Merge commit '121443c0fca383268b8022c048dd137994785aff' into glitch-soc/main

Conflicts: - `.rubocop_todo.yml`: Upstream regenerated this file, glitch-soc had a specific ignore.
2023-08-13 18:47:15 +02:00
parent 678fa1e6af 121443c0fc
commit 6530f9709c
194 changed files with 3931 additions and 2110 deletions
--- a/app/controllers/admin/domain_blocks_controller.rb
+++ b/app/controllers/admin/domain_blocks_controller.rb
@@ -40,7 +40,7 @@ module Admin
      end

      # Allow transparently upgrading a domain block
-      if existing_domain_block.present?
+      if existing_domain_block.present? && existing_domain_block.domain == TagManager.instance.normalize_domain(@domain_block.domain.strip)
        @domain_block = existing_domain_block
        @domain_block.assign_attributes(resource_params)
      end
--- a/app/controllers/concerns/captcha_concern.rb
+++ b/app/controllers/concerns/captcha_concern.rb
@@ -42,7 +42,7 @@ module CaptchaConcern
  end

  def extend_csp_for_captcha!
-    policy = request.content_security_policy
+    policy = request.content_security_policy&.clone

    return unless captcha_required? && policy.present?

@@ -54,6 +54,8 @@ module CaptchaConcern

      policy.send(directive, *values)
    end
+
+    request.content_security_policy = policy
  end

  def render_captcha
--- a/app/controllers/concerns/web_app_controller_concern.rb
+++ b/app/controllers/concerns/web_app_controller_concern.rb
@@ -12,7 +12,7 @@ module WebAppControllerConcern
  end

  def skip_csrf_meta_tags?
-    current_user.nil?
+    !(ENV['OMNIAUTH_ONLY'] == 'true' && Devise.omniauth_providers.length == 1) && current_user.nil?
  end

  def set_app_body_class