Tom Hughes
67be6616b0
Merge remote-tracking branch 'upstream/pull/4882'
2024-06-06 19:09:15 +01:00
Nenad Vujicic
c471a16dd6
Add last edited date to user profile
...
Fixes #3437
2024-06-06 18:33:20 +01:00
Anton Khorev
24c138ac8d
Ensure that Open Graph image url is absolute
2024-06-06 18:01:23 +03:00
Anton Khorev
a73e20cd5c
Set Open Graph image to first image for diary entries
2024-06-06 17:28:57 +03:00
Tom Hughes
2315885586
Merge remote-tracking branch 'upstream/pull/4877'
2024-06-05 18:37:57 +01:00
Tom Hughes
1b8c7f8bf7
Merge remote-tracking branch 'upstream/pull/4878'
2024-06-05 18:36:30 +01:00
Tom Hughes
68ec92a8d7
Merge remote-tracking branch 'upstream/pull/4876'
2024-06-05 18:34:06 +01:00
Anton Khorev
0cd90e76db
Move changeset subscribe/unsubscribe locale strings out of javascripts
2024-06-04 16:34:03 +03:00
Anton Khorev
289c22daa7
Write changeset subscribe/unsubscribe buttons using tag.button
2024-06-04 16:28:26 +03:00
Anton Khorev
0d0a9fc004
Move comment changeset locale string out of javascripts
2024-06-04 16:17:20 +03:00
Anton Khorev
0838549598
Write changeset comment button using tag.button
2024-06-04 16:15:18 +03:00
Anton Khorev
9db1b47c15
Move show/hide changeset comment locale strings out of javascripts
2024-06-04 16:07:25 +03:00
Anton Khorev
12281b1cc1
Fix setting "From" in directions form based on search query
2024-06-04 15:49:56 +03:00
Anton Khorev
879c6017e0
Remove Open Graph og:image:secure_url property
2024-06-04 13:42:01 +03:00
Tom Hughes
691289bfc0
Merge remote-tracking branch 'upstream/pull/4871'
2024-06-04 10:38:20 +01:00
Tom Hughes
ed77e1afc9
Merge remote-tracking branch 'upstream/pull/4873'
2024-06-03 20:26:13 +01:00
Anton Khorev
919021e41e
Remove .btn-sm from changeset comment button
2024-06-03 18:17:22 +03:00
Anton Khorev
060494b09c
Use button elements that allow word wrap for note controls
2024-06-03 13:40:11 +03:00
Anton Khorev
fcbe3a0467
Decrease bottom padding of search form
2024-06-03 12:29:34 +03:00
Anton Khorev
411f0ab665
Use flex in routing form for vertical gaps
2024-06-03 12:26:57 +03:00
Anton Khorev
6ae4e53f45
Use flex in routing form to fix marker column width
2024-06-03 12:21:11 +03:00
Anton Khorev
1e6db7b52c
Increase font size in directions controls
2024-06-03 11:59:18 +03:00
Tom Hughes
22a6d24857
Merge remote-tracking branch 'upstream/pull/4864'
2024-06-02 11:19:16 +01:00
Tom Hughes
6baa2ad39f
Merge remote-tracking branch 'upstream/pull/4868'
2024-06-02 10:54:37 +01:00
Tom Hughes
a0eeeaac5e
Merge remote-tracking branch 'upstream/pull/4867'
2024-06-02 10:52:43 +01:00
Anton Khorev
459995ab51
Inline svg sprites on about page
2024-06-01 11:02:16 +03:00
Anton Khorev
1b1d8326d8
Write closed note controls using submit_tag
2024-06-01 09:05:19 +03:00
Anton Khorev
b29d2a9243
Increase font size in search form
2024-06-01 08:19:31 +03:00
Anton Khorev
6d25f54b0b
Replace search button text with svg icon
2024-06-01 08:19:31 +03:00
Anton Khorev
5a22464224
Don't include language prefix in wikipedia links
2024-06-01 04:56:57 +03:00
Tom Hughes
c36f09b28d
Merge remote-tracking branch 'upstream/pull/4843'
2024-05-30 16:33:59 +01:00
Tom Hughes
d74e7628fe
Merge remote-tracking branch 'upstream/pull/4857'
2024-05-30 16:22:38 +01:00
Tom Hughes
15e86708f1
Merge remote-tracking branch 'upstream/pull/4847'
2024-05-30 16:20:54 +01:00
Nenad Vujicic
523d36bbaa
Fixed "or divider" issue described in #4773 by adding mb-2 below "or" divider
2024-05-30 12:02:35 +02:00
Milan Cvetkovic
15623aa35a
Social sign-in: avoid re-authorization in users_controller#create
...
It does not add any additional guards against malicious users:
Malicious user may attempt to invoke `POST /users/new` with bogus
values for `auth_provider` and `auth_uid` resulting
with a new account to which user would have a way to login, other than
sending a password reset request.
In some cases, re-authorization would introduce additional
"Please login to your social account", or "Are you sure you want to be logged in"
popup triggered by identity provider.
This PR removes the re-authorization request from `POST /users/new` in authorization flow.
2024-05-30 05:43:45 +00:00
Tom Hughes
d86d2067ee
Merge remote-tracking branch 'upstream/pull/4860'
2024-05-29 19:18:23 +01:00
Andy Allan
9adae1c523
Re-enable autocomplete for passwords
...
Regression for c4347c8d9a
Thankfully browsers ignore this for login fields, but it shouldn't
be turned off anyway.
2024-05-29 19:02:25 +01:00
Andy Allan
979d616c38
Re-enable translations for password field
...
Fixes regression introduced in c4347c8d9a
2024-05-29 18:48:01 +01:00
Tom Hughes
2029133a85
Merge remote-tracking branch 'upstream/pull/4859'
2024-05-29 18:47:04 +01:00
Tom Hughes
b5dd8c19b9
Merge remote-tracking branch 'upstream/pull/4849'
2024-05-29 17:52:40 +01:00
Andy Allan
c1cccd40fc
Move check_api_readable to api_controller
...
It's easier to skip the check in the two places that we need to, and
include it by default everywhere else.
2024-05-29 14:54:16 +01:00
Andy Allan
f2aaec4735
Standardise on avoiding except lists for check_api_readable
...
Although this is technically duplicative, it's much easier to read
and therefore to maintain, particularly if you put the _readable one
first.
2024-05-29 14:51:47 +01:00
Andy Allan
995bfa91ff
Remove duplicate database status checks
...
These are already done as part of the api checks
2024-05-29 14:51:20 +01:00
Andy Allan
91fc588556
Add api_status checks for user preferences API
2024-05-29 14:51:20 +01:00
Martin Raifer
ed15352f56
reintroduce unsafe-eval CSP rule for iD
...
fixes https://github.com/openstreetmap/iD/issues/10265
2024-05-29 11:26:08 +02:00
Nenad Vujicic
1d35daa0b5
Fixed "auth_button_preferred alignment" issue described in #4773
2024-05-29 11:20:13 +02:00
Tom Hughes
d3d0da0328
Fix new rubocop warnings
2024-05-28 17:39:33 +01:00
Tom Hughes
a90302aecf
Merge remote-tracking branch 'upstream/pull/4842'
2024-05-27 15:11:16 +01:00
Tom Hughes
2c9043283e
Merge remote-tracking branch 'upstream/pull/4828'
2024-05-27 15:05:43 +01:00
Tom Hughes
49b98c1fdd
Merge remote-tracking branch 'upstream/pull/4846'
2024-05-27 15:00:51 +01:00