Commits · 33bff3b24406f5bcbf74ca274145e692ccfdec57 · edx / edx-platform · GitLab

24 Mar, 2016 23 commits
- Merge pull request #11897 from edx/dsjen/instructor-dash-enrollment-safe-temp · 33bff3b2
```
Added safe templating to instructor_analytics.html.
```
  Dennis Jen committed Mar 24, 2016
  33bff3b2 Browse Files
- Merge pull request #11839 from edx/PERF-268 · beabe25a
```
Make CDNifying of course over image URLs only happen for relative URLs.
```
  Toby Lawrence committed Mar 24, 2016
  beabe25a Browse Files
- Merge pull request #11942 from edx/release · 90da5cea
```
Hotfix 2016-03-24
```
  Michael Frey committed Mar 24, 2016
  90da5cea Browse Files
- Merge pull request #11940 from edx/ned/update-translations · 8703affe
```
Update translations (autogenerated message)
```
  Ned Batchelder committed Mar 24, 2016
  8703affe Browse Files
- Merge pull request #11934 from edx/hotfix/2016-03-24 · c6112c35
```
[hotfix] Redirecting sidebar verification link to new checkout basket.
```
  Michael Frey committed Mar 24, 2016
  c6112c35 Browse Files
- Update translations (autogenerated message) · 026ac663
  Ned Batchelder committed Mar 24, 2016
  
  026ac663 Browse Files
- Merge pull request #11913 from edx/jibsheet/submission-history-time-zone · 93dc9050
```
This appears to actually be in UTC (not in the django TZ default).
```
  Kevin Falcone committed Mar 24, 2016
  93dc9050 Browse Files
- Merge pull request #11859 from edx/douglashall/edx_proctoring_0_12_15 · 3acc6da9
```
Updated edx-proctoring requirement to 0.12.15
```
  Douglas Hall committed Mar 24, 2016
  3acc6da9 Browse Files
- Change EcommerceService's is_enabled to accept User instead of request · 1a0b2df6
```
. And change the verification link in the sidebar to redirect to new basket if the EcommerceService is enabled.
```
  vkaracic committed Mar 24, 2016
  1a0b2df6 Browse Files
- Merge pull request #11890 from edx/dan-f/make-cms-500-safe · a0654f93
```
Make CMS 500 template safe by default
```
  Daniel Friedman committed Mar 24, 2016
  a0654f93 Browse Files
- Merge pull request #11887 from edx/dan-f/make-cms-404-safe · 32f6bc07
```
Make CMS 404 template safe by default
```
  Daniel Friedman committed Mar 24, 2016
  32f6bc07 Browse Files
- Make CMS 404 template safe by default · c210d918
  Daniel Friedman committed Mar 24, 2016
  
  c210d918 Browse Files
- Merge pull request #11924 from edx/sstudent/safe_video_template · 5ec01207
```
Sstudent/safe video template
```
  sanfordstudent committed Mar 24, 2016
  5ec01207 Browse Files
- Merge pull request #11921 from edx/sstudent/safe_welcome_back · 4a496e7d
```
making the welcome_back template safe
```
  sanfordstudent committed Mar 24, 2016
  4a496e7d Browse Files
- Make CMS 500 template safe by default · 0fd137c2
  Daniel Friedman committed Mar 24, 2016
  
  0fd137c2 Browse Files
- Added safe templating to instructor_analytics.html. · 3ff09dee
  Dennis Jen committed Mar 24, 2016
  
  3ff09dee Browse Files
- making video template safe · 3d6fb38d
  Sanford Student committed Mar 24, 2016
  
