- Fix an issue with Chrome's XSS auditor when submitting content using the rich text editor in certain scenarios.
- Prevent warnings from being inserted in an expired state.
- Fix a situation where message counts would be adjusted incorrectly when approving a thread while moving it (such as in the spam cleaner).
- Add "nofollow" to certain links related to the find new system.
- Adjust the naming of filter list cookies to be shorter and not include query string params.
- Prevent...

XenForo 正式版 1.5.14
XenForo 英文原版 去回传
- Disable the HTML5 uploader for older versions of Android (< 5, not using Chrome) due to incompatibilities.
- Prevent the HTML5 uploader from creating a horizontal scrollbar with very small windows.
- Fix an issue reverting message edits if not all of the edits could be reverted in one batch.
- Add several new indexes for performance benefits in specific cases.
- Ensure that several additional types of content are updated correctly when merging users.
- Capture errors parsing...
- Add a CAPTCHA to account confirmation email resending if you've previously requested a resend recently to limit potential abuse.
- Limit the number of times you can change your email within a short period of time to limit potential abuse.
- Insert user change log records when two-step verification is enabled/disabled.
- Log profile post and profile post comment edits to the moderator log for consistency.
- Improved PHP 7.1 support with memory limit checks and numeric input...
- Workaround a Firefox bug where the Flash uploader shows as an opaque white box.
- Support redirects in the image proxy and link title conversion process (while maintaining security).
- Improve autolinking when there are special characters (brackets and similar) immediately after a URL.
- Maintain ICC profiles when resizing with ImageMagick.
- Add extra verification to quote alerts to ensure you only get an alert when the quote is attributed to you.
- The "Facebook Open Graph...
This is fixed now. I've attached patched files. 1.5.10 has been updated (1.5.10a) to indicate that these changes have been included in the release from roughly this message.
You want to overwrite js/xenforo/bb_code_edit.js and js/xenforo/full/bb_code_edit.js with the corresponding versions from the attachment. Note that you may need to hard refresh your browser for it to get the updated JS files. -
- Add several language code/locale options for pages.
- Fix a situation where white space may not be maintained 100% when pasting code/pre-formatted into the rich text editor.
- Add a 1000 user limit to ignoring to prevent potential errors.
- Ensure that poll resetting/deleting is logged correctly.
- Automatically adjust uploaded image extensions to match their type (rather than throwing an error).
- Change NoCaptcha requests to POST to prevent a possible regular expression...
- Add several language code/locale options for pages.
- Improved compatibility with upcoming PHP 7.1 release.
- Add basic email typo detection for specific cases to reduce false positives with StopForumSpam checks.
- Indicate when a StopForumSpam result is from a general blacklisting rather than specific reports.
- Disable the rich text editor in Windows 10 Mobile Edge versions less than 14 due to problems using it.
- Fix a case where changing the price of a recurring user upgrade could cause some existing payments to not be...
- Improved compatibility with upcoming PHP 7.1 release.
- Add basic email typo detection for specific cases to reduce false positives with StopForumSpam checks.
- Indicate when a StopForumSpam result is from a general blacklisting rather than specific reports.
- Disable the rich text editor in Windows 10 Mobile Edge versions less than 14 due to problems using it.
- Fix a case where changing the price of a recurring user upgrade could cause some existing payments to not be...
This release includes fixes for 2 security-related issues reported by Julien Ahrens (from www.innogames.com). We consider these issues to be very minor and are very unlikely to be exploitable, so they have been included as part of the 1.5.8 fixes rather than as a separate patch. The issues fixed were:
- An image injection vulnerability in SWFUpload. This could allow a user to believe they were loading an image from your domain while it was being...
- The interface used by admins to update user passwords has been improved to prevent accidental changes due to autofill.
- Improved usage of cURL in the PayPal upgrade processor to ensure that requests are still successful before the TLS 1.2 transition is required.
- Remove template editor border radius due to Chrome bug with horizontal scrolling.
- Add autofocus to the full page login form.
- Prevent image BB codes from being rendered when they couldn't possibly work.
- Fix...
第 1 页 - 共 5 页