Anton Khorev
b29d2a9243
Increase font size in search form
2024-06-01 08:19:31 +03:00
Anton Khorev
6d25f54b0b
Replace search button text with svg icon
2024-06-01 08:19:31 +03:00
Tom Hughes
c36f09b28d
Merge remote-tracking branch 'upstream/pull/4843'
2024-05-30 16:33:59 +01:00
Tom Hughes
d74e7628fe
Merge remote-tracking branch 'upstream/pull/4857'
2024-05-30 16:22:38 +01:00
Tom Hughes
15e86708f1
Merge remote-tracking branch 'upstream/pull/4847'
2024-05-30 16:20:54 +01:00
Nenad Vujicic
523d36bbaa
Fixed "or divider" issue described in #4773 by adding mb-2 below "or" divider
2024-05-30 12:02:35 +02:00
Milan Cvetkovic
15623aa35a
Social sign-in: avoid re-authorization in users_controller#create
...
It does not add any additional guards against malicious users:
Malicious user may attempt to invoke `POST /users/new` with bogus
values for `auth_provider` and `auth_uid` resulting
with a new account to which user would have a way to login, other than
sending a password reset request.
In some cases, re-authorization would introduce additional
"Please login to your social account", or "Are you sure you want to be logged in"
popup triggered by identity provider.
This PR removes the re-authorization request from `POST /users/new` in authorization flow.
2024-05-30 05:43:45 +00:00
Tom Hughes
d86d2067ee
Merge remote-tracking branch 'upstream/pull/4860'
2024-05-29 19:18:23 +01:00
Andy Allan
9adae1c523
Re-enable autocomplete for passwords
...
Regression for c4347c8d9a
2024-05-29 19:02:25 +01:00
Andy Allan
979d616c38
Re-enable translations for password field
...
Fixes regression introduced in c4347c8d9a
2024-05-29 18:48:01 +01:00
Tom Hughes
2029133a85
Merge remote-tracking branch 'upstream/pull/4859'
2024-05-29 18:47:04 +01:00
Tom Hughes
b5dd8c19b9
Merge remote-tracking branch 'upstream/pull/4849'
2024-05-29 17:52:40 +01:00
Andy Allan
c1cccd40fc
Move check_api_readable to api_controller
...
It's easier to skip the check in the two places that we need to, and
include it by default everywhere else.
2024-05-29 14:54:16 +01:00
Andy Allan
f2aaec4735
Standardise on avoiding except lists for check_api_readable
...
Although this is technically duplicative, it's much easier to read
and therefore to maintain, particularly if you put the _readable one
first.
2024-05-29 14:51:47 +01:00
Andy Allan
995bfa91ff
Remove duplicate database status checks
...
These are already done as part of the api checks
2024-05-29 14:51:20 +01:00
Andy Allan
91fc588556
Add api_status checks for user preferences API
2024-05-29 14:51:20 +01:00
Martin Raifer
ed15352f56
reintroduce unsafe-eval CSP rule for iD
...
fixes https://github.com/openstreetmap/iD/issues/10265
2024-05-29 11:26:08 +02:00
Nenad Vujicic
1d35daa0b5
Fixed "auth_button_preferred alignment" issue described in #4773
2024-05-29 11:20:13 +02:00
Tom Hughes
d3d0da0328
Fix new rubocop warnings
2024-05-28 17:39:33 +01:00
Tom Hughes
a90302aecf
Merge remote-tracking branch 'upstream/pull/4842'
2024-05-27 15:11:16 +01:00
Tom Hughes
2c9043283e
Merge remote-tracking branch 'upstream/pull/4828'
2024-05-27 15:05:43 +01:00
Tom Hughes
49b98c1fdd
Merge remote-tracking branch 'upstream/pull/4846'
2024-05-27 15:00:51 +01:00
Milan Cvetkovic
22bceff40b
Add proper referrer for authorization scenario
...
Fixes the following:
- `users_controller#new` loses referer in authorization scenario, when it was invoked after social signup succeded
- the second invocation of `auth_success`, triggered by re-authorization initiated from `users_controller#create`
does not have referrer field set
- as a result, the final welcome screen does not offer final authorization, and drops into ID instead
Introduced by #4758 .
2024-05-27 13:31:20 +00:00
Tom Hughes
8e5dbbc09f
Merge remote-tracking branch 'upstream/pull/4844'
2024-05-27 10:52:32 +01:00
Tom Hughes
7a5524c854
Merge remote-tracking branch 'upstream/pull/4838'
2024-05-27 10:48:30 +01:00
Tom Hughes
26af28b7cb
Merge remote-tracking branch 'upstream/pull/4837'
2024-05-27 10:46:38 +01:00
Tom Hughes
94afd0df1c
Merge remote-tracking branch 'upstream/pull/4836'
2024-05-27 10:44:26 +01:00
Tom Hughes
d8332d0572
Merge remote-tracking branch 'upstream/pull/4835'
2024-05-27 10:42:50 +01:00
Tom Hughes
c834f9afe7
Merge remote-tracking branch 'upstream/pull/4841'
2024-05-27 10:33:34 +01:00
Anton Khorev
0b0f4b36ab
Replace png directions icon with inline svg
2024-05-27 04:34:06 +03:00
Anton Khorev
1cf4bf5d98
Inline welcome/fixthemap sprites
2024-05-27 03:29:34 +03:00
Anton Khorev
e459aa9cdd
Replace way icon path with line and circles
2024-05-27 03:01:24 +03:00
Anton Khorev
38ca6a9f14
Round node icon coordinate
2024-05-27 02:56:45 +03:00
Anton Khorev
dfa1255fee
Decrease image width and height
2024-05-27 02:24:08 +03:00
Anton Khorev
4593f00d41
Group elements of rules and questions icons
2024-05-27 02:24:08 +03:00
Anton Khorev
2926be3755
Group elements of tag icon
2024-05-27 02:24:08 +03:00
Anton Khorev
e700dc3432
Group elements of way icon
2024-05-27 02:24:08 +03:00
Anton Khorev
059d395006
Group elements of node icon
2024-05-27 02:24:08 +03:00
Anton Khorev
ffa5492f66
Group elements of cross icon
2024-05-27 02:24:08 +03:00
Anton Khorev
689e629ded
Group elements of check icon
2024-05-27 02:24:08 +03:00
Anton Khorev
69c2f64c69
Remove outer group
2024-05-27 02:24:08 +03:00
Anton Khorev
494ea6f09f
Remove vertical translation
2024-05-27 02:24:08 +03:00
Anton Khorev
1f35f4ca8c
Replace cubic bezier approximations of circles with circles
2024-05-27 02:24:08 +03:00
Anton Khorev
8a88351a83
Remove invisible elements
2024-05-27 02:24:08 +03:00
Anton Khorev
95976f9eb1
Remove reference to a missing filter
2024-05-27 02:24:08 +03:00
Anton Khorev
b79e4f04b9
Truncate username in user menu
2024-05-27 01:59:32 +03:00
Anton Khorev
037e05d737
Adjust vertical alignment of user button contents
2024-05-27 01:47:25 +03:00
Anton Khorev
93d3345e25
Increase secondary nav item padding to compensate removed whitespace
2024-05-27 01:47:25 +03:00
Anton Khorev
f06e37bb68
Use Bootstrap .nav in secondary header navigation
2024-05-27 01:47:25 +03:00
Martin Raifer
416fca5703
update script-src CSP rules for iD
2024-05-26 15:24:57 +02:00
