]> git.openstreetmap.org Git - rails.git/history - app/controllers
Validate any origin passed the auth failure callback
[rails.git] / app / controllers /
2021-11-23 Tom HughesValidate any origin passed the auth failure callback
2021-11-23 Tom HughesImprove fallback behaviour for unsafe referer redirects
2021-11-23 Tom HughesHandle authentication failure callbacks with no message
2021-11-23 Tom HughesMake safe_referer handle invalid URIs
2021-11-16 Tom HughesSend plain errors for non HTML resources
2021-10-27 Tom HughesMerge remote-tracking branch 'upstream/pull/3349'
2021-10-25 Tom HughesServe an updated TOTP token with the browse query response
2021-10-24 Tom HughesSpecify the controller when redirecting a failed login
2021-10-24 Tom HughesDrop duplicate unconfirmed_login definition
2021-10-07 Tom HughesMerge remote-tracking branch 'upstream/pull/3300'
2021-09-29 Tom HughesMerge remote-tracking branch 'upstream/pull/3332'
2021-09-29 Tom HughesMerge remote-tracking branch 'upstream/pull/3316'
2021-09-29 Andy AllanRefactor tracepoint index to use an xml builder view
2021-09-15 Tom HughesMerge remote-tracking branch 'upstream/pull/3297'
2021-09-15 Tom HughesMerge remote-tracking branch 'upstream/pull/3324'
2021-09-15 Andy AllanUse a builder to render changeset downloads
2021-09-12 Tom HughesMerge remote-tracking branch 'upstream/pull/3285'
2021-08-26 Tom HughesAdd a privileged scope that allows email addresses...
2021-08-26 Tom HughesIntroduce privileged scopes that only an administrator...
2021-08-24 Tom HughesCorrect policing of access to private user details
2021-08-18 Andy AllanSplit the non-public information off of the profile...
2021-08-17 Tom HughesFix new rubocop warnings
2021-08-12 Tom HughesMerge remote-tracking branch 'upstream/pull/3293'
2021-08-12 Andy AllanUse user_account_path for links to settings page
2021-07-28 Tom HughesMerge remote-tracking branch 'upstream/pull/3279'
2021-07-28 Andy AllanFix redirect to terms path when not logged in
2021-07-21 Tom HughesMerge remote-tracking branch 'upstream/pull/3257'
2021-07-21 Andy AllanEnsure that flash message is shown in the updated language
2021-07-21 Tom HughesMerge remote-tracking branch 'upstream/pull/3233'
2021-07-21 Tom HughesMerge remote-tracking branch 'upstream/pull/3265'
2021-07-21 Andy AllanRemove incorrectly spelled helper_method
2021-07-21 Josh Sorefspelling: languages
2021-07-21 Tom HughesMerge remote-tracking branch 'upstream/pull/3264'
2021-07-21 Tom HughesMerge remote-tracking branch 'upstream/pull/3263'
2021-07-21 Andy AllanFix various code comments
2021-07-21 Tom HughesMerge remote-tracking branch 'upstream/pull/3237'
2021-07-18 Tom HughesMerge remote-tracking branch 'upstream/pull/3251'
2021-07-14 Andy AllanMove profile-related settings to their own form
2021-07-14 Andy AllanRemove code complexity around resetting language prefer...
2021-07-14 Andy AllanSplit user preferences into a separate page
2021-07-01 Tom HughesCheck that the permission is non-zero
2021-06-29 Tom HughesFix some broken translation lookups
2021-06-27 Tom HughesSwitch web site to use OAuth 2
2021-06-27 Tom HughesMerge remote-tracking branch 'upstream/pull/3235'
2021-06-26 Tom HughesMake /api/0.6/permissions work for OAuth 2 clients
2021-06-24 Tom HughesMerge remote-tracking branch 'upstream/pull/3177'
2021-06-23 Tom HughesMerge remote-tracking branch 'upstream/pull/3232'
2021-06-23 Andy AllanRefactor terms declined flash message to use a partial
2021-06-23 Andy AllanUse hash-based flash objects to render complex flash...
