c532f6eb3d
This adds a new secure_uploads_pm_only site setting. When secure_uploads is true with this setting, only uploads created in PMs will be marked secure; no uploads in secure categories will be marked as secure, and the login_required site setting has no bearing on upload security either. This is meant to be a stopgap solution to prevent secure uploads in a single place (private messages) for sensitive admin data exports. Ideally we would want a more comprehensive way of saying that certain upload types get secured which is a hybrid/mixed mode secure uploads, but for now this will do the trick. |
||
|---|---|---|
| .. | ||
| cloud/cloud66 | ||
| environments | ||
| initializers | ||
| locales | ||
| application.rb | ||
| boot.rb | ||
| cdn.yml.sample | ||
| database.yml | ||
| deploy.rb.sample | ||
| dev_defaults.yml | ||
| discourse.config.sample | ||
| discourse.pill.sample | ||
| discourse_defaults.conf | ||
| environment.rb | ||
| logrotate.conf | ||
| multisite.yml.production-sample | ||
| nginx.global.conf | ||
| nginx.sample.conf | ||
| projections.json | ||
| puma.rb | ||
| routes.rb | ||
| sidekiq.yml | ||
| site_settings.yml | ||
| spring.rb | ||
| thin.yml.sample | ||
| unicorn.conf.rb | ||
| unicorn_launcher | ||
| unicorn_upstart.conf | ||