cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11229 commits 4 branches 1 tag 499 MiB
Commit graph

2033 commits

Author SHA1 Message Date
Tom Hughes
339d8e46ff Sanitise parameters used in URL generation 2017-06-04 20:24:53 +01:00
Tom Hughes
03a9df9288 Replace render :nothing with head 2017-06-04 20:24:53 +01:00
Tom Hughes
8412ed0bed Replace deprecated Mime::XXX with Mime[:xxx] 2017-06-03 17:33:13 +01:00
Tom Hughes
2357118c46 Avoid using format as a URL parameter name 
This prevents rails confusing it with the builtin format
parameter derived from the URL extension.
 2017-06-03 12:08:35 +01:00
Tom Hughes
80d27a7fae Sanitise parameters used in URL generation 2017-06-02 20:27:07 +01:00
Tom Hughes
ff97501ed0 Remove all use of the :text option to render 
It doesn't actually do what it says, as it sets the content type
to text/html not text/plain so is just confusing and as a result
has been deprecated in newer rails versions.
 2017-06-02 19:12:05 +01:00
Tom Hughes
9b89d4eefe Remove conditions from delete_all 
Passing conditions directory to delete_all is deprecated
in rails 5.0 so use a separate where instead.
 2017-06-02 16:33:48 +01:00
Tom Hughes
5b33f3f8e3 Fix rubocop warnings 2017-06-02 00:08:30 +01:00
Andy Allan
060230fb94 Ensure closed changesets appear in the feed, and update some misleading comments. 2017-06-01 15:43:51 +01:00
Tom Hughes
7c9229fbfc Throw an exception if adding a note comment fails 2017-03-13 14:49:16 +00:00
Simon Poole
9606e440bc Return maximum size of bounding box for note retrieval 2017-03-13 08:53:49 +01:00
Tom Hughes
5cdb835de3 Show offline/readonly messages as normal flash messages 2017-03-10 16:30:04 +00:00
Tom Hughes
33669daefb Do more preloading in browse controller methods 
Fixes #1476
 2017-03-07 09:10:24 +00:00
Tom Hughes
88d16deadd Detect a timeout encapsulated in ActionView::Template::Error 
Fixes #1476
 2017-03-06 17:50:09 +00:00
Han Chao
49a7921ec8 Use local api to export map.osm 
Closes #1282
 2017-03-05 10:37:25 +00:00
Tom Hughes
c5ef6404f5 Improve the content security policy 2017-03-01 22:38:24 +00:00
Tom Hughes
428e7d6baa Merge remote-tracking branch 'openstreetmap/pull/1467' 2017-02-26 22:22:48 +00:00
Simon Poole
12013f60a0 Externalize message about missing OAuth capabilities/permissions and make it less technical 2017-02-26 21:43:43 +01:00
Tom Hughes
40a8e5caf5 Add support for Content-Security-Policy 
Currently this is report only, and disabled unless a report URL has
been set in the application configuration.
 2017-02-26 19:48:13 +00:00
Tom Hughes
af72cb51e9 Fix rubocop warnings 2017-02-18 16:18:04 +00:00
Simon Poole
58c61c7962 Actually use user_block 2017-02-18 16:17:46 +01:00
Simon Poole
823f6b4d36 Add functionality to return a specific message for zero hour blocks 2017-02-18 13:53:21 +01:00
Tom Hughes
9fb382eaa9 Initialise locale before looking up user blocked error 2017-02-17 19:59:06 +00:00
Tom Hughes
e23541c20f Allow a POST with no arguments to trace#edit to fetch the form 2017-02-13 10:09:43 +00:00
Tom Hughes
c439f957ae Only add traces for POST requests 2017-02-09 21:07:44 +00:00
Tom Hughes
92fe7a8506 Only create diary entries for POST requests 2017-02-09 21:07:18 +00:00
Tom Hughes
afa82bd2b1 Render message properly on error 2017-02-09 20:20:55 +00:00
Tom Hughes
4709d90594 Only send messages for POST requests 2017-02-09 19:37:48 +00:00
Tom Hughes
94ab5c3635 Make TraceController#list sort by id instead of timestamp 
The effect is much the same but id is guaranteed to give a stable
sort if two traces have the same timestamp.
 2017-02-05 16:18:56 +00:00
Tom Hughes
c8671c137a Update rubocop 2017-02-05 11:12:37 +00:00
Tom Hughes
96c91757fc Don't try and look up traces until the user is logged in 
Fixes #1411
 2017-01-11 21:11:37 +00:00
Tom Hughes
777b19c775 Make export action send TOTP cookie 2017-01-02 22:51:18 +00:00
Tom Hughes
9a82ae069a Remove dot prefix from cookie domain 2017-01-02 21:33:58 +00:00
Tom Hughes
d83cc0f15b Reduce TOTP cookie expiry to one hour 2017-01-02 21:17:37 +00:00
Tom Hughes
17135cad03 Add support for generating TOTP cookies 
This allows other sites in the openstreetmap.org domain to validate
that requests are coming from a www.openstreetmap.org user.
 2017-01-02 19:01:01 +00:00
Tom Hughes
c8f26592a7 Fix rubocop warnings 2016-12-02 22:01:40 +00:00
Tom Hughes
ec6e096274 Remove redundant creation of an exception object 2016-12-02 09:38:18 +00:00
Matt Amos
8b03371e10 Make API and web roll back any open transactions on timeout 
By default the exception thrown by Timeout::timeout is caught
using Kernel::catch so that it cannot be stopped by intermediate
exception handlers. The problem with that is that it stops any
database transactions that were in progress being rolled back
because they never see the exception.

