cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
13162 commits 4 branches 1 tag 499 MiB
Commit graph

6672 commits

Author SHA1 Message Date
Andy Allan
f18baae22e Refactor login/logout into sessions controller 
Certain controller methods are shared with oauth-based logins, and these have been
moved to a concern.
 2021-03-24 11:32:46 +00:00
polarbearing
b4e2f8e34f
Show the crafted duration of a block independent of the reading time 
Fixes #3143.
Not tested by myself. Treat like pseudocode, I don't speak Ruby.
 2021-03-23 12:37:14 +01:00
Tom Hughes
4c2e4de5c0 Handle errors checking for gravatars 2021-03-21 10:24:53 +00:00
Andy Allan
a08fe1c291 Use list-inline to achieve spacing between elements on a line 
This is a better solution than spans and margins. Additionally, rework
to use mb-* instead of my-* (bootstrap advises against using margin-top)
and get rid of <br>s by using paragraphs instead.
 2021-03-17 18:57:36 +00:00
Tom Hughes
e2db409872 Merge remote-tracking branch 'upstream/pull/3138' 2021-03-17 18:16:15 +00:00
Andy Allan
4dc584421a Refactor traces list display 
Ideas taken from #3036
 2021-03-17 18:04:00 +00:00
Andy Allan
6f70c13062 Use .add method for adding errors 
This avoids a deprecation warning on rails 6.1
 2021-03-17 17:09:34 +00:00
Andy Allan
a2ddcda911 Merge branch 'pull/3112' 2021-03-17 16:07:43 +00:00
Tom Hughes
93b8c47c8f Reject referers that do not include an absolute path 2021-03-16 11:07:34 +00:00
Tom Hughes
afb22209bf Allow form submission to any location from the login page 
This allows openid login to work on browsers like chrome that enforce
the form-action rule for redirect POST requests.

Fixes #3131
 2021-03-14 10:18:32 +00:00
Michal Migurski
f5f84027fa Chasing parse errors 2021-03-13 10:49:52 -08:00
Michal Migurski
68896d5b2f Switched to hash rockets syntax per erblint feedback 2021-03-13 10:49:52 -08:00
Michal Migurski
d28ab8d3f2 Replaced H2 messages header links with Bootstrap nav links 
Following suggestion from https://github.com/openstreetmap/openstreetmap-website/issues/2962#issuecomment-768985393
 2021-03-13 10:49:52 -08:00
Tom Hughes
01b84a8107 Merge remote-tracking branch 'upstream/pull/3125' 2021-03-10 14:55:58 +00:00
Andy Allan
38ad8fbc36 Use login_path instead of explicit controller and actions 
This makes future refactoring easier.
 2021-03-10 14:31:55 +00:00
Tom Hughes
d8b9b6dd58 Merge remote-tracking branch 'upstream/pull/3121' 2021-03-04 13:45:34 +00:00
Tom Hughes
d66541124f Merge remote-tracking branch 'upstream/pull/3120' 2021-03-04 13:45:31 +00:00
Andy Allan
18b8780f21 Remove CSS overrides for the login page at small screen sizes 
Some of these selectors no longer apply, and the one that did just
made the behaviour worse, so they are all no longer required.
 2021-03-04 11:09:16 +00:00
Andy Allan
9bd1d74091 Prevent input group wrapping when sidebar is resized 
Fixes #3119
 2021-03-04 11:04:47 +00:00
Andy Allan
1c1bfd7488 Add a small margin before the changesets more button 
See also #2717
 2021-03-03 17:46:01 +00:00
Andy Allan
3fdf1e204a Remove unnecessary margin-tops 2021-03-03 17:16:31 +00:00
Andy Allan
926576881f Remove final uses of the deemphasize class 2021-03-03 15:51:11 +00:00
Andy Allan
952cf0fdb4 Remove the old richtext_area helper 
This has been superseded by the `f.richtext_field` custom form builder.
 2021-03-03 15:34:16 +00:00
Tom Hughes
2233edbcfa Use a 307 Temporary Redirect to redirect to authentication 
When the user wants to enable an external authenticator we need
to redirect to omniauth but that now needs to be a POST so use a
redirect that preserves the POST method.

