DGNum/demarches-normaliennes
11
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity
10448 commits 250 branches 1166 tags 78 MiB
Commit graph

38 commits

Author SHA1 Message Date
Pierre de La Morinerie
968e470684 config: never cache rails-generated pages 
This instruct browsers to never cache content directly generated by the
controllers. This includes HTML pages, JSON responses, PDF files, etc.

This is because Some mobile browsers have a behaviour where, although
they will delete the session cookie when the browser shutdowns, they
will still serve a cached version of the page on relaunch.

The CSRF token in the HTML is then mismatched with the CSRF token in the
session cookie (because the session cookie has been cleared). This
causes form submissions to fail with an
"ActionController::InvalidAuthenticityToken" exception.

To prevent this, tell browsers to never cache the HTML of a page.
(This doesn’t affect assets files, which are still sent with the proper
cache headers).

See https://github.com/rails/rails/issues/21948
 2020-04-14 18:29:17 +02:00
Paul Chavard
7478a51846 [GraphQL] use official skylight support 2020-01-28 15:39:37 +01:00
Pierre de La Morinerie
68f5aae99d autosave: add feature test 2019-11-21 14:00:06 +01:00
Paul Chavard
65e227c44b Migrate to flipper 2019-09-10 16:10:14 +02:00
pedong
fc8cebd78d add Gem rack_attack for prevent attack brute-force 2019-08-20 13:29:29 +02:00
Paul Chavard
6cfad01d12 Stop using Flipflop as switch for weekly_overview 2019-07-31 15:15:09 +02:00
Paul Chavard
3cb39c2840 Refactor message attachements to use active_storage 2019-07-10 15:35:29 +02:00
Frederic Merizen
d54a0a4612 Fix link to procedure brouillon in manager 2019-03-04 15:03:30 +01:00
Frederic Merizen
31ca0552ab [#835] Extract avis creation into concern 2018-11-06 15:44:43 +01:00
Frederic Merizen
6a43be4f39 [#835] Extra paths deserve eagler loading in production too 2018-11-06 15:44:43 +01:00
Frederic Merizen
02fa30c83b [#835] Remove redundant values from autoload_paths 
(Level 1 subdirectories of app are already globbed by default rails config)
 2018-11-06 15:44:43 +01:00
simon lehericey
5aee0e7d40 Config: setup Paris time_zone 2018-10-26 10:10:20 +00:00
gregoirenovel
6eeba14885 Enable Style/WordArray 2018-10-03 12:03:21 +02:00
Paul Chavard
ebc7044743 Get app url from ENV 2018-08-21 15:42:06 +02:00
Mathieu Magnin
20a3f86729 Dotenv-rails should be defined a the very top of the gemfile 2018-08-21 15:41:06 +02:00
Paul Chavard
78a9365fe1 Package mailjet widget with webpack 2018-08-01 16:54:39 +02:00
Paul Chavard
da8ad1f3e2 Remove external scripts from mailjet widget 2018-05-17 13:27:27 +02:00
gregoirenovel
e26f4148ff Bump development gems 
- brakeman
- rubocop
- scss_lint
 2018-03-06 16:17:22 +01:00
gregoirenovel
fe7f8da636 Revert "Bump development gems" 
This reverts commit d6ad3fc3fd.
 2018-03-06 15:11:26 +01:00
gregoirenovel
d6ad3fc3fd Bump development gems 
- brakeman
- rubocop
- scss_lint
 2018-03-06 10:36:35 +01:00
gregoirenovel
0af270faa0 tps.apientreprise.fr -> demarches-simplifiees.fr 2018-03-01 10:33:53 +01:00
Frederic Merizen
fe4e57af6c [Fix #1389] Force French language 
In #1383, a misconfigured gem was corrupting a global I18n variable
that was persisten across requests, resulting in #1389, #1392 and #1398.

This commit prevents future corruptions of locales.
 2018-02-08 16:20:32 +01:00
Mathieu Magnin
b16366f2fd Disable Skylight in staging 2017-11-23 18:18:23 +01:00
gregoirenovel
962f1d63ba Enable skylight in staging 2017-11-16 18:10:42 +01:00
Simon Lehericey
719893c7c2 Gestionnaire Dossier Show: add u to the allowed tag list 2017-10-17 12:29:57 +02:00
gregoirenovel
51f57d983e Use ActiveJob 2017-10-05 15:42:48 +02:00
gregoirenovel
40d49aee1f Add the Muli Regular and Bold fonts 2017-04-20 12:18:14 +02:00
gregoirenovel
548e8ce079 [Fix #68] Remove reference to application_split2.scss 
It has been removed in 6a261d1
 2017-04-06 12:18:54 +02:00
Simon Lehericey
254c2319e9 Remove Rails Deprecation 
ActiveRecord::Base.raise_in_transactional_callbacks= is deprecated, has no effect and will be removed without replacement
 2017-02-21 10:53:09 +01:00
Xavier J
a4b67ec1be test 2 2016-02-12 13:57:25 +01:00
Xavier J
e7570564f8 Add downloader for upload files outwards of public folder 2016-01-05 15:53:01 +01:00
Xavier J
92d57db91d - migrate page show to edit for procedure admin 
- create new page show for procedure admin
 2015-12-04 16:17:35 +01:00
Xavier J
2b6aba16ac - valid siren on create file 2015-12-03 15:02:22 +01:00
Tanguy PATTE
fe3f235860 include philippe notes 2015-09-02 17:34:13 +02:00
Tanguy PATTE
187e1c332e change asset configuration 2015-09-01 16:59:03 +02:00
Xavier J
ef306cb1be Changement nom admi_facile => TPS dans les sources. 2015-09-01 14:17:12 +02:00
Tanguy PATTE
88b663a514 move check email params in validator 2015-08-21 11:37:13 +02:00
Xavier J
b5b83e939a First Commit 2015-08-10 11:05:06 +02:00