cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14621 commits 4 branches 1 tag 499 MiB
Commit graph

2183 commits

Author SHA1 Message Date
Tom Hughes
ddc252016a Merge remote-tracking branch 'upstream/pull/4895' 2024-06-25 17:42:52 +01:00
Anton Khorev
06820acc4b Discard fragments from wikimedia_commons tag values 2024-06-22 21:48:42 +03:00
Emin Kocan
b057c7ae5a Arrange button sizes to default size of 36px 
As discussed in #4773 there was not any clarification as why auth button sizes were reduced so 36px is now accepted as default. This commit addresses that comment/issue.
 2024-06-21 12:08:58 +02:00
Anton Khorev
9f3ac8f5ce Url-encode wikimedia_commons tag values 2024-06-20 22:13:28 +03:00
Nenad Vujicic
839d203d51 Added link to nominatim results in searching results 
Fixes #3205. Added caching of nominatim URL query parameters in sources global variable (as parameters parameter) in GeocoderController#search for both direct and reverse geocoding. In app/views/geocoder/search.html.erb added displaying cached URL as forwarding link when clicked on "OpenStreetMap Nominatim" label. Updated GeocoderControllerTest to check only name (latlng, osm_nominatim, osm_nominatim_reverse) parameter of new sources variable.
 2024-06-19 15:44:56 +02:00
Andy Allan
d00a0667bc
Merge pull request #4887 from AntonKhorev/full-encode-wikipedia-value 
Fully encode wikipedia tag values
 2024-06-19 14:41:38 +01:00
Tom Hughes
505dcde52a Add tests for API changeset size limits 2024-06-19 00:46:35 +01:00
Tom Hughes
61c5011813 Update tests to avoid triggering changeset size limits 2024-06-19 00:46:35 +01:00
Tom Hughes
2d09b9408b Merge remote-tracking branch 'upstream/pull/4891' 2024-06-17 17:22:38 +01:00
Anton Khorev
a128b4f585 Move diary comments hide/unhide actions to comments controller 2024-06-17 18:16:31 +03:00
Anton Khorev
b97834f1fd Use default og:image if Addressable::URI fails 2024-06-15 15:57:10 +03:00
Anton Khorev
c03649355a Join and normalize og:image url using Addressable 
Avoids failing on urls that are not strictly rfc2396 URIs.
 2024-06-15 15:06:07 +03:00
Anton Khorev
6624beff11 Move diary comments index action to comments controller 2024-06-10 16:32:53 +03:00
Anton Khorev
ebaae09797 Fully encode wikipedia tag values 2024-06-08 15:59:30 +03:00
Anton Khorev
24c138ac8d Ensure that Open Graph image url is absolute 2024-06-06 18:01:23 +03:00
Anton Khorev
a73e20cd5c Set Open Graph image to first image for diary entries 2024-06-06 17:28:57 +03:00
Anton Khorev
c7353c9ac1 Add image method to get first image from rich text 2024-06-06 17:09:21 +03:00
Anton Khorev
5a22464224 Don't include language prefix in wikipedia links 2024-06-01 04:56:57 +03:00
Tom Hughes
15e86708f1 Merge remote-tracking branch 'upstream/pull/4847' 2024-05-30 16:20:54 +01:00
Milan Cvetkovic
15623aa35a Social sign-in: avoid re-authorization in users_controller#create 
It does not add any additional guards against malicious users:

Malicious user may attempt to invoke `POST /users/new` with bogus
values for `auth_provider` and `auth_uid` resulting
with a new account to which user would have a way to login, other than
sending a password reset request.

In some cases, re-authorization would introduce additional
"Please login to your social account", or "Are you sure you want to be logged in"
popup triggered by identity provider.

