GuestNo new alerts

Patch 17

- Updates163
 
I'll start with the main attraction, and then, some things I did between Patches 16 and 17.

Firstly, as part of the email related updates I've been pushing over the past few weeks, I've implemented passwords resets. This is a somewhat simple, but effective way for people to reclaim their accounts after forgetting their passwords.

Please note however that if you have 2FA enabled, then you will be required to present your 2FA token when you insert a new password.

I've also tightened the content security policy a bit more by eliminating inline scripts in the profiles (which also solved a minification bug) and I made it harder for users to inject arbitrary scripts onto pages.

For Cosora, I've added a WYSIWYG Editor for replies, it will likely get refined in the future. I might also improve the non-existent editor for Nox in the near future.

I have also fixed a bug where my avatar wouldn't update on gosora-project.com. As a side effect, the thumbnailer is more resilient against failure and the /uploads/ folder will be a little neater / smaller.

For the actual patch itself, we add the password_resets table.

More can be found here:

https://github.com/Azareal/Gosora/commit/f41a5dd9439ea26b0b6d04576c2b99ae56e10885

https://github.com/Azareal/Gosora/commit/3cb5896316885e9caaf533e5228f850118096508

https://github.com/Azareal/Gosora/commit/a28b6c2690337f3636aca8bf30b35916a1940605

https://github.com/Azareal/Gosora/commit/836a148ee8792d183709192410ef6916bef76195

https://github.com/Azareal/Gosora/commit/93b292acc06b152e6db795d6c01d664669b0fb7e

https://github.com/Azareal/Gosora/commit/e22ddfec40b4b94d0b6b46f8824da145676900f6

There are some others too, but they're very tiny.