organicmaps/organicmaps-tmp
Archived
13
Fork 1
Code Issues 2.7k Pull requests 182 Projects Releases 65 Wiki Activity Actions

Don't configure DonateUrl and NY externally at server-side #9870

New issue
Open
opened 2024-12-15 20:34:49 +00:00 by pastk · 0 comments
pastk commented 2024-12-15 20:34:49 +00:00
Member
Copy link

There are two settings configured externally at the metaserver side:

  • "DonateUrl" - an url to the donation page (defaults to a language-specific https://organicmaps.app/donate/); if absent in the external config then in-app donation buttons are disabled (in the hamburger menu and is the about screen)
  • "NY" - new year time! displays the x-mas tree icon and controls donations buttons also

What are use cases for configuring the DonateUrl at server side?
It seems like an unnecessary security risk - if the metaserver gets compromised then an attacker could easily divert all donations.
A simple setting to switch donation buttons on/off should be enough.

Also not clear why the "NY" setting controls donations also?
The x-mas tree could be displayed based on the current date.
So this setting seems redundant.

There are two settings configured externally at the [metaserver](https://github.com/organicmaps/meta) side: - "DonateUrl" - an url to the donation page (defaults to a language-specific https://organicmaps.app/donate/); if absent in the external config then in-app donation buttons are disabled (in the hamburger menu and is the about screen) - "NY" - new year time! displays the x-mas tree icon and controls donations buttons also What are use cases for configuring the DonateUrl at server side? It seems like an unnecessary security risk - if the metaserver gets compromised then an attacker could easily divert all donations. A simple setting to switch donation buttons on/off should be enough. Also not clear why the "NY" setting controls donations also? The x-mas tree could be displayed based on the current date. So this setting seems redundant.
This repo is archived. You cannot comment on issues.
No Branch/Tag specified
Branches Tags
master
weblate-i18n
beta/ios-hotfix-search
ios/search-fix-to-child-vc
ios/update-toast-ui
pastk-generator-genorder
pastk-autogen-subways
ios/pp-for-track-recording
ios/add-icons-to-the-live-activity-widget
ios/fix-search-on-map-tests-for-ipad
release/2025.03.02
pastk-drape-subways-greying-out
ios/update-search-vc-ui
alpha/2025.02.23
crowdin-master
l10n
ios/search-ui-redesign
ios/show-new-search-vc-from-the-route-building
release/2025.01.24
drop-appstream-glib
separate-locationservice-lib
release/2025.01.12
int/anrdoid-auto/permissions-screen
rt-docs-release-management-principles
generator-wikipedia
generator-actions
generator-subways
ios/enable-cpp-swift-interop
pastk-docs-values
fix-deprecated-atomic-load
rt-docs-communication
rt-docs-collaboration
ios/fix-compile-warnings-and-cleanup-unsupported-code
rt-ios-managed-signing
ios/fix-ios-test-ci-action-failure
ab-ios-bookmarks-last-category
pastk-docs-teams
qt-3d-preferences
fix-file-read-exception
fix-track-length-calculation
pastk-styles-feature-types-migration
release/24.11.27
alpha/2024.11.26
beta/2024.11.26
ab-tests-macro-fixes
