
I'll start with the main attraction, and then, some things I did between Patches 16 and 17.
Firstly, as part of the email related updates I've been pushing over the past few weeks, I've implemented passwords resets. This is a somewhat simple, but effective way for people to reclaim their accounts after forgetting their passwords.
Please note however that if you have 2FA enabled, then you will be required to present your 2FA token when you insert a new password.
I've also tightened the content security policy a bit more by eliminating inline scripts in the profiles (which also solved a minification bug) and I made it harder for users to inject arbitrary scripts onto pages.
For Cosora, I've added a WYSIWYG Editor for replies, it will likely get refined in the future. I might also improve the non-existent editor for Nox in the near future.
I have also fixed a bug where my avatar wouldn't update on gosora-project.com. As a side effect, the thumbnailer is more resilient against failure and the /uploads/ folder will be a little neater / smaller.
For the actual patch itself, we add the password_resets table.
More can be found here:
https://github.com/Azareal/Gosora/commit/f41a5dd9439ea26b0b6d04576c2b99ae56e10885
https://github.com/Azareal/Gosora/commit/3cb5896316885e9caaf533e5228f850118096508
https://github.com/Azareal/Gosora/commit/a28b6c2690337f3636aca8bf30b35916a1940605
https://github.com/Azareal/Gosora/commit/836a148ee8792d183709192410ef6916bef76195
https://github.com/Azareal/Gosora/commit/93b292acc06b152e6db795d6c01d664669b0fb7e
https://github.com/Azareal/Gosora/commit/e22ddfec40b4b94d0b6b46f8824da145676900f6
There are some others too, but they're very tiny.
Firstly, as part of the email related updates I've been pushing over the past few weeks, I've implemented passwords resets. This is a somewhat simple, but effective way for people to reclaim their accounts after forgetting their passwords.
Please note however that if you have 2FA enabled, then you will be required to present your 2FA token when you insert a new password.
I've also tightened the content security policy a bit more by eliminating inline scripts in the profiles (which also solved a minification bug) and I made it harder for users to inject arbitrary scripts onto pages.
For Cosora, I've added a WYSIWYG Editor for replies, it will likely get refined in the future. I might also improve the non-existent editor for Nox in the near future.
I have also fixed a bug where my avatar wouldn't update on gosora-project.com. As a side effect, the thumbnailer is more resilient against failure and the /uploads/ folder will be a little neater / smaller.
For the actual patch itself, we add the password_resets table.
More can be found here:
https://github.com/Azareal/Gosora/commit/f41a5dd9439ea26b0b6d04576c2b99ae56e10885
https://github.com/Azareal/Gosora/commit/3cb5896316885e9caaf533e5228f850118096508
https://github.com/Azareal/Gosora/commit/a28b6c2690337f3636aca8bf30b35916a1940605
https://github.com/Azareal/Gosora/commit/836a148ee8792d183709192410ef6916bef76195
https://github.com/Azareal/Gosora/commit/93b292acc06b152e6db795d6c01d664669b0fb7e
https://github.com/Azareal/Gosora/commit/e22ddfec40b4b94d0b6b46f8824da145676900f6
There are some others too, but they're very tiny.