Rohit Datta
142610421e
fixed ip to use heroku headers
2018-03-25 17:40:12 -05:00
Rohit Datta
3c2b08ff64
add backend logic for disabling form submissions and storage
2018-03-16 12:14:46 -05:00
Rohit Datta
e10959c3e0
merge conflicts fix
2018-03-13 12:14:05 -05:00
pauguerrero
e14e48e2b2
add Catalan translation
...
add Catalan language to captcha form
2018-03-12 12:14:17 +01:00
Cole
6d56858529
Hiding missed username when logging in ( #180 )
...
* Hiding missed username when logging in
* Hiding bad email when submitting password reset
2018-03-11 18:57:19 -04:00
Cole
bf13d261b8
Merge branch 'master' into flask-cli
2018-03-11 18:45:03 -04:00
fiatjaf
f75f359b01
send unconfirm links on confirmation emails also.
2018-03-09 12:54:42 +00:00
Rohit Datta
ca8ad9d8b5
Merge pull request #176 from rohitdatta/xss-better
...
Better Fix for XSS
2018-03-08 08:52:17 -06:00
Giovanni T. Parra
014ea8e1ea
Merge pull request #178 from fiatjaf/list-unconfirm-headers
...
List-Unsubscribe headers and unconditional form unconfirmation endpoint.
2018-03-08 07:24:39 -03:00
Rohit Datta
fab8a10254
update tests
2018-03-07 22:58:13 -06:00
Rohit Datta
c62f7289d4
remove http appending
2018-03-07 22:57:05 -06:00
Rohit Datta
92b6a402aa
add ip logging for user events
2018-03-07 15:39:11 -06:00
fiatjaf
adee185c45
test List-Unsubscribe headers and unconfirm link.
2018-03-07 14:09:00 +00:00
fiatjaf
19325bd266
List-Unsubscribe header with unconditional unconfirmation url.
2018-03-07 13:45:49 +00:00
fiatjaf
541e1a1040
Merge branch 'master' of github.com:formspree/formspree
2018-03-07 12:42:27 +00:00
fiatjaf
caf2f3ce6b
fix Gmail Action button text.
...
I'm stupid and hadn't changed this from the model I've copied from.
2018-03-07 12:22:36 +00:00
Giovanni T. Parra
6881acca5e
Merge pull request #171 from fiatjaf/gmail-actions
...
Gmail Action for confirm emails.
It's impossible to test this out without a Google Apps for Businesses email address, and to submit the application to Google the code must be working in production, so I'll merge this.
2018-03-07 08:54:21 -03:00
Giovanni T. Parra
f6b245a695
Merge pull request #175 from fiatjaf/stop-storing-useless-keys
...
Stop storing useless keys.
2018-03-01 14:59:54 -03:00
Rohit Datta
c3a18cdbc1
add better testing for thanks page
2018-02-25 00:12:07 -06:00
Rohit Datta
84b39fe128
added js check for url
2018-02-25 00:10:02 -06:00
fiatjaf
cf51fc7bd9
stop storing useless keys.
2018-02-20 18:54:56 +00:00
Rohit Datta
6320760a45
Merge pull request #174 from rohitdatta/xss-free-next
...
Prevent XSS Vulnerability on "Return to Site" Button
2018-02-16 12:16:04 -06:00
Rohit Datta
7cf2136ed8
add test for thanks page
2018-02-15 16:20:06 -06:00
Rohit Datta
a8a61290a0
add finnish
2018-02-14 10:02:40 -06:00
Rohit Datta
c566703a19
update list of languages on homepage
2018-02-12 12:15:57 -06:00
Rohit Datta
237a11f40b
add arabic
2018-02-12 12:11:56 -06:00
Cole Krumbholz
0d09be59de
better ajax error message
2018-02-10 21:58:01 -05:00
Rohit Datta
0cd79e2ec0
added a url check
2018-02-10 17:28:38 -06:00
Rohit Datta
a3c51878e4
fix xss opportunity
2018-02-10 17:20:17 -06:00
Cole
d91088efec
removing ajax creation for non gold accounts ( #173 )
...
* removing ajax creation for non gold accounts
* updating docs and features
* fixing tests
2018-02-10 17:14:10 -05:00
Cole
9d394a9d20
Merge pull request #172 from colevscode/anti-formspree-spoof
...
adding check to ensure referrer hostname doesn't match SERVICE_URL
2018-02-10 16:14:18 -05:00
Cole Krumbholz
45dbab23c9
removing unnecessary old google spam check
2018-02-10 16:09:20 -05:00
Cole Krumbholz
279374dfc4
adding check to ensure referrer hostname doesn't match SERVICE_URL
2018-02-10 16:05:02 -05:00
fiatjaf
eec1115849
safe yaml dumping.
...
solve e89c30c800 (commitcomment-27333038)
, maybe.
2018-02-04 23:06:51 +00:00
Rohit Datta
ce0278a8a4
Merge pull request #170 from rohitdatta/invoice-hub
...
Invoice hub
2018-01-24 12:37:03 -06:00
Rohit Datta
472ba1db9f
remove commented html
2018-01-24 12:22:53 -06:00
fiatjaf
b2df015ec7
gmail click action for confirm emails.
2018-01-24 13:33:48 +00:00
fiatjaf
446bdd7968
fix sqlalchemy version.
...
newer sqlalchemy versions apparently are producing different
SQL that postgres is treating as an error.
2018-01-24 13:17:09 +00:00
fiatjaf
0f6eb6e6ef
upgrade psycopg2.
...
so travis can build: https://github.com/psycopg/psycopg2/issues/594
2018-01-24 13:06:41 +00:00
fiatjaf
f3234e04b2
send the same fields no matter if the submission came from ajax.
...
fix from the ticket https://formspree.zendesk.com/agent/tickets/846 .
2018-01-24 12:49:09 +00:00
fiatjaf
f1e091d79a
add lithuanian.
2018-01-24 11:26:48 +00:00
fiatjaf
486ef3a61c
Merge branch 'master' of github.com:formspree/formspree
2018-01-24 11:02:41 +00:00
fiatjaf
7896dd9d6d
add norwegian.
2018-01-24 11:02:25 +00:00
Rohit Datta
5f18eeaaa4
Remove XSS opportunity
2018-01-23 20:21:06 -06:00
Rohit Datta
ab5c4029d9
finish building out the invoice template and add button to update invoice address
2018-01-15 23:57:28 -06:00
Rohit Datta
733867f435
build out the invoice page
2018-01-15 17:53:43 -06:00
Rohit Datta
0c1e3b8e9b
migration for user address
2018-01-14 23:03:30 -05:00
Rohit Datta
8a0c9b727c
update billing page to list invoices
2018-01-12 13:09:04 -05:00
fiatjaf
e89c30c800
use pyaml to display non-string values in the submissions page.
2018-01-10 20:34:50 +00:00
Rohit Datta
c2b3d47ceb
merge conflicts
2018-01-09 20:42:00 -05:00