ios/track-recording-fifth-bar-button
vng-fix
release/24.11.12
alpha/2024.11.10
vng-langs
patch-3
release/2024.10.22
alpha/2024.10.22
beta/2024.10.22
place-page-for-tracks-backup
release/2024.10.08
release/2024.10.04
alpha/2024.10.01
vng-search
beta/2024.09.19
release/2024.09.19
rdb-weblate
release/2024.09.08
android/speed-limit-exceed-flag
alpha/2024.09.03
alpha/2024.09.03-ios-track-recording-feature
mb-PendingIntent-requestCode-fix
alpha/2024.08.29
add-timestamps-to-track
ab-ios-crash-on-assert
alpha/2024.08.25-ios-track-recording-feature
alpha/2024.08.29-ios-track-recording-feature
android/speed-limit-threshold
android-oauth2-with-browser
release/2024.08.17
changes-from-release
release/2024.08.15
alpha-iOS-Bluetooth
rdb-cldr-plural-order
ab-unused-code
ab-android-location-fix
recent-track-recorder
ab-cleaner-shutdown
localized_address_ordering
ab-android-layer-button-highlight
weblate
release/2024.07.08
alpha/2024.07.25-rtsisyk-ios-test
ios-implement-the-recently-deleted-support-to-icloud-sync
recently-deleted-categories-using-postfix
fix-ios-simulator-version
alpha/2024.07.02
vng-test-data
release/2024.06.02
ios/undo-for-the-bookmark-deletion
ios/restore-bookmark-by-tap-on-the-map
ios/undo-for-the-bookmark-deletion-with-restoring-by-tap-on-the-map
revert-7969-pastk-drape-transparent-areas
ab-drape-use-constant-base-font-height
rt-beta
vng-alt-routes
pastk-styles-shared-paths-tune-down
android-auto/8015-8019-8022
pastk-beta-0420
pastk-2generate-paths
ab-fix-shaders-rebuild
ios/fix-drape-failure-during-test-running
ios/add-test-target-terminate
cleanup/base
ab-max-open-file-limit
weblate-appstore-i18n
2024.03.27-3-android-hotfix
ab-3party-oauthcpp
android-hotfix-24031805
ab-android-revert-links
ab-tts-simpler-strings
rt-android-huawei-crash
rt-android-release-2024.03.02
rt-android-release-2024.03.01
ab-ios-release-2024.02.27
ab-from-chars
gplay-android-auto-hotfix
ab-case-folding
rt-store-metadata
ab-buffer-vector-string-view
ab-update-gh-cache-action
rt-android-bookmark-export
osm-oauth2-support
vng-test
rt-geo-links
vng-lines
windows3
android-auto-disable
rt-android-paranoid-mode
rt-android-outdoor
ios-hotfix-release-dec-2023
rt-android-location-providers
pastk-outdoors-hiking-routes
pastk-2generate
pastk-classif-hiking-routes
vng-gen-kk
poc-disable-route-build-zoom
kk2
ab-thread-checker-qt-download-dialog-fix
revert-6461-category-letterbox-it
beta-outdoor
protobuf-24.4
designer-fixes
vng-bookmarks
vng-outdoors
navigation/save-mode
pastk-TEST-rel-w-lines-stats
ab-kml-remove-unique-ptr
vng-bench
aa
rt-android-remove-workmanager
rt-android-debug
protobuf-24.3
pastk-core-housenumbers
ruler-disable-reordering
android-warning-suppress
pastk-drape-bucket-discard-optimization
beta-ios-gpx-fix
pastk-generator-isolines-skip-resimplify
pastk-styles-world-railways
pastk-styles-TMP_dump_priorities
ab-increase-long-tap-radius
car-checkpoint-tolerance
rt-android-fix-viewport
vng-addr-test
downloader
obsolete-position-color
pastk-styles-geometryfallback
pastk-DEMO-geometry-1more-detailed
strings-be-ru-uk-miles
ios/external-keyboard-fix2
alex-outdoors
ios/blue-route-to
pastk-styles-fixpriorities2
pastk-styles-fixpriorities
rt-android-accent-color
