Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,343 Commits 1 Branch 0 Tags
e4206265ccddfe3e71a88dfee7bb63ef925e7dc4
Commit Graph

5309 Commits

Author SHA1 Message Date
jawad khan
5025a3ffd9 feat!: remove "Text Me the App" page from web app because of security concern 
Someone at edx was able to quickly send a few texts to himself using the tool.
Each text came from a different number and there was no message about the ability to unsubscribe or stop.
This could potentially be used to spam users as well as potentially result in charges to edX for high volume.

page url https://courses.edx.org/text-me-the-app
LEARNER-8286
 2021-03-30 23:38:24 +05:00
Adam Blackwell
dd69020de1 fix: Add space after comma in legacy unenroll message. (#27177) 2021-03-30 10:48:44 -04:00
Saad Yousaf
b6b8c3b8d6 [TNL-7970] - Convert anonymized id report code to an instructor task. (#26778) 
Co-authored-by: SaadYousaf <saadyousaf@A006-00314.local>
 2021-03-11 11:48:35 +05:00
AsadAzam
e797fec0df added iframe mfe overrides (#26824) 
* added iframe mfe overrides

* Added import to rtl

* Refactored

* Added comment
 2021-03-10 19:06:51 +05:00
Ali Akbar
6259a82059 Merge pull request #26866 from edx/aakbar/PROD-2293 
fix override error message
 2021-03-09 14:55:35 +05:00
Zainab Amir
a39befb548 VAN-113: Add error code for registration workflow (#26821) 2021-03-08 18:09:26 +05:00
Ali-D-Akbar
7aa5e27201 fix override error message 2021-03-05 17:27:56 +05:00
Carla Duarte
368df80c05 Merge pull request #26838 from edx/ciduarte/AA-517 
AA-517: fix duplicate IDs in MessageBannerView
 2021-03-04 09:46:26 -05:00
Carla Duarte
5868e3aef8 AA-517: fix duplicate IDs in MessageBannerView 2021-03-03 16:29:11 -05:00
Sarina Canelake
e15e372233 Merge pull request #26772 from edx/sarina/DEPR-142-TNL-7522 
Remove the "role of users being enrolled" field from Instructor Dashboard
 2021-03-03 08:57:16 -05:00
alangsto
0846e04f45 update exam attempt table css (#26802) 
Add hover for accordion

update edx-proctoring version
 2021-03-02 12:33:49 -05:00
sarina
3ef0f626a0 feat! Remove JS validation for Role field in batch enroll feature 2021-02-28 18:40:16 -05:00
Gábor Boros
ed58d45bd5 fix: remove absolute positioning to allow RTL scrolling (#26093) 2021-02-24 11:14:21 -05:00
Justin Hynes
0de1d2b89a MICROBA-908 | Prevent overlap of allowlist and blocklist [WIP] 
[MICROBA-908]
- When adding a learner to the allowlist we now check if they have an invalidated certificate on the blocklist
- Refactor some pieces of the Certificate Invalidation flow
- Make it so an error message is displayed when trying to add someone to CertificateInvalidation list if they already appear on the Allowlist
- Add support to pass back and display an error message to Instructor Dashboard UI if a learner already appears on the certificate invalidation list when attempting to create certificate exceptions in bulk
- Add python tests for backend changes
- Disable xss linting warnings in certificate_bulk_whitelist.js (checked with security group first)
 2021-02-24 09:25:13 -05:00
Kyle McCormick
6d78f6aab2 fix: staff debug actions depended on legacy courseware URL (#26658) 
The Staff Debug Actions didn't work in the Learning MFE
because the underlying JS depended on the URL being
formatted as /courses/<course_key>/... in order to
parse out the course key. This worked in the legacy
experience, but breaks in the chromeless xblock view,
which is rendered under the URL /xblock/<usage_key>/...

The fix is to explicitly pass the course key into the
templated courseware HTML as a data attribute.

