cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9068 commits 4 branches 1 tag 499 MiB
Commit graph

284 commits

Author SHA1 Message Date
Tom Hughes
d74dd80540 Improve detection of browsers needing ES6 shims 2019-02-22 15:41:33 +00:00
Tom Hughes
fa0a933c24 Replace augment.js with conditional polyfills for ES5 and ES6 2019-01-30 12:11:57 +00:00
Tom Hughes
45a454c2c8 Add browser detection framework 2019-01-30 12:11:34 +00:00
Tom Hughes
df232ec96f Add noopener and noreferer to links in user generated content 2019-01-16 10:10:51 +00:00
Tom Hughes
2e14b1106e Update to sassc 2.x 2018-11-01 22:41:06 +00:00
Tom Hughes
6c2093b29d Fix new rubocop warnings 2018-09-22 17:12:29 +01:00
Tom Hughes
ed82d0a756 Only fetch client side translations for the current locale 2018-08-16 12:22:36 +01:00
Tom Hughes
5fa0aebe9f Use dynamic error pages built through the asset pipeline 
Fixes #1241
 2018-08-01 19:13:04 +01:00
Tom Hughes
98de681e47 Update to rails 5.2.0 2018-06-19 00:16:24 +01:00
Tom Hughes
4a6779abf7 Avoid using inline javascript to update message list 2018-05-30 15:30:23 +01:00
Tom Hughes
d82cc08734 Allow CSP to be put in enforcing mode 2018-05-22 08:51:21 +01:00
Tom Hughes
584ac67c10 Configure manifest-src and worker-src in security policy 2018-05-17 19:10:39 +01:00
Tom Hughes
5cd4aeb1aa Preserve schemes in security policy 2018-05-17 19:10:23 +01:00
Tom Hughes
68f7df96d6 Add piwik to allowed URIs in connect-src 2018-05-17 11:33:50 +01:00
Tom Hughes
1f1029cf1a Remove unsafe-inline form default style policy 2018-05-16 20:40:55 +01:00
Tom Hughes
c77c7d015f Default frame-src to self 2018-05-15 14:08:44 +01:00
Tom Hughes
9b82e13d17 Improve formatting 2018-04-18 18:37:18 +01:00
Tom Hughes
7a64ebe982 Merge remote-tracking branch 'upstream/pull/1824' 2018-04-18 18:36:22 +01:00
Andy Allan
17c706291c Move the default_url_options config to the action_mailer initializer 
We can't use Rails.application.config here because the initializers
run after ActionMailer::Base has been set up.
 2018-04-18 10:53:22 +08:00
Tom Hughes
3da01218b3 Allow trusted addresses for better_errors to be set in the environment 2018-04-15 22:22:43 +01:00
Tom Hughes
1f2ac59d1d Fix new rubocop warnings 2018-03-26 19:00:03 +01:00
Tom Hughes
4e9144fba2 Add support for compressed request bodies 2018-01-24 14:25:02 +00:00
Tom Hughes
a83030dab7 Fix new rubocop warnings 2018-01-22 18:55:45 +00:00
Tom Hughes
810c8cf129 Enable cross origin requests for diary RSS feeds 
Fixes #1714
 2018-01-13 10:41:26 +00:00
Tom Hughes
d987416901 Allow apache to control the HSTS setting 2018-01-11 19:44:20 +00:00
Tom Hughes
b396c8cbe5 Allow apache to control the HSTS setting 2018-01-11 19:20:07 +00:00
Tom Hughes
ce9066797c Monkey patch OAuth to allow http signatures on https requests 2018-01-08 10:50:44 +00:00
Tom Hughes
fd33ff83f3 Use a memory cache for sessions when memcache is not configured 
Fixes #1695
 2017-12-04 21:20:23 +00:00
Tom Hughes
3c4774a5f7 Allow images to be loaded from piwik 2017-11-23 22:22:01 +00:00
Drew Dara-Abrams
96a00910d5 When no cache store is set use cookie storage for sessions 
A change in the default configuration of development environments
in rails 5.1 means that caching is now disabled by default so in
that case fall back to using cookies instead.

Closes #1666
 2017-11-02 19:19:03 +00:00
Tom Hughes
18d3392ede Relax cookie security policy 2017-11-01 17:48:35 +00:00
Tom Hughes
f773f67958 Update to rails 5.1.4 2017-10-17 18:49:55 +01:00
Tom Hughes
f02c753cc4 Use send_data for GPX traces intead of monkey patching send_file 2017-10-09 20:38:08 +01:00
Tom Hughes
8dae890a76 Fix rubocop warnings 2017-10-05 19:18:38 +01:00
Tom Hughes
e7e85db0c8 Update secure_headers configuration for upstream changes 2017-09-08 16:49:28 +01:00
Tom Hughes
2d80cd12ff Monkey patch oauth-plugin to avoid using deprecated methods 2017-06-27 08:26:44 +01:00
Tom Hughes
81deb35331 Update to rails 5.0.4 2017-06-27 08:26:44 +01:00
Bryan Housel
71d19cebf3 No need to precompile traffico anymore, as it's been removed 2017-06-12 18:36:50 -04:00
Tom Hughes
f8f7054fc2 Move monkey patch modules to the OpenStreetMap namespace 
Having them in the OSM namespace risks blocking autoloading
of the lib/osm.rb code by defining the OSM constant.
 2017-06-02 16:33:27 +01:00
Tom Hughes
5b33f3f8e3 Fix rubocop warnings 2017-06-02 00:08:30 +01:00
Tom Hughes
f940a154f3 Replace alias_method_chain with Module#prepend 2017-06-01 22:45:28 +01:00
Tom Hughes
f412c80d3f Drop monkey patches that are no longer required 2017-06-01 22:42:02 +01:00
Tom Hughes
cdeb95092b Drop hack used for rails 4 upgrade 2017-06-01 22:41:55 +01:00
Tom Hughes
6ee54aff10 Set canonical port based on protocol 2017-03-22 19:28:57 +00:00
Tom Hughes
bf8959cdc2 Add server_protocol configuration option 2017-03-22 18:22:24 +00:00
Tom Hughes
24271b75bd Use canonical-rails gem to generate canonical URLs 2017-03-22 18:16:53 +00:00
Tom Hughes
e35748567c Update HSTS to publish a max-age=0 to disable it 2017-03-03 11:34:39 +00:00
Tom Hughes
ee12eba234 Don't try and modify policy if we don't have one 2017-03-02 10:39:18 +00:00
Tom Hughes
c5ef6404f5 Improve the content security policy 2017-03-01 22:38:24 +00:00
Tom Hughes
8c3d16ecc4 Remove inline javascript from potlatch view 2017-02-28 20:41:22 +00:00