openstreetmap-website

Author	SHA1	Message	Date
Tom Hughes	ff86bf136a	Use an empty array for ruby 2.3 compatibility Apparently `false.dup` throws in ruby 2.3 and not in 2.5...	2018-05-23 12:21:24 +01:00
Tom Hughes	5deba2782a	Completely remove form-action restrictions for OAuth callbacks The CSP3 draft only allows a * rule match network schemes and mobile devices often use callbacks to custom URL schemes.	2018-05-23 12:09:21 +01:00
Tom Hughes	c5d3335a6c	Allow inline styles in iD	2018-05-18 20:28:09 +01:00
Peter Karich	1cea6b363a	Use XHR instead of jsonp for GraphHopper Closes #1872	2018-05-17 20:47:58 +01:00
Tom Hughes	9227f6aecd	Allow iD to access wikidata	2018-05-16 11:36:46 +01:00
Tom Hughes	8d41015673	Allow iD to access wikipedia	2018-05-16 08:48:38 +01:00
Tom Hughes	9e50c3851c	Merge remote-tracking branch 'upstream/pull/1863'	2018-05-15 18:36:55 +01:00
Tom Hughes	50f85248db	Use https to launch the remote editor except for modern browsers Currently only Chrome 53+ and Firefox 55+ are known to support loading of http resources from localhost for an https page.	2018-05-15 14:21:09 +01:00
Tom Hughes	79284a0fcd	Add frame-src to allow http://127.0.0.1:8111	2018-05-15 12:43:37 +01:00
Andy Allan	84fa437d50	Ensure database is writable before destroying a message	2018-05-15 18:28:33 +08:00
Andy Allan	4ec70f7994	Rename messages#read to #show Also rename the named path, to align with resourceful routing	2018-05-15 18:25:54 +08:00
Andy Allan	73df8447e3	Rename messages#delete to destroy This is a better fit for rails controller method conventions, paving the way to resourceful routing. Keep user-facing strings as 'delete' since that's more commonly used.	2018-05-15 18:15:01 +08:00
Tom Hughes	d14cf519fd	Merge remote-tracking branch 'upstream/pull/1858'	2018-05-14 20:14:56 +01:00
Tom Hughes	33ea119c8f	Merge remote-tracking branch 'upstream/pull/1857'	2018-05-14 20:13:41 +01:00
Tom Hughes	0e810db927	Make CSP rule for the remote control explicitly allow http	2018-05-13 16:01:39 +01:00
Andy Allan	00bd64c7fb	Rename message_controller to messages_controller	2018-05-09 16:38:37 +08:00
Andy Allan	ec13ef77bc	Lazy lookups for translations in message_controller.rb	2018-05-09 16:25:42 +08:00
Andy Allan	b446138aef	Rename trace_controller to traces_controller	2018-05-09 12:38:09 +08:00
Andy Allan	a1853204fa	More lazy translation lookups for traces	2018-05-09 12:08:39 +08:00
Tom Hughes	f349aeb061	Update translation keys for renaming of note to notes	2018-04-29 01:09:38 +01:00
Tom Hughes	d7b43c5f17	Fix syntax error with ruby 2.5	2018-04-28 17:12:27 +01:00
Rajdeep Mandrekar	3def2f839f	Use rails helpers to construct URLs Fixes #1817 Closes #1840	2018-04-25 22:22:51 +01:00
Tom Hughes	00425c8fca	Merge remote-tracking branch 'upstream/pull/1838'	2018-04-25 17:38:35 +01:00
Tom Hughes	0d7c9a187e	Merge remote-tracking branch 'upstream/pull/1836'	2018-04-25 17:37:55 +01:00
Andy Allan	8445561fcc	Use lazy translation lookups for the oauth controller.	2018-04-25 15:42:34 +08:00
Andy Allan	2c7bc36493	Use lazy translation lookups for redactions Requires renaming the translation keys	2018-04-25 14:39:37 +08:00
Andy Allan	a0de9b780d	Use lazy lookups for user_blocks translations	2018-04-25 12:03:58 +08:00
Andy Allan	9408ed6946	Pluralise user_preferences_controller This is the rails convention for controllers and can make route generation easier. http://guides.rubyonrails.org/action_controller_overview.html#controller-naming-convention	2018-04-18 11:26:00 +08:00
Andy Allan	7b2af50f4a	Refactor @this_user to @user Historically we used @user for the currently logged in user, but this was changed to `current_user` in 2017.	2018-04-11 11:42:33 +08:00
Andy Allan	3b75e92415	Be more consistent with 'my' vs 'your' for objects that belong to the user	2018-03-28 17:07:50 +08:00
Tom Hughes	1f2ac59d1d	Fix new rubocop warnings	2018-03-26 19:00:03 +01:00
Andy Allan	9f84c6f46e	Use user_path links. Fixes #1785	2018-03-21 11:33:45 +08:00
Andy Allan	b2ff9f3aad	Simplify redirect.	2018-03-09 15:56:56 +08:00
biswesh456	674589ce2c	Change test case	2018-03-03 20:20:52 +05:30
biswesh456	646dcb62fc	Allow admins and moderators to delete traces Fixes #1625	2018-02-24 20:36:12 +05:30
Andy Allan	549acfa918	Merge pull request #1732 from tomhughes/npemap Remove npemap as a source for UK postcodes	2018-02-23 10:23:22 +08:00
Tom Hughes	96cc9abd23	Use https when redirecting to the render server	2018-02-09 22:31:45 +00:00
Tom Hughes	2515c77276	Use configured protocol for URLs in diary feeds	2018-02-05 22:31:27 +00:00
Tom Hughes	5925039729	Remove npemap as a source for UK postcodes	2018-02-04 15:14:41 +00:00
Tom Hughes	673b58f96f	Merge remote-tracking branch 'upstream/pull/1704'	2018-02-04 15:09:40 +00:00
Tom Hughes	a83030dab7	Fix new rubocop warnings	2018-01-22 18:55:45 +00:00
Tom Hughes	9cf698322c	Merge remote-tracking branch 'upstream/pull/1707'	2018-01-13 10:35:42 +00:00
Tom Hughes	be86e4824f	Convert various URLs to https	2018-01-08 20:18:21 +00:00
Tom Hughes	af1397436f	Use https for nominatim	2018-01-08 10:50:44 +00:00
Tom Hughes	9340c46173	Remove dependencies on mapzen services	2018-01-02 18:45:20 +00:00
mmd-osm	e21c967fdd	Revoking administrator role on current user should fail Fixes #1697 Closes #1701	2017-12-19 17:31:34 +00:00
Guillaume RISCHARD	ca36cf2826	Remove support for soon discontinued josm remote https endpoint	2017-12-16 16:15:52 +01:00
mmd-osm	b2a3955d93	Allow (un)subscribing discussions also when changeset still open Fixes #1627	2017-12-16 13:32:04 +01:00
Tom Hughes	2c52c91b39	Make changeset#query preload users, tags and comments	2017-12-04 07:54:19 +00:00
Tom Hughes	fe2e215d14	Make the AMF getway_old call parse times as UTC Although it's not entirely clear how to interpret a timestamp from a client the production servers have effectively been parsing them as UTC because they run in the UTC time zone all year. Using Time.zone to do the parse forces it to happen in the rails time zone rather than the system time zone, which defaults to UTC as well. Fixes #1688	2017-12-01 19:24:26 +00:00

1 2 3 4 5 ...

1594 commits