Discourse/discourse
Discourse/discourse
0
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-05-04 12:31:08 +08:00
Code Packages Activity Actions
discourse/app/views/user_notifications/digest
History
Exact
Isaac Janzen 4c0367f774
DEV: Strip unsubscribe links when sending digest previews to arbitrary addresses (#38298) 
# Problem

When an admin sends a digest preview to an arbitrary email address, the
email contained functional unsubscribe links belonging to the target
user, allowing the recipient to unsubscribe that user without their
consent.

# Solution

Pass `skip_unsubscribe_links: true` when generating preview digests,
which skips `UnsubscribeKey` creation and suppresses unsubscribe content
from both email headers and body templates at the source.
2026-03-05 13:58:51 -06:00
..
_custom_header.erb
_footer.html.erb DEV: Strip unsubscribe links when sending digest previews to arbitrary addresses (#38298) 2026-03-05 13:58:51 -06:00
_footer.text.erb DEV: Strip unsubscribe links when sending digest previews to arbitrary addresses (#38298) 2026-03-05 13:58:51 -06:00
_header.html.erb
_header.text.erb
_new_topic.html.erb
_new_topics.html.erb
_other_new_topics.text.erb
_popular_post.html.erb
_popular_posts.html.erb
_popular_posts.text.erb FIX: Move custom digest text to correct spot (#33912) 2025-07-29 10:54:52 -05:00
_popular_topic.html.erb
_popular_topics.html.erb FIX: Move custom digest text to correct spot (#33912) 2025-07-29 10:54:52 -05:00
_popular_topics.text.erb FIX: Move custom digest text to correct spot (#33912) 2025-07-29 10:54:52 -05:00
_stats.html.erb
_styles.html.erb