From f4ec30eac7c41d7ef189768cd929ac3928a7d184 Mon Sep 17 00:00:00 2001 From: f Date: Thu, 28 Apr 2022 12:06:27 -0300 Subject: [PATCH 1/3] jekyll no soporta urls con barra al final MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit y genera un montón de problemas! --- app/models/site.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/site.rb b/app/models/site.rb index 5b78d625..af10b004 100644 --- a/app/models/site.rb +++ b/app/models/site.rb @@ -470,7 +470,7 @@ class Site < ApplicationRecord config.theme = design.gem unless design.no_theme? config.description = description config.title = title - config.url = url + config.url = url(slash: false) config.hostname = hostname end From ea392f21ce511c66f06c8d7dca2d50fc53ec881d Mon Sep 17 00:00:00 2001 From: f Date: Wed, 26 Oct 2022 17:25:58 -0300 Subject: [PATCH 2/3] fix: eliminar x-frame-options de disk controller MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit relacionado con sutty/editor#59 relacionado con sutty/editor#51 la razón por la que no se pueden incrustar pdfs es que rails agregar x-frame-options: sameorigin a todas las urls, aunque no es necesario para los archivos, porque les usuaries no interactuan con ellos para enviar información de vuelta al panel. --- .../active_storage/disk_controller_decorator.rb | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/app/controllers/active_storage/disk_controller_decorator.rb b/app/controllers/active_storage/disk_controller_decorator.rb index 14366a15..0634a2ec 100644 --- a/app/controllers/active_storage/disk_controller_decorator.rb +++ b/app/controllers/active_storage/disk_controller_decorator.rb @@ -6,6 +6,16 @@ module ActiveStorage extend ActiveSupport::Concern included do + alias_method :original_show, :show + + # Permitir incrustar archivos subidos (especialmente PDFs) desde + # otros sitios. + def show + original_show.tap do |s| + response.headers.delete 'X-Frame-Options' + end + end + # Asociar el archivo subido al sitio correspondiente. Cada sitio # tiene su propio servicio de subida de archivos. def update From 7dd9061f3447ccdfc8c0066df0da1133cd4e6a41 Mon Sep 17 00:00:00 2001 From: f Date: Wed, 26 Oct 2022 17:42:56 -0300 Subject: [PATCH 3/3] fix: no limpiar las clases de css MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit relacionado con sutty/editor#51 las imágenes sobrepasan el contenedor porque el sanitizador elimina el atributo class. --- app/models/metadata_template.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/metadata_template.rb b/app/models/metadata_template.rb index e210fd2c..97a631c1 100644 --- a/app/models/metadata_template.rb +++ b/app/models/metadata_template.rb @@ -198,7 +198,7 @@ MetadataTemplate = Struct.new(:site, :document, :name, :label, :type, def allowed_attributes @allowed_attributes ||= %w[style href src alt controls data-align data-multimedia data-multimedia-inner id - name rel target referrerpolicy].freeze + name rel target referrerpolicy class].freeze end def allowed_tags