Commit graph

55 commits

Author SHA1 Message Date
Pierre de La Morinerie
70104d7059 config: avoid blocking legitimate requests from mobile ISPs 2021-03-11 18:28:10 +01:00
Pierre de La Morinerie
fb305e31c4 config: move application_name to an initializer
It seems cleaner not to require a file before the Rails configuration
runs.
2021-02-24 15:06:55 +01:00
Pierre de La Morinerie
211ddeda45 config: enable zeitwerk
Check that everything works using
bin/rails zeitwerk:check
2021-02-11 12:30:43 +01:00
Fabrice Gangler
60d6b1909d Fix for using APPLICATION_NAME in .env file
Refs: #5450
2020-08-28 03:46:19 +02:00
Judith
af25fdd77c gem http_accept_language installed and (de)activable with feature flag 2020-08-27 16:15:01 +02:00
Pierre de La Morinerie
d77efec7a0 config: enable active_record.belongs_to_required_by_default 2020-08-18 15:57:37 +02:00
Pierre de La Morinerie
ededf5c6c5 config: don't explicitely eager-load lib/
Rationale:

- `lib/` is supposed to contain code mostly independant from Rails;
- By default, Rails doesn't eager-load `lib/` anymore (this used to be
the case, but since a few releases).

If this commits triggers some errors, then these errors should be fixed
(rather that `lib/` being added again to the load path).
2020-08-18 11:02:09 +02:00
Pierre de La Morinerie
c514898b84 config: don't explicitely eager-load controllers/concerns
Per the documentation, Rails automatically loads `**/concerns` paths.

See https://guides.rubyonrails.org/autoloading_and_reloading_constants_classic_mode.html#autoload-paths-and-eager-load-paths
2020-08-18 11:02:09 +02:00
Pierre de La Morinerie
527a330c7a config: use Rails 6.0 config defaults
We already flipped the new defaults, so this is a no-op.
2020-08-05 17:22:46 +02:00
Pierre de La Morinerie
bc0244456c config: explicitely use the classic autoloader
I'm sure we can use zeitwerk in the future, but let's retain the classic
loader until the config issues are proved to be safe.
2020-08-05 17:22:46 +02:00
Pierre de La Morinerie
a1be888f7c config: use Rails 5.2 config defaults 2020-08-05 16:48:29 +02:00
Pierre de La Morinerie
0d55919fab config: use Rails 5.1 defaults
New or changed defaults are:

- config.assets.unknown_asset_fallback: false
- config.action_view.form_with_generates_remote_forms: true
2020-08-05 13:02:56 +02:00
clemkeirua
3340a2b091 ajout du nom d'application tot au demarrage
The application name is used in the views, but also in the initializers and in the config/ directory

According to rails doc (https://guides.rubyonrails.org/v6.0/configuring.html#locations-for-initialization-code),
if we want to do some things before the initializers and the environment, the only place to do so is in config/application.rb
2020-07-23 16:16:36 +02:00
Pierre de La Morinerie
b192b48fc7 config: use Rails 5.0 options
Stop overriding Rails 5.0 options, and use the framework defaults.

(Except for `active_record.belongs_to_required_by_default`, which is a
lot of work and will be fixed later.)
2020-07-20 15:54:48 +02:00
clemkeirua
68b37cf6aa config: make default Rails 5 config explicit 2020-07-08 11:00:12 +02:00
Pierre de La Morinerie
e2b8545222 config: fix missing default list of allowed HTML tags
See https://github.com/rails/rails/issues/39586
2020-07-07 18:03:56 +02:00
Paul Chavard
6a24c3f812 Rails app:update 2020-07-07 18:03:56 +02:00
Pierre de La Morinerie
968e470684 config: never cache rails-generated pages
This instruct browsers to never cache content directly generated by the
controllers. This includes HTML pages, JSON responses, PDF files, etc.

This is because Some mobile browsers have a behaviour where, although
they will delete the session cookie when the browser shutdowns, they
will still serve a cached version of the page on relaunch.

The CSRF token in the HTML is then mismatched with the CSRF token in the
session cookie (because the session cookie has been cleared). This
causes form submissions to fail with an
"ActionController::InvalidAuthenticityToken" exception.

To prevent this, tell browsers to never cache the HTML of a page.
(This doesn’t affect assets files, which are still sent with the proper
cache headers).

