closes#7313
- Adds `getSanitizedFileName` function to storage/base.js which replaces non A-Z0-9@. chacracters with -
- modifies /api/theme.js so that zip.shortName is consistent throughout.
closes#7192
- add 008 migration
- added script to re-run 006/01
- re-run 006/01 migration for postgres in any timezone (transform formats only)
- re-run 006/01 migration for sqlite (transform formats only)
- rely on format checks for sqlite, do not check server TZ
no issue
- as part of a release, we run npm dedupe, npm prune and npm shrinkwrap. In certain cases this can change which dependencies are used
- with this change `grunt deps` will run those 3 tasks so it's easier to test what happens
closes#7350
- When the active theme is overridden, ensure that the activateTheme middleware gets called by removing the `req.app.activeTheme` value.
- Additionally, ensure that the full cache is invalidated
no issue
`{{amp_content}}` helper can handle error now, if returned from `Amperize` module. In case of on error, we return the unprocessed HTML, which will then get validated by the `Sanitize` functionality.
The unprocessed HTML will be stored in the cache, until the post is updated.
Points to Amperize fork of AileenCGN as dependency to have include the error handling changes incl. timeouts.
* 🐛 fix direct update
closes#7297
- move sitemap initialisation into sitemap handler
- initialise sitemap on first request to sitemap
* 🐛 fix how we pass options to migration files
refs #7317
- clone options when passing them into the migration/fixture files
- do not use default sequence, because it does not clone the arguments
refs #7305
* 🎨 display upgrade alerts with the correct "info" style
* 💄 update use of notifications status/type/location attrs to reflect current usage
no issue
Uses `allowedAttributes` functionality of `Sanitize` HTML and whitelists attributes for certain tags, regarding
AMP validation rules.
This PR fixes issues with inline style like `border`, `bgcolor`, `align` and so on.
closes#7277
Adds `.zip` to `extensions` and `application/zip` to `contentTypes` in config, specificly for uploads to `db`, to allow .zip-file file uploads from labs.
no issue
Video tags aren't supported in Amperize yet, therefore, we strip them out. If a `<video>` tag has nested `<source>` elements, they would stay because they are whitelisted regarding `Sanitize`, as we use them for `<audio>` tags as well.
This PR uses `cheerio` to strip out in `<video>` nested `<source>` tags, without removing the fallback text.
It also removes prohibites attributes for `<amp-iframe>` which are e. g. used by Vimeo embeds.
Removes every kind of inline `style` attributes, as they will cause validation errors as well.
