cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openstreetmap-website/config/initializers
History
Tom Hughes b0288b83bb Allow PATCH for OmniAuth requests 
This is required to allow the account settings screen, which now
uses the PATCH verb, to redirect to OmniAuth when the external
authentication provider is changed.

As PATCH still uses CSRF this doesn't impact CVE-2015-9284 which
is the reason for requiring POST and most importantly got not
allowing GET requests to OmniAuth.
2021-12-27 10:34:24 +00:00
..
abstract_adapter.rb Move monkey patch modules to the OpenStreetMap namespace 2017-06-02 16:33:27 +01:00
action_mailer.rb Switch to new defaults for queue names 2021-05-13 20:41:41 +01:00
active_storage.rb Drop monkey patch that is no longer needed with rails 6 2021-05-10 20:17:44 +01:00
application_controller_renderer.rb Update to rails 5.2.0 2018-06-19 00:16:24 +01:00
assets.rb Fix rubocop warnings 2019-12-04 19:31:53 +00:00
backtrace_silencers.rb Update to rails 6.1.3.2 2021-05-12 18:49:21 +01:00
banners.rb Fix rubocop warnings 2019-12-04 19:31:53 +00:00
better_errors.rb Allow trusted addresses for better_errors to be set in the environment 2018-04-15 22:22:43 +01:00
bootstrap_form.rb Fix boot warnings for autoloaded constants in initializers 2021-11-16 19:08:26 +00:00
browser.rb Drop unused browser feature predicates 2021-11-19 18:10:50 +00:00
canonical_rails.rb Move all settings to settings.yml 2019-03-13 18:06:23 +01:00
classic_pagination.rb Standardise on double quoted strings 2015-02-20 19:47:26 +00:00
compressed_requests.rb Add support for compressed request bodies 2018-01-24 14:25:02 +00:00
config.rb Fix new rubocop warnings 2021-02-02 18:56:29 +00:00
content_security_policy.rb Update to rails 6.0.1 2019-11-24 11:05:02 +00:00
cookies_serializer.rb Update to rails 5.0.4 2017-06-27 08:26:44 +01:00
cors.rb Allow cross origin access to OAuth 2 token endpoints 2021-07-06 19:30:05 +01:00
doorkeeper.rb Fix boot warnings for autoloaded constants in initializers 2021-11-16 19:08:26 +00:00
errors.rb Use dynamic error pages built through the asset pipeline 2018-08-01 19:13:04 +01:00
eslint.rb Fix new rubocop warnings 2020-07-07 10:44:52 +01:00
field_error.rb Update to rails 6.0.1 2019-11-24 11:05:02 +00:00
filter_parameter_logging.rb Update to rails 6.1.3.2 2021-05-12 18:49:21 +01:00
i18n.rb Make all translation lookup errors throw exceptions in test mode 2019-12-16 21:54:11 +00:00
inflections.rb Revert "Switch to using the zeitwork autoloader" 2020-12-29 19:29:36 +00:00
libxml.rb Fix new rubocop warnings 2016-02-05 13:35:26 +00:00
migrate.rb Drop monkey patch that is no longer required 2021-05-10 18:52:34 +01:00
mime_types.rb Remove both Potlatch versions 2021-01-05 21:18:45 +00:00
new_framework_defaults_6_1.rb Enable variant tracking for Active Storage 2021-05-17 19:29:12 +01:00
oauth.rb Drop last vestiges of ruby 2.5 support 2021-06-08 20:33:25 +01:00
omniauth.rb Allow PATCH for OmniAuth requests 2021-12-27 10:34:24 +00:00
piwik.rb Fix new rubocop warnings 2018-03-26 19:00:03 +01:00
r2.rb Update to sassc 2.x 2018-11-01 22:41:06 +00:00
router.rb Move monkey patch modules to the OpenStreetMap namespace 2017-06-02 16:33:27 +01:00
sanitize.rb Prevent addition of style attributes to all elements 2021-03-24 20:55:30 +00:00
secure_headers.rb Don't mark banner cookies as HttpOnly 2021-06-23 15:08:45 +01:00
session_store.rb Move all settings to settings.yml 2019-03-13 18:06:23 +01:00
strong_migrations.rb Fix new rubocop warnings 2021-01-11 19:17:31 +00:00
uri.rb Allow generic URIs to use the registry format 2011-12-13 10:45:40 +00:00
uri_sanitizer.rb Fix issues with bogus % encoded sequences in URLs 2015-12-07 13:52:20 +00:00
wiki_pages.rb Fix rubocop warnings 2019-12-04 19:31:53 +00:00
wrap_parameters.rb Update to rails 6.0.1 2019-11-24 11:05:02 +00:00
zeitwerk.rb Remove unnecessary inflection 2021-01-01 11:54:29 +00:00