FreakU
/
Retrospring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add linkfilter action

This commit is contained in:
Andreas Nedbal 2021-12-30 17:58:15 +01:00 committed by Andreas Nedbal
parent 2a2bd6ad14
commit 09172a56ef
4 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/static_controller.rb
View File

@ -31,6 +31,12 @@ class StaticController < ApplicationController
@smiles = Smile.count + CommentSmile.count @smiles = Smile.count + CommentSmile.count
end end
def linkfilter
redirect_to root_path unless params[:url]
@link = params[:url]
end
def faq def faq
end end

2
app/validators/screen_name_validator.rb
View File

@ -2,7 +2,7 @@ class ScreenNameValidator < ActiveModel::EachValidator
FORBIDDEN_SCREEN_NAMES = %w(justask_admin retrospring_admin admin justask retrospring about public FORBIDDEN_SCREEN_NAMES = %w(justask_admin retrospring_admin admin justask retrospring about public
notifications inbox sign_in sign_up sidekiq moderation moderator mod administrator notifications inbox sign_in sign_up sidekiq moderation moderator mod administrator
siteadmin site_admin help retro_spring retroospring retrosprlng niisding nllsding siteadmin site_admin help retro_spring retroospring retrosprlng niisding nllsding
pixeidesu plxeldesu plxeidesu terms privacy) pixeidesu plxeldesu plxeidesu terms privacy linkfilter)
FORBIDDEN_SCREEN_NAME_REGEXPS = [/wreciap\z/i] FORBIDDEN_SCREEN_NAME_REGEXPS = [/wreciap\z/i]
def validate_each(record, attribute, value) def validate_each(record, attribute, value)

19
app/views/static/linkfilter.haml Normal file
View File

@ -0,0 +1,19 @@
.container.pt-3
.card
.card-body
%h1
You're leaving
= APP_CONFIG['site_name']
%p.lead
The link you are visiting is not trusted by
= APP_CONFIG['site_name']
%p
Never enter your passwords or other private information on an untrusted website.
= APP_CONFIG['site_name']
will only ever ask for your password on a site that is on the domain
= APP_CONFIG['hostname']
%p.font-weight-bold.mb-0 URL:
%pre.bg-light.text-dark.p-3.rounded= @link
%a.btn.btn-primary{ href: @link } I understand the risk, proceed!

1
config/routes.rb
View File

@ -42,6 +42,7 @@ Rails.application.routes.draw do
match '/help/faq', to: 'static#faq', via: 'get', as: :help_faq match '/help/faq', to: 'static#faq', via: 'get', as: :help_faq
match '/privacy', to: 'static#privacy_policy', via: 'get', as: :privacy_policy match '/privacy', to: 'static#privacy_policy', via: 'get', as: :privacy_policy
match '/terms', to: 'static#terms', via: 'get', as: :terms match '/terms', to: 'static#terms', via: 'get', as: :terms
match '/linkfilter', to: 'static#linkfilter', via: 'get', as: :linkfilter
# Devise routes # Devise routes
devise_for :users, path: 'user', skip: [:sessions, :registrations] devise_for :users, path: 'user', skip: [:sessions, :registrations]