--- /dev/null
+# Security Policy
+
+## Reporting a Vulnerability
+
+We welcome any reports of security vulnerabilities, and we will respond to you quickly to acknowledge receipt.
+
+To report a vulnerability please email [the maintainers using this link](mailto:tom@compton.nu;openstreetmap-website@gravitystorm.co.uk;security@openstreetmap.org). This will also notify the security team for the main deployment of this software.
+
+Please note that we do not offer any bug bounties and we do not participate in any bug programs. If your security report is validated by us, then we are happy to credit you publicly in our issue tracker, on request.
var editDisabled = zoom < 13;
$("#edit_tab")
.tooltip({ placement: "bottom" })
- .attr("data-original-title", editDisabled ?
+ .attr("data-bs-original-title", editDisabled ?
I18n.t("javascripts.site.edit_disabled_tooltip") : "")
// Disable the button group and also the buttons to avoid
// inconsistent behaviour when zooming
var disabled = ["mapnik", "cyclemap"].indexOf(map.getMapBaseLayerId()) === -1;
button
.toggleClass("disabled", disabled)
- .attr("data-original-title",
+ .attr("data-bs-original-title",
I18n.t(disabled ?
"javascripts.key.tooltip_disabled" :
"javascripts.key.tooltip"));
}
$(item).attr("class", disabled ? "disabled" : "");
- item.attr("data-original-title", disabled ?
+ item.attr("data-bs-original-title", disabled ?
I18n.t("javascripts.site.map_" + name + "_zoom_in_tooltip") : "");
});
};
var disabled = OSM.STATUS === "database_offline" || map.getZoom() < 12;
link
.toggleClass("disabled", disabled)
- .attr("data-original-title", I18n.t(disabled ?
+ .attr("data-bs-original-title", I18n.t(disabled ?
"javascripts.site.createnote_disabled_tooltip" :
"javascripts.site.createnote_tooltip"));
}
isDisabled = map.getZoom() < 14;
link
.toggleClass("disabled", isDisabled)
- .attr("data-original-title", I18n.t(isDisabled ?
+ .attr("data-bs-original-title", I18n.t(isDisabled ?
"javascripts.site.queryfeature_disabled_tooltip" :
"javascripts.site.queryfeature_tooltip"));
margin-bottom: 10px;
outline: none;
- &:hover {
+ &:hover,
+ &:focus {
background-color: black;
}
<p class='alert alert-warning'><%= t "javascripts.notes.show.anonymous_warning" %></p>
<% end -%>
- <% if current_user && current_user != @note.author %>
- <p class="text-muted"><%= report_link(t(".report"), @note) %></p>
- <% end %>
-
<% if @note_comments.length > 1 %>
<div class='note-comments'>
<ul class="list-unstyled">
<% if @note.status == "open" %>
<% if current_user -%>
- <form action="#">
+ <form class="mb-3" action="#">
<div class="mb-3">
<textarea class="form-control" name="text" cols="40" rows="5" maxlength="2000"></textarea>
</div>
</form>
<% end -%>
<% else %>
- <form action="#">
+ <form class="mb-3" action="#">
<input type="hidden" name="text" value="" autocomplete="off">
<div class="btn-wrapper">
<% if current_user and current_user.moderator? -%>
</div>
</form>
<% end %>
+
+ <% if current_user && current_user != @note.author %>
+ <p><small class="text-muted"><%= t "javascripts.notes.show.report_link_html", :link => report_link(t(".report"), @note) %></small></p>
+ <% end %>
</div>
reopened_by_html: "Reactivated by %{user} <abbr title='%{exact_time}'>%{when}</abbr>"
reopened_by_anonymous_html: "Reactivated by anonymous <abbr title='%{exact_time}'>%{when}</abbr>"
hidden_by_html: "Hidden by %{user} <abbr title='%{exact_time}'>%{when}</abbr>"
- report: Report this note
+ report: report this note
coordinates_html: "%{latitude}, %{longitude}"
query:
title: "Query Features"
reactivate: Reactivate
comment_and_resolve: Comment & Resolve
comment: Comment
+ report_link_html: "If this note contains sensitive information that needs to be removed, you can %{link}. For all other problems with the note, please resolve it yourself with a comment."
edit_help: Move the map and zoom in on a location you want to edit, then click here.
directions:
ascend: "Ascend"
assert_selector "h1", :text => "OpenStreetMap"
end
+
+ test "tooltip shows for Layers button" do
+ visit "/"
+
+ assert_no_selector ".tooltip"
+ button = find ".control-layers .control-button"
+ button.hover
+ assert_selector ".tooltip", :text => "Layers"
+ end
+
+ test "tooltip shows for Map Key button on Standard layer" do
+ visit "/"
+
+ assert_no_selector ".tooltip"
+ button = find ".control-key .control-button"
+ button.hover
+ tooltip = find ".tooltip"
+ tooltip.assert_text "Map Key"
+ tooltip.assert_no_text "not available"
+ end
+
+ test "tooltip shows for Map Key button on a layer without a key provided" do
+ visit "/#layers=Y" # assumes that CyclOSM layer has no map key
+
+ assert_no_selector ".tooltip"
+ button = find ".control-key .control-button"
+ button.hover
+ tooltip = find ".tooltip"
+ tooltip.assert_text "Map Key"
+ tooltip.assert_text "not available"
+ end
+
+ test "tooltip shows for query button when zoomed in" do
+ visit "/#map=14/0/0"
+
+ assert_no_selector ".tooltip"
+ button = find ".control-query .control-button"
+ button.hover
+ tooltip = find ".tooltip"
+ tooltip.assert_text "Query features"
+ tooltip.assert_no_text "Zoom in"
+ end
+
+ test "tooltip shows for query button when zoomed out" do
+ visit "/#map=10/0/0"
+
+ assert_no_selector ".tooltip"
+ button = find ".control-query .control-button"
+ button.hover
+ tooltip = find ".tooltip"
+ tooltip.assert_text "Zoom in to query features"
+ end
+
+ test "tooltip shows for edit button when zoomed out" do
+ visit "/#map=11/0/0"
+
+ assert_no_selector ".tooltip"
+ button = find "#edit_tab"
+ button.hover
+ tooltip = find ".tooltip"
+ tooltip.assert_text "Zoom in to edit the map"
+ end
end
projects / rails.git / commitdiff