Age | Commit message (Collapse) | Author |
|
We are deprecating webapp based signup. It leads to an
inconsistent state for mail providers and offers no useful
interactions for vpn providers either.
Instead of trying to deal with the halve way signup through
the webapp we require signup through bitmask app which can
also create the pgp keys for email and download and use the
cert for vpn.
In addition this reduces the attack surface for js injection,
phishing and other browser based attacks.
For now we still keep the signup form in case providers link
to it directly. We also keep all the tests based on it. Cleanup
will happen right after 0.10.0 release.
|
|
fixes #8794
Reported the underlying issue here:
https://github.com/rails/sass-rails/issues/406
Basically `@import` works like this:
* look for the file relative to the current file
* look for the file as an absolute path following the priorities in the
* asset load_paths
If the file can be imported as a relative path that will take
precedence.
So in order to pick up the head and tails inside customization rather
than in app/assets there are three possibilities:
1) use an absolute path. This is not as easy as it seems. There is no
way of indicating a path is meant to be absolute so we would have to
ensure it does not resolve to a relative path.
2) have a application.scss file inside the customization folder. Since
this is the main file it will be used instead of the app/assets one. In
there relative paths will now also default to the customization folder
rather than app/assets. Once we are in an app/assets file though it will
not go back to picking up customization with relative paths
3) use //= require instead of import. rails-sass advices against this as
each required file would be compiled on it's own and variables could not
be shared.
Going with option 1 here:
```scss
// application.scss:
@import "custom/head_import";
```
```scss
// custom/head_import.scss:
@import "head";
```
As long as there is no custom/head.scss in app/assets it will import
head as an absolute path and thus prefer config/custom over app/assets.
This seems like the best option for now as it does not require changes
to the deployments.
|
|
We now use the hash of the token for comparison and as the id.
In order to use it you need the original token though. So forms and
thus the session should have token.to_s rather than token.id.
|
|
|
|
|
|
only use the <pre> tag if the response was a text message i.e. during dev errors.
Use the alert-danger class of bootstrap 3 rather than alert-error.
|
|
|
|
span10 now is .col-??-10.
ul.unstyled now is ul.list-unstyled
also leave out unnecessary li if billing is disabled.
|
|
* reran the simple form initializer.
* wrapped submit buttons are now broken and need a fix.
* disabled confirmation validation in client side validations as the
error message always is attached to the wrong field.
|
|
|
|
Sometimes the dev environment will send back a plain text response.
This causes the json parser to raise an exception and used to cause
the browser not to display any error message.
Now we dumpt the whole server response - which happes to also include the
backtrace. A lot more useful than doing nothing.
In production this should never happen as 500s get handled by the
ExceptionApplication / our ErrorsController there.
|
|
subrepo:
subdir: "app/assets/javascripts/srp"
merged: "9e1a417"
upstream:
origin: "https://leap.se/git/srp_js"
branch: "master"
commit: "9e1a417"
git-subrepo:
version: "0.3.1"
origin: "https://github.com/ingydotnet/git-subrepo"
commit: "a7ee886"
|
|
fix: keep ticket submit button clickable
See merge request !27
|
|
It was marked as submitted even when client side validations interfered.
fixes github issue #227
|
|
our special error handler for json requests would turn all exceptions
into 500s - removed it. now the rescue_responses can do their thing
again.
|
|
|
|
|
|
make the rescue in account creation less broad
See merge request !15
|
|
Related with https://github.com/pixelated/pixelated-user-agent/issues/924
With @aarni
|
|
Related with https://github.com/pixelated/pixelated-user-agent/issues/924
With @aarni
|
|
It was catching errors that should have led to 500s
|
|
If a login was invalid as a username but also for the identity we used to have duplicate error messages. Let's avoid that.
Also added a test to make sure invite_code errors are properly displayed no matter what other fields are set or missing. Pixelated will rely on this to test invite codes
|
|
We'll only use the master branch for development from now on.
|
|
|
|
|
|
method included to set number of tweets which should be displayed
|
|
The content.html.haml was modified to pick the layout based on wether tweets
are enabled or not. We need to display the provider message in both cases.
|
|
|
|
|
|
|
|
RTs and @ are displayed
|
|
error response messages; added 'config/customization/images' + link in 'config/initializer/customization.rb'
|
|
|
|
|
|
twitter feature is set enabled == true
|
|
in header; fixed erb escaping characters problem without letting evil code pass; setting customized image file 'Avatar_Pic.png' in config/custo../assets to get loaded instead of default twitter-logo
|
|
We used to replace all of home/content - so we missed the twitter feed
on the providers.
Instead one should now customize home/provider_message only.
|
|
added info that the account has to be public in Twitter-Doc
|
|
for fourth value in array. there will always be an empty array that view (text and each - method) does not break. if empty array in view the error-message is shown. (its WIP)
|
|
Change in code for caching
|
|
|
|
Deleting not necessary files from offical PR
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Cool! \o/
timing for twitter caching + script for invalidating token
|
|
now set as twitter official logo (added 2 official twitter logo images; changed footer text.
|