consul/grecia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,411 Commits 1 Branch 0 Tags
6b1864fbcd4e588373d928596f6fc1ffff7ec00d
Commit Graph

58 Commits

Author SHA1 Message Date
Javi Martín
6b1864fbcd Sanitize translations instead of using _html 
Using the `_html` suffix in an i18n key is the same as using `html_safe`
on it, which means that translation could potentially be used for XSS
attacks.
 2019-10-09 19:46:47 +02:00
Javi Martín
928312e218 Use sanitize in translations with links 
Sometimes we're interpolating a link inside a translation, and marking
the whole translations as HTML safe.

However, some translations added by admins to the database or through
crowdin are not entirely under our control.

Although AFAIK crowdin checks for potential cross-site scripting
attacks, it's a good practice to sanitize parts of a string potentially
out of our control before marking the string as HTML safe.
 2019-10-08 18:46:21 +02:00
Javi Martín
75a28fafcb Sanitize label texts automatically 
This way we can remove all those `html_safe` calls and we avoid
potential XSS attacks in label texts.
 2019-10-08 18:46:21 +02:00
Javi Martín
55a190f44a Remove unneeded _html suffix in I18n keys 
This suffix does the same thing as calling `.html_safe` on them. So we
don't need to use it in texts that don't use HTML.
 2019-10-08 13:20:22 +02:00
Javi Martín
8d9cb4d8e3 Simplify generating checkboxes in forms 
Using the block syntax to generate the label with a <span> tag inside
isn't necessary after upgrading foundation_rails_helpers. Before the
upgrade, we couldn't do so because the <span> tag was escaped.
 2019-10-06 19:32:04 +02:00
Javi Martín
4f5de5be3b Add aria-describedby attribute automatically 
We were manually adding the attribute in many places, but not
everywhere. I'm assuming adding it where we didn't have it is doing no
harm.
 2019-10-06 19:32:03 +02:00
Javi Martín
3ea9f3cecf Simplify generating form fields with labels 
Instead of generating the label and then a field without a label, we can
directly generate a field with a label.
 2019-10-05 16:01:58 +02:00
Javi Martín
f9ed186909 Add rubocop spacing rules 
We were following these rules in most places; we just didn't define them
anywhere.
 2019-09-10 21:04:56 +02:00
Javi Martín
488461b8ac Remove consecutive blank lines 2019-09-10 20:02:15 +02:00
Julian Herrero
defbb25ec5 Fix Devise deprecation warning 
DEPRECATION WARNING: [Devise] `DeviseHelper.devise_error_messages!`
is deprecated and it will be removed in the next major version.
To customize the errors styles please run `rails g devise:views` and
modify the `devise/shared/error_messages` partial.

We will render the resource errors instead fo calling the deprecated method.
 2019-04-17 17:40:56 +02:00
Julian Herrero
f6489bc604 Use double quotes in app/views 2019-03-19 12:33:07 +01:00
decabeza
cf7155613e Changes honeypot family name to address on users sign up form 2018-12-21 11:34:12 +01:00
decabeza
6c5513ab38 replaces back_link partial to back_link_to helper 2017-07-26 18:22:45 +02:00
decabeza
af7807ce9f Updates custom note class to foundation help-text 2017-06-27 10:29:36 +02:00
Alberto Garcia Cabeza
9e582245d3 avoids use tabindex attribute 2017-03-10 12:04:47 +01:00
Alberto Garcia Cabeza
508de35320 polishes forms styles on devise views 2017-01-09 19:10:15 +01:00
Juanjo Bazán
6760199a90 Merge pull request #1090 from consul/back-links 
Back links
 2016-04-28 16:52:09 +02:00
kikito
303b17c238 Adds invisible_captcha to user & organization registrations 2016-04-27 16:13:50 +02:00
kikito
dea1a28a69 purges simple_captcha 2016-04-27 16:07:47 +02:00
Alberto Garcia Cabeza
7320d17bea Moves back links inside a partial 2016-04-26 13:04:57 +02:00
kikito
3637c95fe2 adds note to finish_signup 2016-04-19 13:33:17 +02:00
Alberto Garcia Cabeza
68a70238e7 Improves registrations success page 2016-03-14 19:32:50 +01:00
Alberto Garcia Cabeza
f6571662a2 Adds title on links with target blank 2016-03-14 19:32:49 +01:00
Alberto Garcia Cabeza
9dce52a69a Adds title on input checkboxes 2016-03-14 19:32:49 +01:00
Alberto Garcia Cabeza
3ec0971b37 Replaces icons i tags for span 2016-03-14 19:32:48 +01:00
Alberto Garcia Cabeza
5615f19ba9 Fixes some classes for foundation 6 2016-02-29 13:52:31 +01:00
Alberto Garcia Cabeza
3752f3a53b Adds foundation 6 🎉 2016-02-26 19:33:33 +01:00
kikito
49dec60615 adds a redeemable code to users. It can be filled up when signing up from /cuentasegura 2016-02-22 17:41:08 +01:00
kikito
6ba1db1a02 includes a "cancel" option when logging in via omniauth 
restores missing proposal in common_actions
 2016-02-03 11:59:19 +01:00
kikito
9e0494a82d Activates omniauth functionality 2016-01-26 18:15:45 +01:00
kikito
248bff712c fixes failing i18n specs 
Eliminates registering_with_oauth attr_accessor