TNL-7955
 2021-02-22 15:14:31 -05:00
Lunyachek
5906bdedad Fix sidebar width on course about page when screen resolution less than 768px (#26056) 2021-02-19 16:16:21 -05:00
Zainab Amir
01501335fc VAN-392: suppress PII from logistration error messages (#26629) 2021-02-19 19:04:54 +05:00
Ali-D-Akbar
c3bfe323de PROD-2195 2021-02-16 18:09:38 +05:00
Ali-D-Akbar
2e5b2704a2 PROD-2191 2021-02-16 18:06:18 +05:00
Ali-D-Akbar
86ce42abb7 PROD-2194 2021-02-16 17:40:47 +05:00
Bianca Severino
1d667e8b0f Add onboarding status view to instructor dashboard 2021-02-11 15:32:13 -05:00
Matt Hughes
02d0b474e7 Merge pull request #219 from edx/matthugs/EDUCATOR-5555-a11y-js-code-for-notes-needs-to-handle-tags-better 
Fix XSS vector for a11y text attached to notes editor
 2021-02-08 16:54:49 -05:00
Ali-D-Akbar
1847bee0ad PROD-2084 2021-02-01 15:32:27 +05:00
Ali Akbar
0aa1b8f2bf Merge pull request #214 from edx/IM/security-fixes-5 
Incident Management Security Fixes 5
 2021-01-29 16:55:08 +05:00
Matt Hughes
b0a1166470 Fix XSS vector for a11y text attached to notes editor 
JIRA:SEC-1164
 2021-01-26 16:36:58 -05:00
Ali Akbar
4537aa6124 Merge pull request #26022 from edx/aakbar/PROD-2218 
disable xsslint
 2021-01-26 14:31:19 +05:00
Waheed Ahmed
fc8f189084 Update Facebook color. 
Updated Facebook SSO button color acccording to their brand
guidelines.

VAN-296
 2021-01-22 17:59:58 +05:00
azanbinzahid
3cb1260fbd PROD-2207 2021-01-20 00:42:36 +05:00
azanbinzahid
7f6b81a969 PROD-2204 2021-01-20 00:42:35 +05:00
azanbinzahid
30c30740d7 PROD-2203 2021-01-20 00:42:35 +05:00
Jayram
5a9e12dd96 [ADD] user account registration endpoint for api-docs 
Added alias for /user_api endpoints

FIX quality violations

IMPROVED urls_common for readability

Removed redundant URL entry from urls_common file
 2021-01-15 03:59:16 +00:00
Saad Yousaf
cf8c0bbec7 Merge pull request #26028 from edx/saad/TNL-7820 
[TNL-7820] - remove important rule for links on hover.
 2021-01-13 12:02:41 +05:00
Zainab Amir
2e6e360f03 fix login cookie parse issue (#26032) 2021-01-12 22:45:21 +05:00
SaadYousaf
c6a661820f [TNL-7820] - remove important rule for links on hover. 2021-01-11 14:35:53 +05:00
Ali-D-Akbar
71a3f0d68d disable xsslint 2021-01-09 01:28:32 +05:00
Ali Akbar
0e2d12fc7c Merge pull request #213 from edx/IM/security-fixes-4 
Incident Management Security Fixes 4
 2021-01-08 21:46:05 +05:00
Tobias Macey
50bb70298c Added a configuration flag to force third party auth (#24789) 
This adds a toggle to allow operators to prevent user registration and login via username/password authentication, forcing the platform to only support login and registration using third-party auth such as SAML.

Co-authored-by: Umar Asghar <mrumarasghar@gmail.com>
 2021-01-07 09:55:27 -05:00
azanbinzahid
cd1d07b081 PROD-2210 2021-01-06 11:36:36 +05:00
azanbinzahid
6c514eb9dc PROD-2200 2021-01-06 11:36:36 +05:00
azanbinzahid
3ed0f7d8ea PROD-2196 2021-01-06 11:36:36 +05:00
azanbinzahid
bee77a2c7f PROD-2190 2021-01-06 11:36:36 +05:00
azanbinzahid
7c60e39a72 PROD-2184 2021-01-06 11:36:36 +05:00
azanbinzahid
7788b9ea62 PROD-2185 2021-01-06 11:36:36 +05:00
Ali-D-Akbar
f45b526692 PROD-2188 
PROD-2188
 2021-01-06 11:36:36 +05:00
Michael Terry
c3baf5c19e Merge pull request #25972 from edx/mikix/banner-cta-tweaks 
AA-505: Some design updates for courseware "shift dates" UI
 2021-01-05 13:28:37 -05:00
Ali-D-Akbar
6cdcfb9f72 Merge branch 'master' into private_to_public_d93abb8 2021-01-05 11:43:25 +05:00
Michael Terry
d000eb4f67 AA-505: Some design updates for courseware "shift dates" UI 
- Makes the action buttons underneath problems into link buttons
  instead of push buttons. Per UI team
- Updates some colors of status pills like "Past due" or "Completed"
 2021-01-04 13:29:58 -05:00
Ali Akbar
278e66e34c disable xsslint (#25951) 
* disable xsslint

* fix quality errors

* disable xsslint
 2021-01-04 22:48:22 +05:00
Ali Akbar
d93abb8d6e Merge pull request #212 from edx/IM/security-fixes-3 
Incident Management Security Fixes 3
 2021-01-04 18:41:49 +05:00
Awais Jibran
90776770dc Revert ".is-hidden" CSS hack and related hint fix (#25938) 
Reverts two PRs:
* "Fix hiding of completion/bookmark indicators in legacy courseware (#25919)"
* "Fix hint show" (#25930)

TNL-7845
 2020-12-23 11:35:25 -05:00