Commit graph

234 commits

Author SHA1 Message Date
07f49307f1 a few tweaks to items#show contributors appearance 2012-10-24 22:16:01 -05:00
f56b544963 brought-to-you-by on items#show lists contributors 2012-10-24 22:09:05 -05:00
e9e7d305f0 retire neoitems links, replace with jn items links 2012-10-21 15:57:17 -05:00
5601511ad5 xss vulnerability in outfits#show
This one was actually pretty darn clever - nobody's abused it, but
I was reading a blog post where someone described this type of
issue, I realized it was a brilliant attack, and then realized
DTI was vulnerable. Oops. Thanks for the solution, Jamie!

http://jamie-wong.com/2012/08/22/what-i-did-at-khan-academy/#XSS+Fix
2012-10-20 17:56:38 -05:00
4a69772cd2 remove N+1 queries on current user outfits page 2012-08-09 18:32:33 -04:00
72237f225c modeling hub 2012-08-06 21:15:31 -04:00
9fb9542e0d oops, fix syntax error on ruby 1.8.7 2012-08-01 13:47:15 -04:00
c2a0c5de74 new frontpage layout, yay 2012-08-01 13:34:54 -04:00
54ca5881fe add thumbnails to outfits#show via open graph 2012-07-29 16:45:12 -04:00
4451800e42 added shop wiz, etc., links to NP item show page 2012-05-23 20:09:35 -04:00
f3d64840d6 filter lists on petpage export 2012-04-08 15:59:51 -05:00
5218b43df4 fix petpage export item name filtering
The "Abominable Snowball Winter Onesie" can get blocked for including the string " On".
So, we meant to filter that to " O<b></b>n" so that the filter wouldn't return that false
positive on an XSS attempt, but were accidentally filtering it to " o&lt;b&gt;&lt;/b&;gtn".
Fixed :)
2012-04-08 14:53:26 -05:00
44156c5b21 can now have the same item in more than one list 2012-03-23 16:25:10 -05:00
70cf262387 remove campaign banner from most pages 2011-10-10 22:06:46 -05:00
c930397123 edit campaign copy now that image mode is public 2011-08-07 19:52:35 -04:00
7358aae680 report broken images 2011-08-07 18:23:44 -04:00
f9de777c79 update campaign: upgrade complete 2011-08-05 00:12:17 -04:00
163d74fe07 donate update, campaign complete 2011-08-04 10:25:57 -04:00
bad1eb13a5 compare Your Items to someone elses list 2011-08-03 10:33:13 -04:00
374e85f9d0 drop in redirect image url for urls blocked on petpages 2011-08-02 20:01:48 -04:00
dacfc99ce7 allow your_items_path to be cached on home 2011-07-31 22:17:59 -04:00
90c9c8fe17 hide help for people who have used Your Items before 2011-07-31 19:04:21 -04:00
037cb1e95a your items link on home 2011-07-31 18:45:53 -04:00
30096f6b0a items petpage export 2011-07-31 02:52:19 -04:00
4f0e7899b7 Your Items intro text polishing 2011-07-31 00:59:29 -04:00
2dd280c450 grammar fix on closet list deletion confirmation 2011-07-31 00:22:36 -04:00
137aeac8d4 show traders on items#show 2011-07-31 00:19:28 -04:00
11b7ae74db list visibility forms on Your Items 2011-07-30 22:47:06 -04:00
0c92bf5987 set list visibility in closet_lists#edit 2011-07-30 22:34:27 -04:00
34a4ef201a privacy dropdowns moved to be more out of the way 2011-07-30 22:08:38 -04:00
0e522fa371 better handle list emptiness for drag-n-drop 2011-07-30 19:47:04 -04:00
75961abc17 privacy for unlisted hangers 2011-07-30 19:45:28 -04:00
9a7b13dc5d drag and drop on Your Items <3 2011-07-30 13:40:41 -04:00
358840076c closet lists, round one 2011-07-29 10:52:04 -04:00
b86ce67c02 first pass at closet lists, including form 2011-07-26 20:27:23 -04:00
e6c419c7e0 give user paths a canonical tag 2011-07-26 18:56:14 -04:00
c592459d02 improve Your Items copy given the different groups 2011-07-26 18:41:15 -04:00
2983849b1f closet page importer also warns to log in in another window 2011-07-25 14:15:23 -04:00