This PR removes the re-authorization request from `POST /users/new` in authorization flow.
 2024-05-30 05:43:45 +00:00
Andy Allan
0bbfe922ea Test the versions and capabilities api in various statuses 
These both need to keep working, even when the rest of the api is
unavailable, since that's how we communicate that status with the
api clients.
 2024-05-29 14:51:47 +01:00
Tom Hughes
514836a497 Merge remote-tracking branch 'upstream/pull/4795' 2024-05-19 19:21:45 +01:00
Hidde Wieringa
036c87b355
OpenID connect icons to SVG 
re-add whitespace

trigger CI

revert size attribute
 2024-05-16 21:16:28 +02:00
Tom Hughes
334c856021 Test unicode values in user preference keys and values 2024-05-16 17:51:33 +01:00
Andy Allan
ffda8d7ac5
Merge pull request #4680 from tomhughes/validate-page-numbers 
Add parameter validation to pagination
 2024-05-15 17:43:04 +01:00
Anton Khorev
822466c6c6 Add warnings when creating notes anonymously 2024-05-14 19:42:59 +03:00
Anton Khorev
d9e650fde1 Use inline svgs for user role icons 2024-05-07 15:51:23 +03:00
Tom Hughes
0b18937384 Merge remote-tracking branch 'upstream/pull/4757' 2024-05-06 11:15:12 +01:00
Anton Khorev
f418d0bbb4 Simplify message paths in tests 2024-05-06 12:37:57 +03:00
Tom Hughes
b625eefdeb Merge remote-tracking branch 'upstream/pull/4455' 2024-05-06 09:15:03 +01:00
Tom Hughes
51d778097f Merge remote-tracking branch 'upstream/pull/4753' 2024-05-05 18:54:57 +01:00
Anton Khorev
926788ff9a Remove tests for message paths without ids 
These tests don't fail because they reuse ids from previous requests.
 2024-05-05 17:14:37 +03:00
Anton Khorev
5da2957591 Redirect to inbox after marking a message as read/unread disregarding referer 
Avoids staying on the message page after the "Mark as unread" button is clicked and immediately reading the message again.
 2024-05-05 15:32:47 +03:00
Anton Khorev
4c21a09b32 Rename unread_message to message in messages controller test 
There's only one message in the affected test methods. That message becomes read during the test.
 2024-05-05 15:21:09 +03:00
Tom Hughes
b3759c0d58 Merge remote-tracking branch 'upstream/pull/4747' 2024-05-02 17:52:45 +01:00
Anton Khorev
15e1459f25 Link to previous/next nonempty user's changeset on changeset pages 2024-05-01 15:02:59 +03:00
Anton Khorev
f554e14b7f Use common sidebar_browse_check in notes controller test 2024-05-01 13:21:24 +03:00
Anton Khorev
eaacfbb911 Restore constraints on note id parameter 2024-05-01 13:17:14 +03:00
Milan Cvetkovic
4965c19b7a Re-introduce additional round trip for verifying auth_provider 2024-04-29 11:32:54 +00:00
Milan Cvetkovic
c486dd5532 Rename verified_email to email_hmac parameter in /users/new 2024-04-29 11:32:54 +00:00
Milan Cvetkovic
9649b192c0 Add preferred provider social signup 
- Add preferred provider for authorization to login and signup pages.
  To use, the 3rd party application would have to add `preferred_provider=...`
  parameter to OAuth2 authorization request.
- Resize 3rd party provider icons
- Add "login to authorize" heading to login and signup screens
 2024-04-29 11:32:54 +00:00
Anton Khorev
acac5fcc89 Use .align-text-bottom for feed icon images 2024-04-28 02:07:53 +03:00
Anton Khorev
a2e7b5db56 Remove border=0 from feed icons 2024-04-28 02:02:15 +03:00
Milan Cvetkovic
0c7c950149 Add social signin buttons to signup screen, avoid repeating round trip to auth provider. 2024-04-27 12:44:10 +01:00
Milan Cvetkovic
f8a606869e Remove email confirmation field in signup form 2024-04-27 12:44:09 +01:00
Milan Cvetkovic
1276fb944a Merge login and terms screens, assume TOU and contributor terms are accepted on /user/new form 
This eliminates the need for "terms" screen after /user/new form..
Terms screen is still required for legacy users who never accepted the terms.
 2024-04-27 12:44:09 +01:00
Tom Hughes
f99d7374a9 Merge remote-tracking branch 'upstream/pull/4703' 2024-04-23 17:20:08 +01:00
Tom Hughes
a34fa95af4 Fix rubocop warning 2024-04-21 19:07:16 +01:00
Tom Hughes
43db18ae91 Merge remote-tracking branch 'upstream/pull/4708' 2024-04-21 18:54:16 +01:00
Josh Thompson
130a2ed7c1 calculate hash once per test run, per thread 2024-04-18 18:07:03 -06:00