2018-01-20 13:22:05 -06:00
evazion
ce06736374 tests: fix timestamp comparison in artist notes saving test. 
Equality test failed due to microsecond level differences. Truncate to
seconds to avoid this.
 2018-01-20 13:08:40 -06:00
evazion
3d09ce5e55 tests: fix status:active test for #3472. 2018-01-20 12:50:30 -06:00
Albert Yi
dfd343f70e Merge pull request #3496 from BrokenEagle/feat-mod-action-event-ids 
Add categories to mod actions
 2018-01-15 11:09:38 -08:00
evazion
88f4a56890 Fix #3497: Invalid DText denial of service attack. 2018-01-14 16:14:18 -06:00
evazion
4f543671a2 tests: move test/helpers to test/test_helpers. 
The Rails convention is for test/helpers to be used for testing the view
helpers in app/helpers. We were using it to store certain utility
methods instead. Move these to test/test_helpers so that test/helpers
can be used for its intended purpose.
 2018-01-14 16:11:15 -06:00
BrokenEagle
dd8d80eaf7 Updated tests for mod actions 2018-01-14 00:07:20 -08:00
r888888888
604e9e9866 fix some unit tests 2018-01-02 15:12:48 -08:00
r888888888
4a80d6c337 refactor User#validate_sock_puppet to disable for tests 2018-01-02 14:32:38 -08:00
evazion
1ca2497015 Fix #3474: Spurious email notifications. 2017-12-28 18:50:08 -06:00
evazion
d8eef6ef2b Fix #1563: Warn users attempting to upload with very few tags. 2017-12-27 15:04:00 -06:00
evazion
32ac09ee48 Add test for registering sock puppet accounts. 2017-12-27 13:33:57 -06:00
Albert Yi
010e70e6c7 Merge pull request #3454 from evazion/fix-3448 
Fix #3448: Lower the limit for tag category changes
 2017-12-25 13:20:45 -08:00
evazion
91592b2f18 Fix #3448: Lower the limit for tag category changes. 
Also allow admins to bypass all restrictions.
 2017-12-23 13:44:45 -06:00
evazion
19bda2056c tags: update category cache whenever category changes. 
Do `update_category_cache_for_all` in a callback instead of calling it
manually everywhere.
 2017-12-23 13:07:23 -06:00
evazion
265377bdbb Fix #3450: Aliased tags show up under translated tags. 
Resolves aliases in translated tags. For example, say we lookup `遠坂凛`
and find `tohsaka_rin` and `toosaka_rin`. We apply aliases so that
`tohsaka_rin` becomes `toosaka_rin`, which is then returned as the only
translated tag.
 2017-12-23 12:27:58 -06:00
r888888888
461ddbf017 fixes #3422 2017-12-21 11:33:23 -08:00
evazion
fcec99405c Fix failure in rake db:migrate on fresh install (#3443). 
Create the DanbooruBot account in db/seeds.rb instead of in an
initializer. Move the old db/seeds.rb to db/populate.rb.

Fixes a bug introduced in e2eb45a. Creating DanbooruBot in an
initializer was wrong because in a fresh install the users table doesn't
exist yet. This caused `rake db:migrate` to fail.
 2017-12-21 12:08:08 -06:00
Albert Yi
dc744726b6 Merge pull request #3442 from evazion/fix-3440 
Fix #3440: Implications aren't applied to automatic tags.
 2017-12-19 15:50:36 -08:00
Albert Yi
a1985a9ca2 Merge pull request #3435 from evazion/fix-3324 
Fix #3324: Incorporate replacement comment info in the replacement history
 2017-12-19 15:02:06 -08:00
r888888888
87d3da95b1 add test case for RelatedTagQuery#other_wiki_category_tags 2017-12-19 13:02:44 -08:00
evazion
8c44789fbc Fix #3440: Implications aren't applied to automatic tags. 
Apply implications after adding automatic tags.
 2017-12-19 14:37:12 -06:00
evazion
fa941e9480 /post_replacements: allow updating image metadata in past replacements. 2017-12-18 18:03:03 -06:00
evazion
eede2f0752 Fix #3324: Incorporate replacement comment info in the replacement history. 2017-12-18 18:02:43 -06:00
Albert Yi
fb6d692c37 Merge pull request #3429 from evazion/fix-bogus-find-artist 
Fix #2696: Bogus results on non-matching URL searches for Artists
 2017-12-18 10:28:32 -08:00
evazion
859fe99a80 Fix #2696: Bogus results on non-matching URL searches for Artists 2017-12-17 21:00:34 -06:00
evazion
2a876991da Accept search[created_at] and search[updated_at] params in all controllers. 2017-12-17 17:37:26 -06:00