pastk-drape-path_text_zoom_mask
pastk-drape-roadshields
update-appstore-metadata
pastk-styles-outdoors
3p/disable-system-jansson
ios/newly-created-list-order
czech-release
rt-fix-monkey-gh
ios/fix-tableview-headers-font
rt-android-google-location-annoying
pastk-loc-share
ctest
windows2
kml-load-robust
tr-screenshots
vng-nav
d4f5409d-patch-1
rt-fix-location-resolution
github-actions-update
android_auto
matheusgomesms-store-releasenotes-pt_BRtranslation
rt-add-ci-timeout
rq-alterRoutes-vng
euskara
windows
tests-fix
pastk-styles-geometryfallback-1more-detailed
pastk-styles-zoomlessareas
pastk-outdoors-beta
android/R8
pastk-android-writability
rt-location-api
pastk-android-verifyerror
qt6
vng-my_pos
pastk-scripts
vng-sdfimage
vng-vehicle-refactoring
release-gp-fdroid-without-location-fixes
rt-android-track-recorder
rt-android-gplay-compliance
rt-android-remove-gms
rt-android-track-recorder-alarm
rt-android-keep-data
fix-odr
build/no-unity
backup-resources
android/warning-fixes
weblate-ios-i18n
rt-android-symlinks
weblate-android-i18n
weblate-whitespacing
rt-weblate-consume
ios/fixes
i18n-android
i18n-ios
rt-xcode-desktop
2025.03.02-7-android
2025.02.17-3-android
2025.01.26-9-android
2024.11.27-12-android
2024.11.12-7-android
2024.10.23-2-android
2024.10.08-5-android
2024.10.04-7-android
2024.09.08-7-android
2024.08.17-4-google-play
2024.08.16-5-android
2024.08.15-21-android
2024.08.15-17-android
2024.07.29-2-android
2024.07.27-7-ios
2024.07.27-8-android
2024.07.23-8-android
2024.07.08-3-android
2024.06.19-3-android
2024.06.02-12-android
2024.05.11-3-android-rc
2024.05.11-3-android
2024.05.10-1-ios
2024.05.04-9-android-rc
2024.05.04-9-android
2024.03.31-8-android-rc
2024.03.31-8-android
2024.03.31-3-android-rc
2024.03.27-3-android-hotfix
2024.03.27-5-android-hotfix
2024.03.18-5-android-hotfix
2024.03.05-4-android
2024.02.06-11-android
2024.02.06-8-android
2024.01.09-5-android
2023.12.20-4-android
2023.12.18-11-android
2023.12.18-10-android
2023.11.17-17-android
2023.09.22-27-android
2023.08.18-8-android
2023.07.13-10-android
2023.06.04-13-android
2023.05.08-7-android
2023.04.02-7-android
2023.03.05-5-android
2023.03.02-3-android
2023.02.13-11-android
2023.01.25-3-android
2022.12.18-12-android
2022.11.24-3-android
2022.11.02-2-android
2022.09.22-3-android
2022.09.15-5-android
2022.08.23-5-android
2022.07.27-3-android
2022.07.01-6-android
2022.06.29-3-android
2022.06.18-2-android
2022.05.31-10-android
2022.05.24-2-android
2022.05.20-5-android
2022.05.20-4-android
2022.05.19-4-android
2022.04.27-2-android
2022.03.23-4-android
2022.02.19-1-android
2022.02.16-29-android
2022.02.11-17-android
2022.01.15-3-android
2022.01.12-6-android
2022.01.12-3-android
2021.12.01-4-android
2021.11.04-2-android
2021.10.22-10-android
2021.10.15-15-android
2021.10.09-2-android
2021.10.08-0-ios
2021.09.14-4-android
2021.09.01-6-android
2021.08.26-13-ios
2021.08.26-14-android
2021.08.19-11-android
2021.08.19-6-android
2021.08.14-4-android
2021.08.09-1-ios
2021.08.07-4-ios
2021.08.05-2-android
2021.08.04-3-ios
2021.07.08-3
2021-07-03
2021.07.04-2
2021-06-23
2021-06-20
2021-06-12
2021-06-07
2021-05-21
2021-05-08
2021-05-05
2021-04-24
Labels
Clear labels   
Accessibility

