Commit graph

63 commits

Author SHA1 Message Date
22e3f4240a Update most URLs to use HTTPS
I noticed we didn't have the little lock icon in the browser, and yeah
huh there's a lot of `http://` still floating around! Let's fix that!
2023-10-25 15:22:57 -07:00
c85c3f5b8f Add the Pardon Our Dust page 2023-10-23 19:05:09 -07:00
45090b8d1c Login/logout returns you to the same page
In the login case, we save the `return_to` parameter in the session, because login can be a multi-step process.

In the logout case, we just read it directly from the form params.

Note that you *could* end up in a weird scenario where an old return_to value sticks around for a bit? But we have the sense to delete it when we use it on a successful sign-in, and most links to the login page come with a `return_to` param which should reset it. So, you'd have to 1) have started but not finished a sign-in, 2) during the same session, and 3) get to the login page by an unusual means.

Probably fine!
2023-10-23 19:05:08 -07:00
83f80facda Can log into OpenNeo ID accounts directly!
A lot of rough edges here (e.g. no styles on the flash messages), but it's working and that's good!!

I tested this by temporarily switching to the production database and logging in as matchu!

Still missing a lot of big features too, like registration, password resets, settings page, etc.
2023-10-23 19:05:07 -07:00
7e922503b5 Upgrade to Rails 7.0.6
Whew! Seems like a pretty clean one? Ran `rails app:upgrade` and stuff, and made some corrections to keyword arguments for `translate` calls. There might be more such problems elsewhere? But that's hard to search for, and we'll have to see.
2023-10-23 19:05:07 -07:00
Matchu
d0616b6dfd Delete Camo references & Addressable gem
At one point we piloted a "Camo" service to proxy HTTPS image urls for us, but it doesn't exist anymore.

We already have proxies and stuff for this, so I left `Image` as a placeholder for this, but it's not working yet!

This also deletes our final reference to the Addressable gem, so we can remove it!
2023-10-23 19:05:05 -07:00
Matchu
14f66b1e9e Fix caching crashes in localized_cache
The controller was like "oh yeah we have that cached" (from previous renders of the app on Rails 3 I think?), but the view disagreed, bc it was appending a template digest to the cache key. That's a smart feature, but not compatible with how we skip queries in the controller, so disable it for now!
2023-10-23 19:05:02 -07:00
Matt Dunn-Rankin
512b64a104 update campaign final stretch copy 2017-01-09 11:35:55 -08:00
Matchu
973bbbcb0a even better campaign copy: complete text + ceil to $5 for the finish-up pitch 2015-09-24 19:39:49 -07:00
Matchu
5466cc9301 when remaining costs < $200, pitch harder 2015-09-22 22:19:43 -07:00
Matchu
b11d7a8c9c oh dang, did we just fix most of the mixed content? 2015-08-05 20:11:08 -04:00
Matchu
4a18f22571 camo the emotes on the campaign show page 2015-08-05 19:41:42 -04:00
Matchu
0d88a6dd6f use same-protocol URLs for javascript libraries, so HTTPS is happy 2015-08-05 18:36:28 -04:00
0e6f823154 toggle whether a donation campaign is advertised 2015-02-25 13:49:18 -06:00
d588253c4c campaign banner on homepage is pretty 2014-09-11 18:09:00 -05:00
8e22c271a4 track campaign progress 2014-09-11 17:40:37 -05:00
8fc156833f basic tip functionality 2014-04-02 23:00:50 -05:00
72b174c9b3 store all neopets usernames for logged-in users, but breaks closet_hangers#index 2014-01-18 21:55:01 -06:00
fd106d7dba basic modeling buttons
no behavior yet, nor are they filtered
2014-01-10 16:25:03 -05:00
5f95ef7e56 make userbar area more compact, including removing favicon 2013-12-26 13:08:51 -05:00
923335b8da localize blog posts 2013-02-06 10:59:25 -06:00
573e8a6459 use I18n.with_locale wherever possible, since it catches errors properly
In particular, pet#load was handling locale-switching itself, but wasn't
switching back to original locale on error. We could've used a rescue
block, but, when I18n.with_locale is so cool, may as well use it fully.
2013-01-25 15:09:56 -06:00
c9ae7155b1 locale metadata, including hidden locales for item loading and selection 2013-01-24 18:24:34 -06:00
1439e4a74c canonical paths are always in english 2013-01-24 18:24:34 -06:00
0f49d3ed02 simple locale dropdown in layouts#application 2013-01-24 18:24:33 -06:00
5935ed055d refactor tmd helper, move closet_hangers#index autocomplete to markdown 2013-01-24 18:23:20 -06:00
7f2070e78e refactor userbar contributions to use twl 2013-01-24 18:23:20 -06:00
2b1cb2fe7f i18n for outfits#edit base template - dynamic content in outfits/edit.js still needs examined 2013-01-24 18:23:20 -06:00
b346bcc6d9 i18n for outfits#index - plus the translate_with_links helper, which can be used for refactoring other stuff 2013-01-24 18:23:20 -06:00
34d919179a i18n for broken_image_reports#new 2013-01-24 18:23:18 -06:00
132a49d30b i18n for outfits#new (and layouts#application), including caching 2013-01-24 18:23:18 -06:00
5601511ad5 xss vulnerability in outfits#show
This one was actually pretty darn clever - nobody's abused it, but
I was reading a blog post where someone described this type of
issue, I realized it was a brilliant attack, and then realized
DTI was vulnerable. Oops. Thanks for the solution, Jamie!

http://jamie-wong.com/2012/08/22/what-i-did-at-khan-academy/#XSS+Fix
2012-10-20 17:56:38 -05:00
54ca5881fe add thumbnails to outfits#show via open graph 2012-07-29 16:45:12 -04:00
70cf262387 remove campaign banner from most pages 2011-10-10 22:06:46 -05:00
c930397123 edit campaign copy now that image mode is public 2011-08-07 19:52:35 -04:00
f9de777c79 update campaign: upgrade complete 2011-08-05 00:12:17 -04:00
163d74fe07 donate update, campaign complete 2011-08-04 10:25:57 -04:00
4f0e7899b7 Your Items intro text polishing 2011-07-31 00:59:29 -04:00
358840076c closet lists, round one 2011-07-29 10:52:04 -04:00
e6c419c7e0 give user paths a canonical tag 2011-07-26 18:56:14 -04:00
02ef70f749 simplify closet hangers view, replace user_is?(@user) with !public_perspective? 2011-07-20 12:39:18 -04:00
77818471c5 closet hangers page has nice remove button 2011-07-15 23:14:26 -04:00
437b1c052d quantity form on your items page 2011-07-15 17:21:18 -04:00
d5641dddbb user closet display 2011-07-14 13:56:20 -04:00
7640369332 drop donate bar into items, outfits#show 2011-07-09 11:45:30 -04:00
323cf772bc actually dynamic progress bar, on home page too 2011-07-01 15:38:13 -04:00
5ecd5f3ce4 donate page noninteractive 2011-06-28 13:24:40 -04:00
443b144f29 image mode 2011-06-27 15:33:34 -04:00
cd947b61b3 hide titles for items index and show from main body 2011-05-13 08:20:29 -04:00
b7fb5a952b Revert "implement head.js"
This reverts commit 12ffa33f4f.
2010-12-06 18:50:13 -05:00