Age | Commit message (Collapse) | Author |
|
This commit, introduced in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/23812,
fixes a problem creating a displaying image diff notes when the image
is stored in LFS. The main problem was that `Gitlab::Diff::File` was
returning an invalid valid in `text?` for this kind of files.
It also fixes a rendering problem with other LFS files, like text
ones. They LFS pointer shouldn't be shown when LFS is enabled
for the project, but they were.
|
|
Port of "Fix XSS on commit diff view" for 10-6
See merge request gitlab/gitlabhq!2364
|
|
Closes #41561
|
|
updated the spec
|
|
|
|
|
|
When you change the diff view (inline / side-by-side), we set a cookie based on
that new view. When you add a comment, we choose the style to use in the
response based on that cookie.
However, when you have just changed diff style, the request cookie will contain
the old value, so we should use the view param instead.
|
|
|
|
|
|
Fix: A diff comment on a change at last line of a file shows as two comments in discussion
Closes #32353
See merge request !11802
|
|
|
|
in discussion
|
|
|
|
|
|
Ports changes from https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/642 back into CE
|
|
Don't accidentally mark unsafe diff lines as HTML safe
Fixes potential XSS issue when a legacy diff note is created on a merge
request whose diff contained HTML
See https://gitlab.com/gitlab-org/gitlab-ce/issues/25249
See merge request !2040
|
|
|
|
|
|
|
|
|
|
So we have raw_diffs too
|
|
|
|
|
|
With the option to expand and collapse individual diffs, these aren't
needed any more.
|
|
# Conflicts:
# app/helpers/notes_helper.rb
# app/views/projects/diffs/_line.html.haml
# app/views/projects/diffs/_parallel_view.html.haml
# app/views/projects/diffs/_text_file.html.haml
# features/steps/shared/diff_note.rb
|
|
|
|
Added more exceptions
Added handling inline view type
|
|
Gitlab::Diff::InlineDiff
|
|
Prior, when the user had their view set to "parallel" and then visited a
merge request's changes tab _without_ passing the `view` parameter via
query string, the view would be parallel but the `Notes` class was
always instantiated with the default value from `diff_view` ("inline"),
resulting in broken markup when the form to add a line note was
dynamically inserted.
The cookie is set whenever the view is changed, so this value should
always be up-to-date.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/14557
|
|
|
|
|
|
|
|
* Use commit objects instead of IDs when generating diffs
* Use proper references when generating MR's source and target
* Update broken specs
|
|
|
|
|
|
|
|
|
|
|
|
Diffs with a large number of changed lines time out (504 HTTP error) or
generate a HTML page that's so heavy web browsers struggle with it.
https://github.com/gitlabhq/gitlabhq/pull/5014 introduced limits on
commit line count so that only a safe portion is rendered. This was
later undone by code refactoring in be5b6db8, e0eb4803 and c741fcab.
This patch re-introduces a safe limit on number of lines.
|
|
|
|
Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
|
|
Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
|
|
|
|
|