issues affecting users with specific needs

  
Accessibility

issues affecting users with specific needs

  
Address

Issues with addresses, post codes, city/town/village borders

  
Address

Issues with addresses, post codes, city/town/village borders

  
Android

Android development

  
Android

Android development

  
Android Auto

Android Auto

  
Android Auto

Android Auto

  
Android Automotive (AAOS)

   
Android Automotive (AAOS)

   
API

Short Links, deep links and url schemes, including ge0 and om://

  
API

Short Links, deep links and url schemes, including ge0 and om://

  
AppGallery

Huawei AppGallery

  
AppGallery

Huawei AppGallery

  
AppStore

Apple AppStore

  
AppStore

Apple AppStore

  
Battery and Performance

Performance and battery consumption-related issues and optimizations

  
Battery and Performance

Performance and battery consumption-related issues and optimizations

  
Blocker

An issue blocking the release

  
Blocker

An issue blocking the release

  
Bookmarks and Tracks

Bookmarks, imported tracks, and KML, KMZ, KMB, GPX, GPZ import or export

  
Bookmarks and Tracks

Bookmarks, imported tracks, and KML, KMZ, KMB, GPX, GPZ import or export

  
Borders

Country borders and polygons

  
Borders

Country borders and polygons

  
Bug

Something isn't working

  
Bug

Something isn't working

  
Build

Compilation issue

  
Build

Compilation issue

  
CarPlay

CarPlay Integration

  
CarPlay

CarPlay Integration

  
Classificator

Classify object by types

  
Classificator

Classify object by types

  
Community

Community relations

  
Community

Community relations

  
Core

Cross-platform C++ libraries with a core functionality

  
Core

Cross-platform C++ libraries with a core functionality

  
CrashReports

Crash Reporting

  
CrashReports

Crash Reporting

  
Cycling

Bike, cycle, biking and related

  
Cycling

Bike, cycle, biking and related

  
Desktop

Desktop application

  
Desktop

Desktop application

  
DevEx

Developer Experience

  
DevEx

Developer Experience

  
DevOps

Automation and pipelines

  
DevOps

Automation and pipelines

  
dev_sandbox

A desktop app to debug rendering

  
dev_sandbox

A desktop app to debug rendering

  
Directions

Issues with next turns, labels, streets, voice instructions

  
Directions

Issues with next turns, labels, streets, voice instructions

  
Documentation

Improvements or additions to documentation

  
Documentation

Improvements or additions to documentation

  
Downloader

Map dowloader

  
Downloader

Map dowloader

  
Drape

Drape OpenGL, Vulkan and Metal graphics rendering engine

  
Drape

Drape OpenGL, Vulkan and Metal graphics rendering engine

  
Driving

Drive a car related issues

  
Driving

Drive a car related issues

  
Duplicate

This issue or pull request already exists

  
Duplicate

This issue or pull request already exists

  
Editor

OSM Editor

  
Editor

OSM Editor

  
Elevation

Isolines and altitude

  
Elevation

Isolines and altitude

  
Enhancement

New feature or request, an improvement of some existing feature

  
Enhancement

New feature or request, an improvement of some existing feature

  
Epic

A large body work

  
Epic

A large body work

  
External Map Datasets

TIGER, Ordnance Survey, ASTER, SRTM, etc.

  
External Map Datasets

TIGER, Ordnance Survey, ASTER, SRTM, etc.

  
F-Droid

F-Droid build and distribution

  
F-Droid

F-Droid build and distribution

  
Fonts

Font and text rendering

  
Fonts

Font and text rendering

  
Frequently User Reported

Most annoying UX and other issues for users reported by many people

  
Frequently User Reported

Most annoying UX and other issues for users reported by many people

  
Fund

   
Fund

   
Generator

Related to generator tool.

  
Generator

Related to generator tool.

  
Good first issue

Good for newcomers

  
Good first issue

Good for newcomers

  
Google Play

Google Play

  
Google Play

Google Play

  
GPS

Location and positioning issues

  
GPS

Location and positioning issues

  
GSoC

Ideas for Google Summer of Code

  
GSoC

Ideas for Google Summer of Code

  
iCloud

   
iCloud

   
Icons

Map and app icons

  
Icons

Map and app icons

  
iOS

iOS development

  
iOS

iOS development

  
Legal

Legal aspects

  
Legal

Legal aspects

  
Linux Desktop

Ubuntu, Gentoo, Red Hat, Debian, Cent OS, Fedora, etc.

  
Linux Desktop

Ubuntu, Gentoo, Red Hat, Debian, Cent OS, Fedora, etc.

