Pierre de La Morinerie
e2b8545222
config: fix missing default list of allowed HTML tags
...
See https://github.com/rails/rails/issues/39586
2020-07-07 18:03:56 +02:00
Paul Chavard
6a24c3f812
Rails app:update
2020-07-07 18:03:56 +02:00
Pierre de La Morinerie
968e470684
config: never cache rails-generated pages
...
This instruct browsers to never cache content directly generated by the
controllers. This includes HTML pages, JSON responses, PDF files, etc.
This is because Some mobile browsers have a behaviour where, although
they will delete the session cookie when the browser shutdowns, they
will still serve a cached version of the page on relaunch.
The CSRF token in the HTML is then mismatched with the CSRF token in the
session cookie (because the session cookie has been cleared). This
causes form submissions to fail with an
"ActionController::InvalidAuthenticityToken" exception.
To prevent this, tell browsers to never cache the HTML of a page.
(This doesn’t affect assets files, which are still sent with the proper
cache headers).
See https://github.com/rails/rails/issues/21948
2020-04-14 18:29:17 +02:00
Paul Chavard
7478a51846
[GraphQL] use official skylight support
2020-01-28 15:39:37 +01:00
Pierre de La Morinerie
68f5aae99d
autosave: add feature test
2019-11-21 14:00:06 +01:00
Paul Chavard
65e227c44b
Migrate to flipper
2019-09-10 16:10:14 +02:00
pedong
fc8cebd78d
add Gem rack_attack for prevent attack brute-force
2019-08-20 13:29:29 +02:00
Paul Chavard
6cfad01d12
Stop using Flipflop as switch for weekly_overview
2019-07-31 15:15:09 +02:00
Paul Chavard
3cb39c2840
Refactor message attachements to use active_storage
2019-07-10 15:35:29 +02:00
Frederic Merizen
d54a0a4612
Fix link to procedure brouillon in manager
2019-03-04 15:03:30 +01:00
Frederic Merizen
31ca0552ab
[ #835 ] Extract avis creation into concern
2018-11-06 15:44:43 +01:00
Frederic Merizen
6a43be4f39
[ #835 ] Extra paths deserve eagler loading in production too
2018-11-06 15:44:43 +01:00
Frederic Merizen
02fa30c83b
[ #835 ] Remove redundant values from autoload_paths
...
(Level 1 subdirectories of app are already globbed by default rails config)
2018-11-06 15:44:43 +01:00
simon lehericey
5aee0e7d40
Config: setup Paris time_zone
2018-10-26 10:10:20 +00:00
gregoirenovel
6eeba14885
Enable Style/WordArray
2018-10-03 12:03:21 +02:00
Paul Chavard
ebc7044743
Get app url from ENV
2018-08-21 15:42:06 +02:00
Mathieu Magnin
20a3f86729
Dotenv-rails should be defined a the very top of the gemfile
2018-08-21 15:41:06 +02:00
Paul Chavard
78a9365fe1
Package mailjet widget with webpack
2018-08-01 16:54:39 +02:00
Paul Chavard
da8ad1f3e2
Remove external scripts from mailjet widget
2018-05-17 13:27:27 +02:00
gregoirenovel
e26f4148ff
Bump development gems
...
- brakeman
- rubocop
- scss_lint
2018-03-06 16:17:22 +01:00
gregoirenovel
fe7f8da636
Revert "Bump development gems"
...
This reverts commit d6ad3fc3fd
.
2018-03-06 15:11:26 +01:00
gregoirenovel
d6ad3fc3fd
Bump development gems
...
- brakeman
- rubocop
- scss_lint
2018-03-06 10:36:35 +01:00
gregoirenovel
0af270faa0
tps.apientreprise.fr -> demarches-simplifiees.fr
2018-03-01 10:33:53 +01:00
Frederic Merizen
fe4e57af6c
[ Fix #1389 ] Force French language
...
In #1383 , a misconfigured gem was corrupting a global I18n variable
that was persisten across requests, resulting in #1389 , #1392 and #1398 .
This commit prevents future corruptions of locales.
2018-02-08 16:20:32 +01:00
Mathieu Magnin
b16366f2fd
Disable Skylight in staging
2017-11-23 18:18:23 +01:00
gregoirenovel
962f1d63ba
Enable skylight in staging
2017-11-16 18:10:42 +01:00
Simon Lehericey
719893c7c2
Gestionnaire Dossier Show: add u to the allowed tag list
2017-10-17 12:29:57 +02:00
gregoirenovel
51f57d983e
Use ActiveJob
2017-10-05 15:42:48 +02:00
gregoirenovel
40d49aee1f
Add the Muli Regular and Bold fonts
2017-04-20 12:18:14 +02:00
gregoirenovel
548e8ce079
[ Fix #68 ] Remove reference to application_split2.scss
...
It has been removed in 6a261d1
2017-04-06 12:18:54 +02:00
Simon Lehericey
254c2319e9
Remove Rails Deprecation
...
ActiveRecord::Base.raise_in_transactional_callbacks= is deprecated, has no effect and will be removed without replacement
2017-02-21 10:53:09 +01:00
Xavier J
a4b67ec1be
test 2
2016-02-12 13:57:25 +01:00
Xavier J
e7570564f8
Add downloader for upload files outwards of public folder
2016-01-05 15:53:01 +01:00
Xavier J
92d57db91d
- migrate page show to edit for procedure admin
...
- create new page show for procedure admin
2015-12-04 16:17:35 +01:00
Xavier J
2b6aba16ac
- valid siren on create file
2015-12-03 15:02:22 +01:00
Tanguy PATTE
fe3f235860
include philippe notes
2015-09-02 17:34:13 +02:00
Tanguy PATTE
187e1c332e
change asset configuration
2015-09-01 16:59:03 +02:00
Xavier J
ef306cb1be
Changement nom admi_facile => TPS dans les sources.
2015-09-01 14:17:12 +02:00
Tanguy PATTE
88b663a514
move check email params in validator
2015-08-21 11:37:13 +02:00
Xavier J
b5b83e939a
First Commit
2015-08-10 11:05:06 +02:00