Fortunately passing a class to Timeout::timeout changes it's
behaviour so that the exception is thrown and caught in the normal
way, allowing the database transactions to rollback.
 2016-12-02 09:31:45 +00:00
Andy Allan
f464e2a6e9 Suppress XML parsing errors. 
This technique was already used in app/models/changeset.rb

This suppresses the error messages when parsing invalid XML, but
the exceptions are still raised, as tested in test_from_xml_double_lat
in test/models/node_test.rb
 2016-10-26 10:35:03 +01:00
Tom Hughes
e17b89e89f Fix rubocop warnings 2016-10-20 22:35:51 +01:00
Mikel Maron
be40536440 merge upstream/master and resolve conflicts from https://github.com/openstreetmap/openstreetmap-website/pull/1318 2016-10-12 10:52:05 -04:00
Andy Allan
41e05f0929 Remove unnecessary controller references from the redirect hashes. 
Rails redirect_to uses the current controller by default, so there
is no need to re-iterate this in the code when the redirect targets
the current controller.

The short-form is already used elsewhere, this just tidies up those
which were still using the long-form.
 2016-10-12 14:32:49 +01:00
Mikel Maron
a32076abd6 fix rubocop warnings 2016-10-07 06:32:05 -04:00
Mikel Maron
e055eaf690 tests passing 2016-10-06 21:33:47 -04:00
Mikel Maron
3c01d2e80d more idiomatic models for diary entry subscriptions 2016-10-06 20:31:10 -04:00
Andy Allan
3f698e1d15 Fix bugs->notes in comment 2016-10-06 08:59:24 +01:00
Mikel Maron
44b08cc35d not api endpoints, moved to button, fixed notifier message, fixed tests 2016-10-03 22:20:04 -04:00
Mikel Maron
443080d7b0 WIP diary comment subscriptions 2016-10-03 15:04:22 -04:00
Tom Hughes
d73128271f Fix rubocop warnings 2016-09-26 12:38:54 +01:00
Sarah Hoffmann
5efbc8a8b7 look for extra place tags in Nominatim search results 
Administrative boundaries at municipality level are generally
better described by the place node (as town, village etc.).
Nominatim exports the place type in extratags if it was able
to merge place nodes with admin boundaries. Use this preferably
to create the descriptive term.
 2016-09-26 13:00:10 +02:00