ELIMINATE

Conflicts:
	app/views/users/registrations/finish_signup.html.erb

improves devise confirmation message

improves devise omniauth confirmation message

improves devise omniauth confirmation message

do not use nils on finish_signup fields

Fixes auth specs after changing the i18n
 2016-01-26 18:15:36 +01:00
kikito
a87669840c Hides fields without errors in finish_signup.html.erb 
Conflicts:
	app/views/users/registrations/finish_signup.html.erb
 2016-01-26 18:11:11 +01:00
kikito
b71dd5767b Adds username to the finish_signup form 
Conflicts:
	app/views/users/registrations/finish_signup.html.erb
 2016-01-26 18:11:04 +01:00
Josep Jaume Rey Peroy
cf00f12ec7 Store locale in a user's field and switch locale on mailers 2016-01-22 18:10:28 +01:00
Alberto Garcia Cabeza
6af6a63e15 Adds new styles for erase account 2015-10-20 12:37:01 +02:00
kikito
9cc158540e implements a first version of the forms. Missing: a) tests and b) check db constraints (duplicate email "", etc) 2015-10-16 20:04:16 +02:00
Alberto Garcia Cabeza
2ca4557f2d Improves accesibility 2015-10-13 16:48:37 +02:00
Juanjo Bazán
7d8f1f2629 adds title for public devise views 2015-09-28 13:59:17 +02:00
Alberto Garcia Cabeza
dd7f429104 Changes notes tag on forms 2015-09-28 13:46:54 +02:00
kikito
2d3015703d replaces constants by class methods + private functions. Fixes broken tests 2015-09-10 13:02:21 +02:00
kikito
ada03c8474 Adds max lengths in views 2015-09-09 18:34:26 +02:00
Alberto Garcia Cabeza
0400fc93ab Deletes duplicate label 2015-09-08 14:47:11 +02:00
Juanjo Bazán
64a0046e45 Merge pull request #408 from AyuntamientoMadrid/registration-success-390 
Adds registration "success" intermediate page
 2015-09-07 17:32:30 +02:00
kikito
922c63aebe style 2015-09-07 17:28:14 +02:00
kikito
980728279f Adds registration "success" intermediate page 2015-09-07 17:23:59 +02:00
Alberto Garcia Cabeza
101a50a96e Improves layout styles 2015-09-07 16:36:33 +02:00
rgarcia
17ce1f9d07 adds terms of service to users 2015-09-07 01:00:43 +02:00
Alberto Garcia Cabeza
eedd919424 Improves styles and texts for devise pages 2015-09-07 00:16:54 +02:00
Alberto Garcia Cabeza
7fefcb692e Changes and updates texts 2015-09-02 23:43:08 +02:00
rgarcia
369fc6aef7 hides social network login 2015-09-01 12:46:02 +02:00