  3d6fb38d Browse Files
- Merge pull request #11932 from edx/release · 78016db3
```
Merge release to master
```
  Usman Khalid committed Mar 24, 2016
  78016db3 Browse Files
- Merge pull request #11872 from edx/muddasser/bokchoy/test_mathjax_in_hint · bcb7fe37
```
Extract hint from html instead of text
```
  Muddasser committed Mar 24, 2016
  bcb7fe37 Browse Files
- Merge pull request #11834 from edx/waheed/ecom-2948-move-white-label-sites-to-logistration · 6541ce3e
```
Moved white label sites to logistration.
```
  Waheed Ahmed committed Mar 24, 2016
  6541ce3e Browse Files
- Moved white label sites to logistration. · b8a447c1
```
ECOM-2948
```
  Waheed Ahmed committed Mar 24, 2016
  b8a447c1 Browse Files
- Merge pull request #11850 from edx/ai/tnl3964-forum-vote-button · 40dcb510
```
Fix styling of vote button in forums responses.
```
  attiyaIshaque committed Mar 24, 2016
  40dcb510 Browse Files
- Merge pull request #11910 from edx/ned/safe-templates-1 · 69339390
```
Safe templates for static_templates
```
  Ned Batchelder committed Mar 23, 2016
  69339390 Browse Files
23 Mar, 2016 17 commits
- Merge pull request #11930 from edx/private/release · 11b709af
```
Merge private/release into release
```
  Usman Khalid committed Mar 24, 2016
  11b709af Browse Files
- Quality fixes. · 59b452a4
  Usman Khalid committed Mar 24, 2016
  
  59b452a4 Browse Files
- Merge pull request #11911 from edx/renzo/safe-templates · 40ef82d5
```
Secure templates used to inject Segment and Optimizely
```
  Renzo Lucioni committed Mar 23, 2016
  40ef82d5 Browse Files
- Safe templates for static_templates · e53e5d9d
  Ned Batchelder committed Mar 23, 2016
  
  e53e5d9d Browse Files
- Merge pull request #11914 from edx/aleffert/sidebar-template · f0d8d48a
```
Mark register-sidebar template safe by default
```
  Akiva Leffert committed Mar 23, 2016
  f0d8d48a Browse Files
- Merge pull request #11894 from edx/schen/xss-fix-dashboard-course-upsell · d8714472
```
Escape properly the elements on the dashboard xseries upsell template
```
  Simon Chen committed Mar 23, 2016
  d8714472 Browse Files
- Merge branch 'master' into schen/xss-fix-dashboard-course-upsell · 97590928
  Simon Chen committed Mar 23, 2016
  
  97590928 Browse Files
- making the welcome_back template safe · d64b6d35
  Sanford Student committed Mar 23, 2016
  
  d64b6d35 Browse Files
- Merge pull request #11917 from edx/efischer/fix_safe_linter · 41c1c30f
```
Safe template linter should use DOTALL
```
  Eric Fischer committed Mar 23, 2016
  41c1c30f Browse Files
- Safe template linter should use DOTALL · 7cfa0fa1
```
MULTILINE has to do with how '^' and '$' behave, DOTALL will make the
'.' match newlines as well. This catches several failures that were
previously missed.
```
  Eric Fischer committed Mar 23, 2016
  7cfa0fa1 Browse Files
- Merge pull request #11912 from edx/dan-f/fix-accidental-extra-escaping · 08ddeca4
```
Fix accidental extra escaping
```
  Daniel Friedman committed Mar 23, 2016
  08ddeca4 Browse Files
- Escape properly the elements on the dashboard xseries upsell template · 79783800
  Simon Chen committed Mar 23, 2016
  
  79783800 Browse Files
- Mark register-sidebar template safe by default · d44b4d28
  Akiva Leffert committed Mar 23, 2016
  
  d44b4d28 Browse Files
- Fix accidental extra escaping · 56b11962
  Daniel Friedman committed Mar 23, 2016
  
  56b11962 Browse Files
- Secure templates used to inject Segment and Optimizely · a104d82e
  Renzo Lucioni committed Mar 23, 2016
  
  a104d82e Browse Files
- This appears to actually be in UTC (not in the django TZ default). · 06f5e499
```
You can see the times are marked +00:00 for the ISO 8601 format date and
I see no code in the backend that tries to convert.
```
  Kevin Falcone committed Mar 23, 2016
  06f5e499 Browse Files
- Merge pull request #11893 from edx/dan-f/make-cms-activation_invalid-safe · 679cdc37
```
Make CMS activation_invalid template safe by default
```
  Daniel Friedman committed Mar 23, 2016
  679cdc37 Browse Files