[openstreetmap/openstreetmap-website] Add Communities page (#3301)
Brian DeRocher
notifications at github.com
Mon Sep 12 15:23:51 UTC 2022
@openbrian commented on this pull request.
> @@ -0,0 +1,17 @@
+<% content_for :heading do %>
+ <h1><%= t ".title" %></h1>
+<% end %>
+
+<p class="lead"><%= t ".lede_text" %></p>
+
+<h2><%= t ".local_chapters.title" %></h2>
+<p><%= t ".local_chapters.about_text" %></p>
+<p><%= t ".local_chapters.list_text" %></p>
+<ul>
+ <% @local_chapters.each do |chapter| %>
+ <li><a href="<%= chapter.url %>"><%= t "osm_community_index.communities.#{chapter.id}.name" %></a></li>
In the mirocosm PR, I use https://rubygems.org/gems/validate_url and add validation in the model
```
validates :url, :presence => true, :length => 1..255, :url => { :schemes => ["https"] }
```
Not sure that will work here. I agree. Prevent bad data from entering the app. But the validation alone would not appease Brakeman. Seems like it needed to see a static and trusted string there. Shrug. Just to be clear the issue is with the href, not the text.
For reference here's the finding. https://github.com/openbrian/osm-microcosms/runs/8294617963?check_suite_focus=true#step:4:30
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/3301#discussion_r968557855
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/pull/3301/review/1104344892 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20220912/b04416d4/attachment.htm>
More information about the rails-dev
mailing list