See https://github.com/rails/rails/issues/21948
2020-04-14 18:29:17 +02:00
Paul Chavard
7478a51846 [GraphQL] use official skylight support 2020-01-28 15:39:37 +01:00
Pierre de La Morinerie
68f5aae99d autosave: add feature test 2019-11-21 14:00:06 +01:00
Paul Chavard
65e227c44b Migrate to flipper 2019-09-10 16:10:14 +02:00
pedong
fc8cebd78d add Gem rack_attack for prevent attack brute-force 2019-08-20 13:29:29 +02:00
Paul Chavard
6cfad01d12 Stop using Flipflop as switch for weekly_overview 2019-07-31 15:15:09 +02:00
Paul Chavard
3cb39c2840 Refactor message attachements to use active_storage 2019-07-10 15:35:29 +02:00
Frederic Merizen
d54a0a4612 Fix link to procedure brouillon in manager 2019-03-04 15:03:30 +01:00
Frederic Merizen
31ca0552ab [#835] Extract avis creation into concern 2018-11-06 15:44:43 +01:00
Frederic Merizen
6a43be4f39 [#835] Extra paths deserve eagler loading in production too 2018-11-06 15:44:43 +01:00
Frederic Merizen
02fa30c83b [#835] Remove redundant values from autoload_paths
(Level 1 subdirectories of app are already globbed by default rails config)
2018-11-06 15:44:43 +01:00
simon lehericey
5aee0e7d40 Config: setup Paris time_zone 2018-10-26 10:10:20 +00:00
gregoirenovel
6eeba14885 Enable Style/WordArray 2018-10-03 12:03:21 +02:00
Paul Chavard
ebc7044743 Get app url from ENV 2018-08-21 15:42:06 +02:00
Mathieu Magnin
20a3f86729 Dotenv-rails should be defined a the very top of the gemfile 2018-08-21 15:41:06 +02:00
Paul Chavard
78a9365fe1 Package mailjet widget with webpack 2018-08-01 16:54:39 +02:00
Paul Chavard
da8ad1f3e2 Remove external scripts from mailjet widget 2018-05-17 13:27:27 +02:00
gregoirenovel
e26f4148ff Bump development gems
- brakeman
- rubocop
- scss_lint
2018-03-06 16:17:22 +01:00
gregoirenovel
fe7f8da636 Revert "Bump development gems"
This reverts commit d6ad3fc3fd.
2018-03-06 15:11:26 +01:00
gregoirenovel
d6ad3fc3fd Bump development gems
- brakeman
- rubocop
- scss_lint
2018-03-06 10:36:35 +01:00
gregoirenovel
0af270faa0 tps.apientreprise.fr -> demarches-simplifiees.fr 2018-03-01 10:33:53 +01:00
Frederic Merizen
fe4e57af6c [Fix #1389] Force French language
In #1383, a misconfigured gem was corrupting a global I18n variable
that was persisten across requests, resulting in #1389, #1392 and #1398.

This commit prevents future corruptions of locales.
2018-02-08 16:20:32 +01:00
Mathieu Magnin
b16366f2fd Disable Skylight in staging 2017-11-23 18:18:23 +01:00
gregoirenovel
962f1d63ba Enable skylight in staging 2017-11-16 18:10:42 +01:00
Simon Lehericey
719893c7c2 Gestionnaire Dossier Show: add u to the allowed tag list 2017-10-17 12:29:57 +02:00
gregoirenovel
51f57d983e Use ActiveJob 2017-10-05 15:42:48 +02:00
gregoirenovel
40d49aee1f Add the Muli Regular and Bold fonts 2017-04-20 12:18:14 +02:00
gregoirenovel
548e8ce079 [Fix #68] Remove reference to application_split2.scss
It has been removed in 6a261d1
2017-04-06 12:18:54 +02:00
Simon Lehericey
254c2319e9 Remove Rails Deprecation
ActiveRecord::Base.raise_in_transactional_callbacks= is deprecated, has no effect and will be removed without replacement
2017-02-21 10:53:09 +01:00
Xavier J
a4b67ec1be test 2 2016-02-12 13:57:25 +01:00
Xavier J
e7570564f8 Add downloader for upload files outwards of public folder 2016-01-05 15:53:01 +01:00
Xavier J
92d57db91d - migrate page show to edit for procedure admin
- create new page show for procedure admin
2015-12-04 16:17:35 +01:00
Xavier J
2b6aba16ac - valid siren on create file 2015-12-03 15:02:22 +01:00