From 433d952eb5145845ad59c59d5df91241b1506c48 Mon Sep 17 00:00:00 2001 From: Benjamin Neff Date: Fri, 28 Oct 2016 21:46:08 +0200 Subject: [PATCH 1/3] Fix tag page when default aspect is "public" or a single aspect fixes #7161 --- app/views/tags/show.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/tags/show.haml b/app/views/tags/show.haml index 96539ecd0..e81ec8f7e 100644 --- a/app/views/tags/show.haml +++ b/app/views/tags/show.haml @@ -26,7 +26,7 @@ = @stream.display_tag_name - if current_user - = render 'publisher/publisher', :selected_aspects => @stream.aspect_ids, :aspect_ids => @stream.aspect_ids, aspect: @stream.aspect + = render "publisher/publisher", publisher_aspects_for(@stream) #main_stream.stream From be3b50295c948f28034b3782b99f97e1ff62364d Mon Sep 17 00:00:00 2001 From: Benjamin Neff Date: Fri, 28 Oct 2016 22:04:25 +0200 Subject: [PATCH 2/3] Use default visibility also for bookmarklet --- Changelog.md | 1 + app/views/status_messages/bookmarklet.html.haml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index 9b2b19728..adfe71c85 100644 --- a/Changelog.md +++ b/Changelog.md @@ -37,6 +37,7 @@ Note: Although this is a minor release, the configuration file changed because t * Fix message modal on profile page [#7137](https://github.com/diaspora/diaspora/pull/7137) * Display error message when aspect membership changes fail [#7132](https://github.com/diaspora/diaspora/pull/7132) * Avoid the creation of pod that are none [#7145](https://github.com/diaspora/diaspora/pull/7145) +* Fixed tag pages with alternate default aspect settings [#7262](https://github.com/diaspora/diaspora/pull/7162) ## Features * Deleted comments will be removed when loading more comments [#7045](https://github.com/diaspora/diaspora/pull/7045) diff --git a/app/views/status_messages/bookmarklet.html.haml b/app/views/status_messages/bookmarklet.html.haml index 393002b8c..72e164c9f 100644 --- a/app/views/status_messages/bookmarklet.html.haml +++ b/app/views/status_messages/bookmarklet.html.haml @@ -4,4 +4,4 @@ .col-md-12 %h4 =t('bookmarklet.post_something') - = render partial: 'publisher/publisher', locals: { aspect: :profile, :selected_aspects => @aspects, :aspect_ids => @aspect_ids } + = render partial: "publisher/publisher", locals: publisher_aspects_for(nil) From e18627f542b72b00f8ff58d6026fece67a7e9158 Mon Sep 17 00:00:00 2001 From: Benjamin Neff Date: Fri, 28 Oct 2016 23:57:36 +0200 Subject: [PATCH 3/3] Suppress deprecation warning: disable csp in report-only mode --- Changelog.md | 1 + config/initializers/secure_headers.rb | 1 + 2 files changed, 2 insertions(+) diff --git a/Changelog.md b/Changelog.md index adfe71c85..fb6e287d7 100644 --- a/Changelog.md +++ b/Changelog.md @@ -38,6 +38,7 @@ Note: Although this is a minor release, the configuration file changed because t * Display error message when aspect membership changes fail [#7132](https://github.com/diaspora/diaspora/pull/7132) * Avoid the creation of pod that are none [#7145](https://github.com/diaspora/diaspora/pull/7145) * Fixed tag pages with alternate default aspect settings [#7262](https://github.com/diaspora/diaspora/pull/7162) +* Suppressed CSP related deprecation warnings [#7263](https://github.com/diaspora/diaspora/pull/7163) ## Features * Deleted comments will be removed when loading more comments [#7045](https://github.com/diaspora/diaspora/pull/7045) diff --git a/config/initializers/secure_headers.rb b/config/initializers/secure_headers.rb index fc4815b7e..84e2415c7 100644 --- a/config/initializers/secure_headers.rb +++ b/config/initializers/secure_headers.rb @@ -43,6 +43,7 @@ SecureHeaders::Configuration.default do |config| csp[:report_uri] = [AppConfig.settings.csp.report_uri] if AppConfig.settings.csp.report_uri.present? if AppConfig.settings.csp.report_only? + config.csp = SecureHeaders::OPT_OUT config.csp_report_only = csp else config.csp = csp