d9f94ae3fa Your Items page aware of wanting items 2011-07-22 17:55:05 -04:00
6d155ecaf1 show owned/wanted icons and search filters 2011-07-22 16:52:40 -04:00
c5103b6557 neomail link on closets 2011-07-20 15:16:22 -04:00
02ef70f749 simplify closet hangers view, replace user_is?(@user) with !public_perspective? 2011-07-20 12:39:18 -04:00
f2d6a454c5 explain user:owns on item search 2011-07-17 17:28:45 -04:00
77818471c5 closet hangers page has nice remove button 2011-07-15 23:14:26 -04:00
437b1c052d quantity form on your items page 2011-07-15 17:21:18 -04:00
3a193d534d closeted icon, all over the place 2011-07-14 13:56:44 -04:00
6ebacc99dd closet page saving backend 2011-07-14 13:56:20 -04:00
d5641dddbb user closet display 2011-07-14 13:56:20 -04:00
7640369332 drop donate bar into items, outfits#show 2011-07-09 11:45:30 -04:00
2c54601288 include donation form right on the page 2011-07-02 13:40:01 -04:00
323cf772bc actually dynamic progress bar, on home page too 2011-07-01 15:38:13 -04:00
5ecd5f3ce4 donate page noninteractive 2011-06-28 13:24:40 -04:00
443b144f29 image mode 2011-06-27 15:33:34 -04:00
6940e098d3 say Edit a Copy on outfits#show if it a guest outfit and user is a guest 2011-05-14 09:36:18 -04:00
cd947b61b3 hide titles for items index and show from main body 2011-05-13 08:20:29 -04:00
648649f5cc support special colors in the infinite closet 2011-05-02 18:07:56 -04:00
1207e84804 nice page to view current user's outfits 2011-03-23 18:23:01 -04:00
b7fb5a952b Revert "implement head.js"
This reverts commit 12ffa33f4f.
2010-12-06 18:50:13 -05:00
12ffa33f4f implement head.js 2010-12-05 21:18:52 -05:00
0399e0a38f remove tell the world link 2010-11-30 16:52:38 -05:00
9fc24a2eab handle contribution for now-unused swf 2010-11-15 16:44:57 -05:00
2501e6e21f use basic image hash on items stuff 2010-11-14 23:14:04 -05:00
d8da87cbd9 ignore cap files, move auth config to yaml file 2010-11-13 10:37:57 -05:00
6b92c2aa33 loading current user outfit list, deleting outfits, toggling star 2010-11-11 13:43:22 -05:00
1dd2ccb00b lovely interface for saving outfits. still no reading them yet 2010-11-10 16:59:54 -05:00
1fd98fb191 basic interaction with fake outfits 2010-11-08 20:40:03 -05:00
b44cb4b09e fix homepage JS
main name field lost its ID in the redesign
gave it one and changed the one in the JS to match
2010-11-07 17:19:47 -05:00
a5b119a9bc contributions viewing 2010-11-06 11:52:58 -04:00
2d550724f0 bulk add pets 2010-11-05 20:09:03 -04:00
c8acdc4e8d working home page 2010-11-05 18:45:05 -04:00
bfb53ee81f add ?return_to to login urls 2010-10-18 18:17:08 -04:00
7939b0570b put userbar where it belongs 2010-10-18 18:10:50 -04:00
3c473bee2c nice pretty upgrade to item show page 2010-09-08 22:49:39 -04:00
4ba6af20ad item zone sets jsonp controller 2010-06-26 16:29:23 -04:00
7b91dd9cef pretty home page 2010-06-08 10:39:23 -04:00
240a070281 put id, body id, etc in HTML 2010-06-07 16:08:53 -04:00
40bb495a2b gracefully handles asset not found, preloads to handle it before it even comes up 2010-05-31 15:45:03 -04:00
5e5007e661 add alt, title to species thumbnails 2010-05-16 19:21:36 -04:00
d3ffefabfa preview pet type selection, data loading 2010-05-16 16:37:55 -04:00
108fe9f2dd correct metadata on species thumbnail 2010-05-16 16:16:39 -04:00
66c43e220a move species supported images for item show into pet_type method 2010-05-16 16:15:21 -04:00
230026597b groundwork for preview, swf asset and relationship model 2010-05-16 15:01:38 -04:00
4d4ded3c11 items controller, basic view 2010-05-15 13:47:46 -04:00
87fc4bdf05 rails 3 2010-05-14 18:12:31 -04:00