Fixes #3114
 2021-03-03 09:27:33 +00:00
Tom Hughes
ff3a30d245 Fix new rubocop warnings 2021-03-02 08:24:15 +00:00
Andy Allan
df1ec6b680 Remove standard-form CSS rules 2021-02-24 14:48:10 +00:00
Andy Allan
f7b8b114a6 Convert the search forms to bootstrap 
This moves the forms to a flex grid, albeit with a little twiddling
to get things working in a compact space.
 2021-02-24 12:21:51 +00:00
Andy Allan
3debff60ef Merge branch 'pull/3091' 2021-02-24 10:49:39 +00:00
Andy Allan
00dbe5f4a4 Use the bootstrap spacer variable as the basis for spacing calcuation, and match mb-1 definition 2021-02-24 10:35:28 +00:00
Tom Hughes
f91dd6afc2 Tighten up cookie security 
Mark all cookies as Secure, and the cookies which are not
modified client side as HttpOnly.
 2021-02-19 18:18:13 +00:00
mxdanger
ea92d66cc0 Add btn-wrapper class 2021-02-17 18:27:41 -08:00
Andy Allan
501e256419 Refactor the share panel to use bootstrap forms 2021-02-17 17:17:19 +00:00
Andy Allan
5c086dad6e Use bootstrap form-check for overlay selection 2021-02-17 17:05:49 +00:00
Tom Hughes
2d50a84004 Fix new rubocop warnings 2021-02-16 21:14:54 +00:00
Tom Hughes
3c4f32a760 Validate avatar images 
Closes #3097
 2021-02-16 17:37:18 +00:00
Tom Hughes
80f576a29b Fix avatar mode update on file change 2021-02-16 17:12:34 +00:00
Tom Hughes
1f136a84a6 Prevent CSRF bypass with login form 2021-02-10 20:39:23 +00:00
Andy Allan
a17bd24f82 Refactor the third-party login form to use bootstrap 2021-02-10 15:39:55 +00:00
Andy Allan
f9b0490afc Update terms form to use bootstrap 2021-02-10 15:09:29 +00:00
Andy Allan
696db6d433 Convert the new note form to use bootstrap 2021-02-10 14:23:11 +00:00
Andy Allan
8ee31df2a0 Rework changeset comments form to use bootstrap styling 2021-02-10 10:55:41 +00:00
Tom Hughes
51af102c00 Prevent CSRF bypass with password reset form 2021-02-09 23:00:21 +00:00
mmd-osm
c49e400aa3 Prevent CSRF bypass unblocking users 2021-02-09 20:39:04 +00:00
mxdanger
ba982e48c4 Fix unexpected spacing on note buttons when overflowed 2021-02-08 17:32:29 -08:00
Tom Hughes
7810734ac4 Prevent CSRF bypass updating account details 
Fixes #3089
 2021-02-08 12:24:43 +00:00
Tom Hughes
e430bc0f7f Fix URL generation for atom feed on history page 
Fixes #3085
 2021-02-07 16:24:14 +00:00
Tom Hughes
d15041f847 Use POST to submit OpenID login form 
Fixes #3084
 2021-02-06 15:04:33 +00:00
Tom Hughes
bc233420dd Allow form post to third party authentication providers 2021-02-06 11:10:14 +00:00
Tom Hughes
66b5e85845 Merge remote-tracking branch 'upstream/pull/3078' 2021-02-03 14:48:24 +00:00
Tom Hughes
e4c7342450 Merge remote-tracking branch 'upstream/pull/3079' 2021-02-03 14:48:19 +00:00