consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
13,276 Commits 1 Branch 0 Tags
62a29e2cf969498ec57d49fbe9da73acdf27ee5c
Commit Graph

21 Commits

Author SHA1 Message Date
Javi Martín
d90efa15e4 Fix InvalidCrossOriginRequest response 
When requesting files like `/hackattempt.js`, the pages controller was
responding with 404 status code.

However, since the request was considered a JavaScript request (because
of the `.js` extension), the response was also considered to be a
JavaScript one, and since the request wasn't an AJAX request, our
protection from forgery was preventing a potential security issue by
raising an InvalidCrossOriginRequest exception.

By setting HTML as content type, we correctly respond with a 404 status
code.

More info:

https://die-antwort.eu/techblog/2018-08-avoid-invalid-cross-origin-request-with-catch-all-route/
 2019-04-25 20:48:38 +02:00
rgarcia
bca824b759 removes controller spec deprecation warnings 2019-04-17 17:40:55 +02:00
Julian Herrero
87be6f302c Add default site customization pages 
From now on these static pages:

`/privacy'
`/conditions'
`/accesibility'
`/help/faq'
`/welcome'

have been moved to the DB and can be modified easily by any
administrator in `/admin/site_customization/pages'
 2019-03-14 18:35:51 +01:00
Julian Herrero
31ac8b7f55 Change single quotes to double quotes 2019-02-15 11:40:39 +01:00
decabeza
46671fe447 Removes unnecessary pages 2018-11-15 11:52:57 +01:00
decabeza
42d0f471ee Updates i18n keys and images folder 2018-01-30 19:10:48 +01:00
Bertocq
ed16a78f42 Enables RSpec/ExampleWording and fixes all issues 
Both avoiding 'should' and repiting 'it' on the tests description
improves reading them and also makes all descriptions consistent.

Read about cop at http://www.rubydoc.info/gems/rubocop-rspec/RuboCop/Cop/RSpec/ExampleWording
 2018-01-07 01:03:45 +01:00
decabeza
dcffa96d11 removes specs of deleted info pages 2017-06-07 18:53:23 +02:00
Alberto Garcia Cabeza
533a7492a1 changes more information to more info 2017-04-04 18:01:30 +02:00
Alberto Garcia Cabeza
b9a44297aa updates pages specs 2017-03-30 13:53:01 +02:00
Juanjo Bazán
2d4d057b48 returns empty 404 instead of raising exception 
for the catch-all route
 2016-01-20 16:20:43 +01:00
Juanjo Bazán
bbc0f07b74 returns 404 for not found pages 
(instead of 500 by MissingTemplate)

Fixes #792
 2015-12-30 14:27:16 +01:00
Alberto Garcia Cabeza
eb47f3de44 Removes unused static page 2015-12-14 18:20:51 +01:00
Josep Jaume Rey Peroy
80104d100f Normalize page paths 
Normalize page paths so they can be accessed by `page_path(:id)`.

The benefit of this is that we can add any arbitrary amount of pages
without affecting the routing layer.
 2015-12-12 10:22:27 +01:00
Juanjo Bazán
349288b992 removes provisional transparency page 2015-12-03 12:51:51 +01:00
Alberto Garcia Cabeza
3df06ebcb4 Adds accessibility page on footer 2015-09-28 13:46:53 +02:00
Juanjo Bazán
0138847798 fix build 2015-09-05 20:19:53 +02:00
Juanjo Bazán
5d5de36ad1 adds spec for info pages 2015-09-05 20:16:20 +02:00
Alberto Garcia Cabeza
fca3a4de37 Changes tests for new texts 2015-09-03 00:10:07 +02:00
rgarcia
0f145da18b adds specs 2015-08-30 12:51:26 +02:00
Juanjo Bazán
84feeba085 adds pages controller for static pages 2015-08-29 19:32:08 +02:00