2021-06-16 Tom HughesMerge remote-tracking branch 'upstream/pull/3226'
2021-06-16 Tom HughesMerge remote-tracking branch 'upstream/pull/3225'
2021-06-16 Tobias JordansTraces#index: Introduce tab navigation, fix tag-filter
2021-06-16 Andy AllanFix the email address that's suggested for whitelisting
2021-06-09 Tom HughesMerge remote-tracking branch 'upstream/pull/3217'
2021-06-09 Andy AllanSet updated_by when resolving issues
2021-05-18 Tom HughesAllow OAuth 2 authorizations to redirect to anywhere
2021-05-18 Tom HughesAdd support for OAuth2 using doorkeeper
2021-05-13 Tom HughesMerge remote-tracking branch 'upstream/pull/3193'
2021-05-12 Tom HughesFix deprecation warnings
2021-05-11 Tom HughesAdd rate limiting to user friendships
2021-04-29 Tom HughesMerge remote-tracking branch 'upstream/pull/3029'
2021-04-28 Andy AllanMerge branch 'pull/3146'
2021-04-28 Andy AllanMerge pull request #3104 from fredrik-lindseth/patch-1
2021-04-28 Andy AllanMerge pull request #3169 from harry-wood/empty-lists
2021-04-14 Andy AllanMerge branch 'pull/3164'
2021-04-14 Andy AllanAdd tests for routing and to ensure output format
2021-04-08 Andy AllanMerge pull request #1558 from plarus/master
2021-04-07 Tom HughesMerge remote-tracking branch 'upstream/pull/3166'
2021-04-07 Tom HughesMerge remote-tracking branch 'upstream/pull/3165'
2021-04-07 Andy AllanMove confirmation methods into ConfirmationsController
2021-04-07 Andy AllanSplit password reset functionality into PasswordsController
2021-04-07 Michal MigurskiAdded JSON support to user preferences
2021-04-01 Tom HughesDon't allow deleted users to be confirmed
2021-03-31 Tom HughesAdd additional limits on sending messages
2021-03-31 Tom HughesMerge remote-tracking branch 'upstream/pull/3157'
2021-03-29 Tom HughesAdd missing callbacks to session controller
2021-03-24 Tom HughesMerge remote-tracking branch 'upstream/pull/3147'
2021-03-24 Andy AllanRefactor login/logout into sessions controller
2021-03-22 Tom HughesMerge remote-tracking branch 'upstream/pull/3142'
2021-03-21 Tom HughesMerge remote-tracking branch 'upstream/pull/3141'
2021-03-21 Tom HughesHandle errors checking for gravatars
2021-03-17 Tom HughesMerge remote-tracking branch 'upstream/pull/3124'
2021-03-17 Andy AllanMerge branch 'pull/3112'
2021-03-16 Tom HughesMerge remote-tracking branch 'upstream/pull/3133'
2021-03-16 Tom HughesMerge remote-tracking branch 'upstream/pull/3132'
2021-03-16 Tom HughesReject referers that do not include an absolute path
2021-03-14 Tom HughesAllow form submission to any location from the login...
2021-03-10 Tom HughesMerge remote-tracking branch 'upstream/pull/3125'
2021-03-10 Andy AllanUse login_path instead of explicit controller and actions
2021-03-03 Tom HughesUse a 307 Temporary Redirect to redirect to authentication
2021-03-02 Tom HughesFix new rubocop warnings
2021-02-24 Andy AllanMerge branch 'pull/3091'
2021-02-10 Tom HughesPrevent CSRF bypass with login form
2021-02-09 Tom HughesPrevent CSRF bypass with password reset form
2021-02-09 mmd-osmPrevent CSRF bypass unblocking users
2021-02-08 Tom HughesPrevent CSRF bypass updating account details
2021-02-06 Tom HughesAllow form post to third party authentication providers
2021-02-03 Andy AllanMerge pull request #2409 from jalessio/docker-compose...
2021-02-03 Tom HughesMerge remote-tracking branch 'upstream/pull/3078'
2021-02-03 Tom HughesMerge remote-tracking branch 'upstream/pull/3079'
next