Commit graph

69 commits

Author SHA1 Message Date
c92bf4fc7a i18n for outfits/edit.js sharing urls 2013-01-09 17:15:25 -06:00
addc41ddc9 i18n for outfits#edit base template - dynamic content in outfits/edit.js still needs examined 2013-01-09 17:15:25 -06:00
cd323cbf53 i18n for outfits#index - plus the translate_with_links helper, which can be used for refactoring other stuff 2013-01-09 17:15:25 -06:00
abca8eb29a i18n for outfits#show 2013-01-09 17:15:23 -06:00
744c10495d i18n for outfits#new (and layouts#application), including caching 2013-01-09 17:15:23 -06:00
5601511ad5 xss vulnerability in outfits#show
This one was actually pretty darn clever - nobody's abused it, but
I was reading a blog post where someone described this type of
issue, I realized it was a brilliant attack, and then realized
DTI was vulnerable. Oops. Thanks for the solution, Jamie!

http://jamie-wong.com/2012/08/22/what-i-did-at-khan-academy/#XSS+Fix
2012-10-20 17:56:38 -05:00
270f8caa3d remove sharing beta message - finally 2012-08-23 20:56:00 -05:00
99669b8e4e cache homepage latest contribution 2012-08-09 22:59:35 -04:00
f6d34841ec cache newest items on homepage and items#index 2012-08-09 22:35:30 -04:00
5e89287537 durr, don't cache new items on the homepage 2012-08-08 23:05:32 -04:00
5cec28e29b fix logout bug: stop caching authenticity_token fields
Many forms on the site contain a hidden authenticity_token field,
unique to each visitory. If a user submits a request with an
invalid authenticity_token, Rails assumes that it's a CSRF attempt
and logs out the user. So, if we happen to cache those forms with
authenticity_token fields, all users who use that form will have
the same authenticity_token (valid for only the first user who
saw the form, invalid for everyone else), and all requests made
through that form will log out the user. Bad news.

So, we stopped caching those forms. Yay!
2012-08-07 17:32:51 -04:00
72237f225c modeling hub 2012-08-06 21:15:31 -04:00
a6e4398e54 take homepage latest contribution and new items out of cache block - should probably cache them later, but, for now, meh 2012-08-01 15:11:08 -04:00
c2a0c5de74 new frontpage layout, yay 2012-08-01 13:34:54 -04:00
c630cde66c outfit thumbnails beta message 2012-07-31 10:21:20 -04:00
54ca5881fe add thumbnails to outfits#show via open graph 2012-07-29 16:45:12 -04:00
f8aacfba98 put a cog behind outfits whose thumbnails are enqueued 2012-07-29 16:07:18 -04:00
f5cf9aa13b redesign outfits#index with thumbnails 2012-07-29 15:43:28 -04:00
249c493d25 beautiful outfits tab using thumbnails 2012-07-27 03:21:22 -04:00
b02c95c2d9 pretty tab navigation for wardrobe sidebar 2012-07-25 19:02:23 -04:00
b2eac2d1fd sharing url formats 2012-07-17 16:14:05 -04:00
f5ab71dce5 sharing thumbnail 2012-07-17 14:42:31 -04:00
7b5856ebf9 basic sharing
Sharing pane works, everything is great for guests. Logged in
users are on the way, since right now Share Outfit re-saves
anonymously rather than showing sharing data for the existing
outfit.
2012-07-17 12:15:04 -04:00
686d6560c4 specify size on image download 2012-01-13 19:37:56 -06:00
09fcc7fa4b remove timer donation request on outfits#edit 2011-08-07 19:57:11 -04:00
7358aae680 report broken images 2011-08-07 18:23:44 -04:00
564ba9bdd9 js part of reporting broken images 2011-08-07 17:24:54 -04:00
4c510f91db search by username 2011-08-05 11:28:11 -04:00
5f4cd9ddbf new! tags to point to Your Items 2011-07-31 22:55:29 -04:00
ceeb59973d move image mode faq to outfits#edit instead of userbar 2011-07-31 22:13:23 -04:00
037cb1e95a your items link on home 2011-07-31 18:45:53 -04:00
12f5b28c94 wardrobe now works with owned/wanted 2011-07-22 17:06:21 -04:00
e0c00cc8ed Your Items link on wardrobe 2011-07-17 17:52:40 -04:00
d0dd797cdf delete outfits from outfit page 2011-07-14 13:14:06 -04:00
7640369332 drop donate bar into items, outfits#show 2011-07-09 11:45:30 -04:00
33519bd579 donation request on main wardrobe after 10 minutes 2011-07-05 11:19:49 -04:00
211d08204d add Donate Now! button to campaign progress on home 2011-07-04 23:23:28 -04:00
f9e3266a3b change wording a bit 2011-07-04 17:52:34 -04:00
ba7f6b8768 keep two caches of wardrobe, for those who have image mode and those who don't 2011-07-02 18:02:37 -04:00
323cf772bc actually dynamic progress bar, on home page too 2011-07-01 15:38:13 -04:00
5ecd5f3ce4 donate page noninteractive 2011-06-28 13:24:40 -04:00
443b144f29 image mode 2011-06-27 15:33:34 -04:00
6c9ddac8dd totally pro wardrobe image adapter, via konami 2011-05-22 16:30:02 -04:00
6940e098d3 say Edit a Copy on outfits#show if it a guest outfit and user is a guest 2011-05-14 09:36:18 -04:00
d7d2d5f0e5 include share button for logged in users, too 2011-03-28 17:29:03 -04:00
1207e84804 nice page to view current user's outfits 2011-03-23 18:23:01 -04:00
fa14232473 allow guests to share outfits 2011-02-10 17:50:47 -05:00
ea5908c278 outfit permalink in toolbar 2011-02-09 20:29:43 -05:00
d1daa6b772 pretty inline outfit form live 2011-02-09 19:29:31 -05:00
fd5663c9e8 playing with new outfit save interface 2011-02-09 18:58:02 -05:00