consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,555 Commits 1 Branch 0 Tags
eafb4018bf71b604e22c3b09da08ee4b69e763d9
Commit Graph

25 Commits

Author SHA1 Message Date
Javi Martín
d90efa15e4 Fix InvalidCrossOriginRequest response 
When requesting files like `/hackattempt.js`, the pages controller was
responding with 404 status code.

However, since the request was considered a JavaScript request (because
of the `.js` extension), the response was also considered to be a
JavaScript one, and since the request wasn't an AJAX request, our
protection from forgery was preventing a potential security issue by
raising an InvalidCrossOriginRequest exception.

By setting HTML as content type, we correctly respond with a 404 status
code.

More info:

https://die-antwort.eu/techblog/2018-08-avoid-invalid-cross-origin-request-with-catch-all-route/
 2019-04-25 20:48:38 +02:00
Julian Herrero
d24376f6ad Use double quotes in controllers/ 2019-03-13 22:19:49 +01:00
Manu
bff3a3b379 use relation between cards and page models 2019-01-18 09:54:43 -05:00
Manu
722a431b54 Add cards to custom pages 2019-01-18 09:54:43 -05:00
decabeza
dd11a040a6 Adds setting to enable or disable help page 2018-09-28 18:59:28 +02:00
iagirre
0d9da5398b Fix banners in user pages 
Banners were not been shown in certain pages; now
they are.

Spec to check if the banner is been shown correctly
added. Before it was in admins specs, now it has it's
own spec out of admins folder.
 2018-07-12 10:17:25 -04:00
Bertocq
21c6d1c4dd Cleanup Lint/AssignmentInCondition rubocop issues on code and remove it from ruboco_todo list 2017-06-19 10:45:18 +02:00
Amaia Castro
54fab919e5 Show custom pages in public site 2017-04-06 16:59:58 +02:00
Juanjo Bazán
2d4d057b48 returns empty 404 instead of raising exception 
for the catch-all route
 2016-01-20 16:20:43 +01:00
Juanjo Bazán
bbc0f07b74 returns 404 for not found pages 
(instead of 500 by MissingTemplate)

Fixes #792
 2015-12-30 14:27:16 +01:00
Josep Jaume Rey Peroy
80104d100f Normalize page paths 
Normalize page paths so they can be accessed by `page_path(:id)`.

The benefit of this is that we can add any arbitrary amount of pages
without affecting the routing layer.
 2015-12-12 10:22:27 +01:00
Juanjo Bazán
349288b992 removes provisional transparency page 2015-12-03 12:51:51 +01:00
rgarcia
ce13486272 uses english for method and filenames 2015-10-19 19:27:03 +02:00
Alberto Garcia Cabeza
65e0becafc adds verify account page for letter code 2015-10-19 19:24:23 +02:00
Alberto Garcia Cabeza
b3c2830d2f Changes blog url 2015-10-08 10:23:35 +02:00
Alberto Garcia Cabeza
3df06ebcb4 Adds accessibility page on footer 2015-09-28 13:46:53 +02:00
Juanjo Bazán
b4312fbbfc changes pages routes to static 2015-09-15 12:04:12 +02:00
Alberto Garcia Cabeza
94285d5ffc Adds pages to more information section 2015-09-13 20:22:02 +02:00
Juanjo Bazán
5d5de36ad1 adds spec for info pages 2015-09-05 20:16:20 +02:00
rgarcia
2bc1b5f1a5 adds nicer blog url 2015-09-05 19:57:33 +02:00
rgarcia
4897d5df4e makes spaces consistent 2015-09-03 01:29:46 +02:00
Alberto Garcia Cabeza
a8cbc60b02 Adds new pages, includes new texts 2015-09-02 23:42:06 +02:00
Alberto Garcia Cabeza
a74f4ea030 Adds first styles for static pages 2015-08-31 21:48:50 +02:00
rgarcia
92940c9f91 adds census terms of service page 2015-08-30 12:49:47 +02:00
Juanjo Bazán
84feeba085 adds pages controller for static pages 2015-08-29 19:32:08 +02:00