Paul Chavard
|
7ffb98e616
|
Remove carrierwave uploaders
|
2019-09-10 10:49:12 +02:00 |
|
Chaïb Martinez
|
f2386a5800
|
Add crips help domaine to defaut policy src
[fix #4234]
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
|
2019-08-27 10:30:10 +02:00 |
|
simon lehericey
|
86d968bb8e
|
Use rack_attack_enabled?
We cannot enable rack attack during the tests as it interferes with features spec.
So we add a flag to enable it during the runtime.
|
2019-08-20 13:29:29 +02:00 |
|
simon lehericey
|
0f0fecdb25
|
RackAttack: use remote ip and test it !
|
2019-08-20 13:29:29 +02:00 |
|
pedong
|
fc8cebd78d
|
add Gem rack_attack for prevent attack brute-force
|
2019-08-20 13:29:29 +02:00 |
|
Nicolas Bouilleaud
|
7c7947adeb
|
Rename gestionnaire to instructeur in a comment
About an (unused for now) env var.
|
2019-08-13 10:27:49 +02:00 |
|
simon lehericey
|
3fde2a6f70
|
Rename gestionnaire in code to instructeur
|
2019-08-12 13:47:01 +02:00 |
|
maatinito
|
3703a71ea3
|
#3928 Added constants to define password min length & complexity
|
2019-08-01 17:12:14 +02:00 |
|
Pierre de La Morinerie
|
95e24392f9
|
models: remove old pieces justificatives
|
2019-07-30 16:11:17 +02:00 |
|
pedong
|
9438f962c5
|
add alert for account is locked
|
2019-07-29 17:48:44 +02:00 |
|
pedong
|
8d03a6747c
|
add lockable to User, Gestionnaire, administration, Administrateur
|
2019-07-29 17:48:44 +02:00 |
|
clemkeirua
|
99421545ab
|
replaced api-carto endpoint
|
2019-07-23 16:21:15 +02:00 |
|
Pierre de La Morinerie
|
76335511c8
|
omniauth: protect against CSRF
See https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
|
2019-07-15 18:16:00 +02:00 |
|
Paul Chavard
|
3cb39c2840
|
Refactor message attachements to use active_storage
|
2019-07-10 15:35:29 +02:00 |
|
simon lehericey
|
0f9fdf3f75
|
Activate device email change confirmation
|
2019-07-09 11:55:17 +02:00 |
|
Mathieu Magnin
|
b34f8fbe3d
|
Add ActionText
|
2019-07-03 13:15:49 +02:00 |
|
simon lehericey
|
4b154983fb
|
Landing: voir les démarches -> comment trouver ma démarche
|
2019-07-03 12:59:09 +02:00 |
|
clemkeirua
|
dfefb827d9
|
missing connect-src
|
2019-07-02 10:50:10 +02:00 |
|
clemkeirua
|
d6f2de2fbf
|
enable static + activate csp in production
|
2019-07-02 09:40:38 +02:00 |
|
clemkeirua
|
eaf850c1e9
|
enable csp
|
2019-06-27 11:10:29 +02:00 |
|
clemkeirua
|
f19b5f8911
|
fix csp rule for crisp websocket
|
2019-06-26 12:37:55 +02:00 |
|
clemkeirua
|
7064f7e973
|
enable crisp websockets and css
|
2019-06-25 17:39:08 +02:00 |
|
clemkeirua
|
d3c6021ef4
|
add duplicate rules as fallback
|
2019-06-20 11:34:24 +02:00 |
|
clemkeirua
|
dc6c2e6bc0
|
add missing elements
|
2019-06-17 17:05:08 +02:00 |
|
Nicolas Bouilleaud
|
dace9a53d3
|
Add Universign timestamp API query
|
2019-06-17 16:16:28 +02:00 |
|
clemkeirua
|
765b10026e
|
more generic elements to the security policy
|
2019-06-17 09:51:27 +02:00 |
|
Pierre de La Morinerie
|
d410e31344
|
active_storage: document the virus scan hooks
|
2019-05-28 11:39:22 +02:00 |
|
Paul Chavard
|
cc4eba2b36
|
Less mokey patching
|
2019-05-21 14:21:42 +02:00 |
|
clemkeirua
|
5cbbbb8d3e
|
more whitelist for the common domains we use
|
2019-05-20 09:52:44 +02:00 |
|
Paul Chavard
|
42235e81b1
|
Use active storage load hook to extend blob
|
2019-05-16 20:43:01 +02:00 |
|
Paul Chavard
|
348b15f595
|
Put devtools behind feature flags
|
2019-05-15 18:10:25 +02:00 |
|
clemkeirua
|
6fe4031b2e
|
use constant for localhost
|
2019-05-15 16:33:27 +02:00 |
|
clemkeirua
|
b670b60ac6
|
changement de l'URI de report-uri
|
2019-05-15 15:32:00 +02:00 |
|
Pierre de La Morinerie
|
d431eeeb93
|
carrierwave: fix typo
Turns out the `openstack_identity_api_version` has not actually been
filled out for a while, because of a typo.
|
2019-05-15 14:03:15 +02:00 |
|
Chaïb Martinez
|
3004f96cf5
|
Add video and webinar URLs to admin pages
Fix #3850
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
|
2019-05-13 17:47:02 +02:00 |
|
clemkeirua
|
675cc5150c
|
update on the security policy headers
|
2019-05-09 14:55:21 +02:00 |
|
clemkeirua
|
64b858ef19
|
handle Gon + add report-uri URL
|
2019-05-06 10:07:51 +02:00 |
|
clemkeirua
|
8582b08a98
|
add security policy
|
2019-05-06 10:07:51 +02:00 |
|
Paul Chavard
|
f113d108c9
|
Save virus scan status to blob metadata
|
2019-05-02 15:58:09 +02:00 |
|
Paul Chavard
|
b9be186d2c
|
Sentry should send environment information
|
2019-04-03 18:19:16 +02:00 |
|
Paul Chavard
|
51c79ba6a6
|
Update webpacker and replace vue with react
|
2019-04-03 14:38:07 +02:00 |
|
Frederic Merizen
|
98713b6a4d
|
Proxy for SendinBlue API
|
2019-03-08 16:33:28 +01:00 |
|
Mathieu Magnin
|
1eed114d78
|
Add status page in footer
|
2019-03-05 17:42:00 +01:00 |
|
simon lehericey
|
2920769a68
|
ActiveStorage: temp url are valid for 1 hour
|
2019-02-28 18:36:28 +01:00 |
|
Pierre de La Morinerie
|
283f110e9b
|
stats: improve numeric separators and suffixes
|
2019-02-01 11:02:37 +01:00 |
|
Pierre de La Morinerie
|
3b92fe93fc
|
stats: make groupdate week start on Monday
|
2019-01-10 16:14:14 +01:00 |
|
gregoirenovel
|
5fa5f2aa37
|
Bump development gems
- rubocop (0.61.1 → 0.62.0)
|
2019-01-05 11:47:55 +01:00 |
|
gregoirenovel
|
0596d53ac2
|
Enable the Lint/UnusedBlockArgument cop
|
2019-01-03 10:53:50 +01:00 |
|
gregoirenovel
|
8ffcc16ec5
|
Avoid EOL ifs
|
2019-01-03 10:53:50 +01:00 |
|
gregoirenovel
|
7ffe40868b
|
Use parentheses
|
2019-01-03 10:53:50 +01:00 |
|