aboutsummaryrefslogtreecommitdiffstats
path: root/config/initializers
diff options
context:
space:
mode:
Diffstat (limited to 'config/initializers')
-rw-r--r--config/initializers/alaveteli.rb80
-rw-r--r--config/initializers/backtrace_silencers.rb7
-rw-r--r--config/initializers/fast_gettext.rb2
-rw-r--r--config/initializers/gettext_i18n_rails.rb3
-rw-r--r--config/initializers/inflections.rb10
-rw-r--r--config/initializers/mime_types.rb5
-rw-r--r--config/initializers/secret_token.rb7
-rw-r--r--config/initializers/session_store.rb17
-rw-r--r--config/initializers/single_quote_escape_workaround.rb31
-rw-r--r--config/initializers/strip_nil_parameters_patch.rb51
-rw-r--r--config/initializers/theme_loader.rb2
11 files changed, 115 insertions, 100 deletions
diff --git a/config/initializers/alaveteli.rb b/config/initializers/alaveteli.rb
new file mode 100644
index 000000000..1efc1eb05
--- /dev/null
+++ b/config/initializers/alaveteli.rb
@@ -0,0 +1,80 @@
+if RUBY_VERSION.to_f >= 1.9
+ # the default encoding for IO is utf-8, and we use utf-8 internally
+ Encoding.default_external = Encoding.default_internal = Encoding::UTF_8
+ # Suppress warning messages and require inflector to avoid iconv deprecation message
+ # "iconv will be deprecated in the future, use String#encode instead." when loading
+ # it as part of rails
+ original_verbose, $VERBOSE = $VERBOSE, nil
+ require 'active_support/inflector'
+ # Activate warning messages again.
+ $VERBOSE = original_verbose
+end
+
+# MySociety specific helper functions
+$:.push(File.join(File.dirname(__FILE__), '../../commonlib/rblib'))
+# ... if these fail to include, you need the commonlib submodule from git
+# (type "git submodule update --init" in the whatdotheyknow directory)
+
+load "validate.rb"
+load "config.rb"
+load "format.rb"
+load "debug_helpers.rb"
+load "util.rb"
+
+# Application version
+ALAVETELI_VERSION = '0.6.8'
+
+# Add new inflection rules using the following format
+# (all these examples are active by default):
+# Inflector.inflections do |inflect|
+# inflect.plural /^(ox)$/i, '\1en'
+# inflect.singular /^(ox)en/i, '\1'
+# inflect.irregular 'person', 'people'
+# inflect.uncountable %w( fish sheep )
+# end
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf
+# Mime::Type.register "application/x-mobile", :mobile
+
+# The Rails cache is set up by the Interlock plugin to use memcached
+
+# Domain for URLs (so can work for scripts, not just web pages)
+ActionMailer::Base.default_url_options[:host] = AlaveteliConfiguration::domain
+
+# So that javascript assets use full URL, so proxied admin URLs read javascript OK
+if (AlaveteliConfiguration::domain != "")
+ ActionController::Base.asset_host = Proc.new { |source, request|
+ if ENV["RAILS_ENV"] != "test" && request.fullpath.match(/^\/admin\//)
+ AlaveteliConfiguration::admin_public_url
+ else
+ AlaveteliConfiguration::domain
+ end
+ }
+end
+
+# fallback locale and available locales
+available_locales = AlaveteliConfiguration::available_locales.split(/ /)
+default_locale = AlaveteliConfiguration::default_locale
+
+FastGettext.default_available_locales = available_locales
+I18n.locale = default_locale
+I18n.available_locales = available_locales.map {|locale_name| locale_name.to_sym}
+I18n.default_locale = default_locale
+
+# Customise will_paginate URL generation
+WillPaginate::ViewHelpers.pagination_options[:renderer] = 'WillPaginateExtension::LinkRenderer'
+
+# Load monkey patches and other things from lib/
+require 'ruby19.rb'
+require 'activesupport_cache_extensions.rb'
+require 'use_spans_for_errors.rb'
+require 'make_html_4_compliant.rb'
+require 'activerecord_errors_extensions.rb'
+require 'willpaginate_extension.rb'
+require 'i18n_fixes.rb'
+require 'world_foi_websites.rb'
+require 'alaveteli_external_command.rb'
+require 'quiet_opener.rb'
+require 'mail_handler'
+require 'public_body_categories'
diff --git a/config/initializers/backtrace_silencers.rb b/config/initializers/backtrace_silencers.rb
new file mode 100644
index 000000000..59385cdf3
--- /dev/null
+++ b/config/initializers/backtrace_silencers.rb
@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!
