cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9831 commits 4 branches 1 tag 499 MiB
Commit graph

307 commits

Author SHA1 Message Date
Andreas Geyer-Schulz
f6f23ed0ee
Fix typo: change 'noreferer' to 'noreferrer' 
as the correct rel attribute in external links.
 2020-01-25 20:10:23 +01:00
Tom Hughes
4ee60c0f8f Make all translation lookup errors throw exceptions in test mode 2019-12-16 21:54:11 +00:00
Tom Hughes
57f5b7840e Fix rubocop warnings 2019-12-04 19:31:53 +00:00
Tom Hughes
22cd2314e5 Update to rails 6.0.1 2019-11-24 11:05:02 +00:00
Tom Hughes
30accae458 Update to sprockets 4.x 2019-10-22 20:20:43 +01:00
Tom Hughes
d96a5c9c87 Switch to use v4.0 of the Facebook API for authentication 2019-10-08 18:36:27 +01:00
Tom Hughes
754e566f45 Exclude phantomjs from generic webkit as it's ancient 
Fixes #2339
 2019-08-05 20:41:22 +01:00
Tom Hughes
5a54cb52f8 Drop paperclip 2019-07-17 19:12:30 +01:00
Tom Hughes
f597780822 Increase expiry for Active Storage URLs 2019-07-16 08:25:17 +01:00
Tom Hughes
e3f37bb30c Allow BMP images to be transformed 
https://github.com/rails/rails/issues/35953
https://github.com/rails/rails/pull/36051
 2019-07-16 00:24:37 +01:00
Tom Hughes
c5fc9f0e7e Run any Active Storage jobs in the storage queue 2019-07-15 22:20:48 +01:00
Tom Hughes
75e60acf66 Allow configuration of storage server URL for security policy 2019-07-09 19:43:03 +01:00
Tom Hughes
77ee8c1a53 Monkey patch Active Storage to set content type when uploading to S3 2019-07-09 19:17:56 +01:00
Tom Hughes
ba627420a3 Add support for Active Storage attachments 2019-07-09 19:17:29 +01:00
Andy Allan
3e414a5025 Use strong_migrations to help developers avoid problems in production database schema changes 2019-05-30 10:11:17 +02:00
Tom Hughes
9f57f60b87 Fix new rubocop warnings 2019-04-23 09:33:34 +01:00
Tom Hughes
9256397e46 Exclude generated i18n files from eslint checks 2019-04-06 17:16:59 +01:00
Tom Hughes
e7ab3de654 Move application.yml check to config initializer 2019-03-17 11:15:34 +00:00
Tom Hughes
141df02e67 Move status into the settings object 
Only the very early boot code needs to look at the value
from the environment directly.
 2019-03-17 11:15:34 +00:00
Andy Allan
7d57fb8c28 Add some settings validations 2019-03-13 18:06:23 +01:00
Andy Allan
d102c9aaf4 Move all settings to settings.yml 
We leave the STATUS setting alone, since it's required before rails
boots. The test-specific settings now live in config/settings/test.yml
 2019-03-13 18:06:23 +01:00
Andy Allan
7b08270526 Install config gem for settings management 2019-03-13 18:06:23 +01:00
Tom Hughes
89a4a9d59c Allow loading of our manifest 2019-02-24 22:40:01 +00:00
Tom Hughes
d74dd80540 Improve detection of browsers needing ES6 shims 2019-02-22 15:41:33 +00:00
Tom Hughes
fa0a933c24 Replace augment.js with conditional polyfills for ES5 and ES6 2019-01-30 12:11:57 +00:00
Tom Hughes
45a454c2c8 Add browser detection framework 2019-01-30 12:11:34 +00:00
Tom Hughes
df232ec96f Add noopener and noreferer to links in user generated content 2019-01-16 10:10:51 +00:00
Tom Hughes
2e14b1106e Update to sassc 2.x 2018-11-01 22:41:06 +00:00
Tom Hughes
6c2093b29d Fix new rubocop warnings 2018-09-22 17:12:29 +01:00
Tom Hughes
ed82d0a756 Only fetch client side translations for the current locale 2018-08-16 12:22:36 +01:00
Tom Hughes
5fa0aebe9f Use dynamic error pages built through the asset pipeline 
Fixes #1241
 2018-08-01 19:13:04 +01:00
Tom Hughes
98de681e47 Update to rails 5.2.0 2018-06-19 00:16:24 +01:00
Tom Hughes
4a6779abf7 Avoid using inline javascript to update message list 2018-05-30 15:30:23 +01:00
Tom Hughes
d82cc08734 Allow CSP to be put in enforcing mode 2018-05-22 08:51:21 +01:00
Tom Hughes
584ac67c10 Configure manifest-src and worker-src in security policy 2018-05-17 19:10:39 +01:00
Tom Hughes
5cd4aeb1aa Preserve schemes in security policy 2018-05-17 19:10:23 +01:00
Tom Hughes
68f7df96d6 Add piwik to allowed URIs in connect-src 2018-05-17 11:33:50 +01:00
Tom Hughes
1f1029cf1a Remove unsafe-inline form default style policy 2018-05-16 20:40:55 +01:00
Tom Hughes
c77c7d015f Default frame-src to self 2018-05-15 14:08:44 +01:00
Tom Hughes
9b82e13d17 Improve formatting 2018-04-18 18:37:18 +01:00
Tom Hughes
7a64ebe982 Merge remote-tracking branch 'upstream/pull/1824' 2018-04-18 18:36:22 +01:00
Andy Allan
17c706291c Move the default_url_options config to the action_mailer initializer 
We can't use Rails.application.config here because the initializers
run after ActionMailer::Base has been set up.
 2018-04-18 10:53:22 +08:00
Tom Hughes
3da01218b3 Allow trusted addresses for better_errors to be set in the environment 2018-04-15 22:22:43 +01:00
Tom Hughes
1f2ac59d1d Fix new rubocop warnings 2018-03-26 19:00:03 +01:00
Tom Hughes
4e9144fba2 Add support for compressed request bodies 2018-01-24 14:25:02 +00:00
Tom Hughes
a83030dab7 Fix new rubocop warnings 2018-01-22 18:55:45 +00:00
Tom Hughes
810c8cf129 Enable cross origin requests for diary RSS feeds 
Fixes #1714
 2018-01-13 10:41:26 +00:00
Tom Hughes
d987416901 Allow apache to control the HSTS setting 2018-01-11 19:44:20 +00:00
Tom Hughes
b396c8cbe5 Allow apache to control the HSTS setting 2018-01-11 19:20:07 +00:00
Tom Hughes
ce9066797c Monkey patch OAuth to allow http signatures on https requests 2018-01-08 10:50:44 +00:00