cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12784 commits 4 branches 1 tag 499 MiB
Commit graph

398 commits

Author SHA1 Message Date
Tom Hughes
e3f37bb30c Allow BMP images to be transformed 
https://github.com/rails/rails/issues/35953
https://github.com/rails/rails/pull/36051
 2019-07-16 00:24:37 +01:00
Tom Hughes
c5fc9f0e7e Run any Active Storage jobs in the storage queue 2019-07-15 22:20:48 +01:00
Tom Hughes
75e60acf66 Allow configuration of storage server URL for security policy 2019-07-09 19:43:03 +01:00
Tom Hughes
77ee8c1a53 Monkey patch Active Storage to set content type when uploading to S3 2019-07-09 19:17:56 +01:00
Tom Hughes
ba627420a3 Add support for Active Storage attachments 2019-07-09 19:17:29 +01:00
Andy Allan
3e414a5025 Use strong_migrations to help developers avoid problems in production database schema changes 2019-05-30 10:11:17 +02:00
Tom Hughes
9f57f60b87 Fix new rubocop warnings 2019-04-23 09:33:34 +01:00
Tom Hughes
9256397e46 Exclude generated i18n files from eslint checks 2019-04-06 17:16:59 +01:00
Tom Hughes
e7ab3de654 Move application.yml check to config initializer 2019-03-17 11:15:34 +00:00
Tom Hughes
141df02e67 Move status into the settings object 
Only the very early boot code needs to look at the value
from the environment directly.
 2019-03-17 11:15:34 +00:00
Andy Allan
7d57fb8c28 Add some settings validations 2019-03-13 18:06:23 +01:00
Andy Allan
d102c9aaf4 Move all settings to settings.yml 
We leave the STATUS setting alone, since it's required before rails
boots. The test-specific settings now live in config/settings/test.yml
 2019-03-13 18:06:23 +01:00
Andy Allan
7b08270526 Install config gem for settings management 2019-03-13 18:06:23 +01:00
Tom Hughes
89a4a9d59c Allow loading of our manifest 2019-02-24 22:40:01 +00:00
Tom Hughes
d74dd80540 Improve detection of browsers needing ES6 shims 2019-02-22 15:41:33 +00:00
Tom Hughes
fa0a933c24 Replace augment.js with conditional polyfills for ES5 and ES6 2019-01-30 12:11:57 +00:00
Tom Hughes
45a454c2c8 Add browser detection framework 2019-01-30 12:11:34 +00:00
Tom Hughes
df232ec96f Add noopener and noreferer to links in user generated content 2019-01-16 10:10:51 +00:00
Tom Hughes
2e14b1106e Update to sassc 2.x 2018-11-01 22:41:06 +00:00
Tom Hughes
6c2093b29d Fix new rubocop warnings 2018-09-22 17:12:29 +01:00
Tom Hughes
ed82d0a756 Only fetch client side translations for the current locale 2018-08-16 12:22:36 +01:00
Tom Hughes
5fa0aebe9f Use dynamic error pages built through the asset pipeline 
Fixes #1241
 2018-08-01 19:13:04 +01:00
Tom Hughes
98de681e47 Update to rails 5.2.0 2018-06-19 00:16:24 +01:00
Tom Hughes
4a6779abf7 Avoid using inline javascript to update message list 2018-05-30 15:30:23 +01:00
Tom Hughes
d82cc08734 Allow CSP to be put in enforcing mode 2018-05-22 08:51:21 +01:00
Tom Hughes
584ac67c10 Configure manifest-src and worker-src in security policy 2018-05-17 19:10:39 +01:00
Tom Hughes
5cd4aeb1aa Preserve schemes in security policy 2018-05-17 19:10:23 +01:00
Tom Hughes
68f7df96d6 Add piwik to allowed URIs in connect-src 2018-05-17 11:33:50 +01:00
Tom Hughes
1f1029cf1a Remove unsafe-inline form default style policy 2018-05-16 20:40:55 +01:00
Tom Hughes
c77c7d015f Default frame-src to self 2018-05-15 14:08:44 +01:00
Tom Hughes
9b82e13d17 Improve formatting 2018-04-18 18:37:18 +01:00
Tom Hughes
7a64ebe982 Merge remote-tracking branch 'upstream/pull/1824' 2018-04-18 18:36:22 +01:00
Andy Allan
17c706291c Move the default_url_options config to the action_mailer initializer 
We can't use Rails.application.config here because the initializers
run after ActionMailer::Base has been set up.
 2018-04-18 10:53:22 +08:00
Tom Hughes
3da01218b3 Allow trusted addresses for better_errors to be set in the environment 2018-04-15 22:22:43 +01:00
Tom Hughes
1f2ac59d1d Fix new rubocop warnings 2018-03-26 19:00:03 +01:00
Tom Hughes
4e9144fba2 Add support for compressed request bodies 2018-01-24 14:25:02 +00:00
Tom Hughes
a83030dab7 Fix new rubocop warnings 2018-01-22 18:55:45 +00:00
Tom Hughes
810c8cf129 Enable cross origin requests for diary RSS feeds 
Fixes #1714
 2018-01-13 10:41:26 +00:00
Tom Hughes
d987416901 Allow apache to control the HSTS setting 2018-01-11 19:44:20 +00:00
Tom Hughes
b396c8cbe5 Allow apache to control the HSTS setting 2018-01-11 19:20:07 +00:00
Tom Hughes
ce9066797c Monkey patch OAuth to allow http signatures on https requests 2018-01-08 10:50:44 +00:00
Tom Hughes
fd33ff83f3 Use a memory cache for sessions when memcache is not configured 
Fixes #1695
 2017-12-04 21:20:23 +00:00
Tom Hughes
3c4774a5f7 Allow images to be loaded from piwik 2017-11-23 22:22:01 +00:00
Drew Dara-Abrams
96a00910d5 When no cache store is set use cookie storage for sessions 
A change in the default configuration of development environments
in rails 5.1 means that caching is now disabled by default so in
that case fall back to using cookies instead.

Closes #1666
 2017-11-02 19:19:03 +00:00
Tom Hughes
18d3392ede Relax cookie security policy 2017-11-01 17:48:35 +00:00
Tom Hughes
f773f67958 Update to rails 5.1.4 2017-10-17 18:49:55 +01:00
Tom Hughes
f02c753cc4 Use send_data for GPX traces intead of monkey patching send_file 2017-10-09 20:38:08 +01:00
Tom Hughes
8dae890a76 Fix rubocop warnings 2017-10-05 19:18:38 +01:00
Tom Hughes
e7e85db0c8 Update secure_headers configuration for upstream changes 2017-09-08 16:49:28 +01:00
Tom Hughes
2d80cd12ff Monkey patch oauth-plugin to avoid using deprecated methods 2017-06-27 08:26:44 +01:00