diff --git a/config/initializers/fast_gettext.rb b/config/initializers/fast_gettext.rb
index 1cd6440e4..752448a41 100644
--- a/config/initializers/fast_gettext.rb
+++ b/config/initializers/fast_gettext.rb
@@ -3,4 +3,4 @@ FastGettext.default_text_domain = 'app'
I18n::Backend::Simple.send(:include, I18n::Backend::Fallbacks)
-RoutingFilter::Locale.include_default_locale = Configuration::include_default_locale_in_urls \ No newline at end of file
+RoutingFilter::Locale.include_default_locale = AlaveteliConfiguration::include_default_locale_in_urls
diff --git a/config/initializers/gettext_i18n_rails.rb b/config/initializers/gettext_i18n_rails.rb
new file mode 100644
index 000000000..ef306682b
--- /dev/null
+++ b/config/initializers/gettext_i18n_rails.rb
@@ -0,0 +1,3 @@
+# FIXME: Audit the translations for XSS opportunities. Ultimately it would be
+# good to get rid of this and explicitly mark strings as html_safe
+GettextI18nRails.translations_are_html_safe = true
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 000000000..9e8b0131f
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,10 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format
+# (all these examples are active by default):
+# ActiveSupport::Inflector.inflections do |inflect|
+# inflect.plural /^(ox)$/i, '\1en'
+# inflect.singular /^(ox)en/i, '\1'
+# inflect.irregular 'person', 'people'
+# inflect.uncountable %w( fish sheep )
+# end
diff --git a/config/initializers/mime_types.rb b/config/initializers/mime_types.rb
new file mode 100644
index 000000000..72aca7e44
--- /dev/null
+++ b/config/initializers/mime_types.rb
@@ -0,0 +1,5 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf
+# Mime::Type.register_alias "text/html", :iphone
diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb
new file mode 100644
index 000000000..f82348169
--- /dev/null
+++ b/config/initializers/secret_token.rb
@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Alaveteli::Application.config.secret_token = AlaveteliConfiguration::cookie_store_session_secret
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 8cfa333f2..ca283d4e0 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -1,17 +1,2 @@
# Be sure to restart your server when you modify this file.
-
-# Your secret key for verifying cookie session data integrity.
-# If you change this key, all old sessions will become invalid!
-# Make sure the secret is at least 30 characters and all random,
-# no regular words or you'll be exposed to dictionary attacks.
-
-ActionController::Base.session = {
- :key => '_wdtk_cookie_session',
- :secret => Configuration::cookie_store_session_secret
-}
-ActionController::Base.session_store = :cookie_store
-
-# Insert a bit of middleware code to prevent uneeded cookie setting.
-require "#{Rails.root}/lib/whatdotheyknow/strip_empty_sessions"
-ActionController::Dispatcher.middleware.insert_before ActionController::Base.session_store, WhatDoTheyKnow::StripEmptySessions, :key => '_wdtk_cookie_session', :path => "/", :httponly => true
-
+Rails.application.config.session_store :cookie_store, :key => '_wdtk_cookie_session'
diff --git a/config/initializers/single_quote_escape_workaround.rb b/config/initializers/single_quote_escape_workaround.rb
deleted file mode 100644
index 2e713b982..000000000
--- a/config/initializers/single_quote_escape_workaround.rb
+++ /dev/null
@@ -1,31 +0,0 @@
-class ERB
- module Util
-
- if "html_safe exists".respond_to?(:html_safe)
- def html_escape(s)
- s = s.to_s
- if s.html_safe?
- s
- else
- Rack::Utils.escape_html(s).html_safe
- end
- end
- else
- def html_escape(s)
- s = s.to_s
- Rack::Utils.escape_html(s).html_safe
- end
- end
-
- remove_method :h
- alias h html_escape
-
- class << self
- remove_method :html_escape
- remove_method :h
- end
-
- module_function :html_escape
- module_function :h
- end
-end
diff --git a/config/initializers/strip_nil_parameters_patch.rb b/config/initializers/strip_nil_parameters_patch.rb
deleted file mode 100644
index 35d0a28c5..000000000
--- a/config/initializers/strip_nil_parameters_patch.rb
+++ /dev/null
@@ -1,51 +0,0 @@
-# Stolen from https://raw.github.com/mysociety/fixmytransport/fa9b014eb2628c300693e055f129cb8959772082/config/initializers/strip_nil_parameters_patch.rb
-
-# Monkey patch for CVE-2012-2660 on Rails 2.3.14
-
-# Strip [nil] from parameters hash
-# based on a pull request from @sebbacon
-# https://github.com/rails/rails/pull/6580
-
-module ActionController
- class Request < Rack::Request
- protected
- def deep_munge(hash)
- hash.each_value do |v|
- case v
- when Array
- v.grep(Hash) { |x| deep_munge(x) }
- when Hash
- deep_munge(v)
- end
- end
-
- keys = hash.keys.find_all { |k| hash[k] == [nil] }
- keys.each { |k| hash[k] = nil }
- hash
- end
-
- private
-
- def normalize_parameters(value)
- case value
- when Hash
- if value.has_key?(:tempfile)
- upload = value[:tempfile]
- upload.extend(UploadedFile)
- upload.original_path = value[:filename]
- upload.content_type = value[:type]
- upload
- else
- h = {}
- value.each { |k, v| h[k] = normalize_parameters(v) }
- deep_munge(h.with_indifferent_access)
- end
- when Array
- value.map { |e| normalize_parameters(e) }
- else
- value
- end
- end
-
- end
-end
diff --git a/config/initializers/theme_loader.rb b/config/initializers/theme_loader.rb
index 877149e9d..4c8967c97 100644
--- a/config/initializers/theme_loader.rb
+++ b/config/initializers/theme_loader.rb
@@ -3,7 +3,7 @@
$alaveteli_route_extensions = []
if ENV["RAILS_ENV"] != "test" # Don't let the themes interfere with Alaveteli specs
- for url in Configuration::theme_urls.reverse
+ for url in AlaveteliConfiguration::theme_urls.reverse
theme_name = url.sub(/.*\/(.*).git/, "\\1")
theme_main_include = File.expand_path "../../../vendor/plugins/#{theme_name}/lib/alavetelitheme.rb", __FILE__
if File.exists? theme_main_include
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-21 17:52:07 +0000