  
Linux packaging

   
Linux packaging

   
Linux Phone

LibreM, PinePhone, Wayland and other mobile Linux versions

  
Linux Phone

LibreM, PinePhone, Wayland and other mobile Linux versions

  
Mac OS

Desktop issues related to Mac OS X, OM running on M1, M2, M3 Apple silicon, or Qt version

  
Mac OS

Desktop issues related to Mac OS X, OM running on M1, M2, M3 Apple silicon, or Qt version

  
Map Data

OpenStreetMap data related issues

  
Map Data

OpenStreetMap data related issues

  
Metro

Subway, Tube, light-rail public transport issues

  
Metro

Subway, Tube, light-rail public transport issues

  
Navigation

Issues related to the active Navigator / Navigation mode

  
Navigation

Issues related to the active Navigator / Navigation mode

  
Need Feedback

Further information is requested

  
Need Feedback

Further information is requested

  
Night Mode

Night or dark mode feature

  
Night Mode

Night or dark mode feature

  
NLnet 2024-06-281

Tasks related to NLnet 2024-06-281 project.

  
NLnet 2024-06-281

Tasks related to NLnet 2024-06-281 project.

  
No Feature Parity

A platform needs this to be implemented to have feature parity with other platforms

  
No Feature Parity

A platform needs this to be implemented to have feature parity with other platforms

  
Opening Hours

Business Hours, off time, holidays, seasonal

  
Opening Hours

Business Hours, off time, holidays, seasonal

  
Outdoors

Hiking, mtb, 4x4...

  
Outdoors

Hiking, mtb, 4x4...

  
POI Info

Feature metadata, OSM tags that are displayed in Place Page

  
POI Info

Feature metadata, OSM tags that are displayed in Place Page

  
Privacy

Privacy

  
Privacy

Privacy

  
Public Transport

Bus, trolleybus, train, tram, metro, subway, light rail

  
Public Transport

Bus, trolleybus, train, tram, metro, subway, light rail

  
Raw Idea

An idea that needs to be elaborated

  
Raw Idea

An idea that needs to be elaborated

  
Refactoring

   
Refactoring

   
Regional

This issue is different depending on the country or region

  
Regional

This issue is different depending on the country or region

  
Regression

A regression bug

  
Regression

A regression bug

  
Releases

Meta-tickets for tracking the release procedure

  
Releases

Meta-tickets for tracking the release procedure

  
RoboTest

Robo / Monkey Auto Tests

  
RoboTest

Robo / Monkey Auto Tests

  
Route Planning

Preview and plan your track

  
Route Planning

Preview and plan your track

  
Routing

Route building issues, e.g. valid route, valid ETA

  
Routing

Route building issues, e.g. valid route, valid ETA

  
Ruler

Helicopter routing, "as a crow flies"

  
Ruler

Helicopter routing, "as a crow flies"

  
Search

Search

  
Search

Search

  
Security

Security improvements

  
Security

Security improvements

  
Styles

Map drawing styles

  
Styles

Map drawing styles

  
Tests

   
Tests

   
Track Recording

Track Recording

  
Track Recording

Track Recording

  
Translations

Localization and translations issues

  
Translations

Localization and translations issues

  
TTS

Text-to-Speech

  
TTS

Text-to-Speech

  
UI

User interface issues

  
UI

User interface issues

  
UX

User eXperience, an issue with usability

  
UX

User eXperience, an issue with usability

  
Walk Navigation

Foot pedestrian mode

  
Walk Navigation

Foot pedestrian mode

  
Watches

Android Watches or Apple Watches support

  
Watches

Android Watches or Apple Watches support

  
Web

https://organicmaps.app/

  
Web

https://organicmaps.app/

  
Wikipedia

Issues related to Wiki articles embedded in OM data files.

  
Wikipedia

Issues related to Wiki articles embedded in OM data files.

  
Windows

Windows

  
Windows

Windows

  
Won't fix

Unfeasible or impossible to resolve

  
Won't fix

Unfeasible or impossible to resolve

  
World Map

Issues about improving the base map of the whole world that is bundled with the app

  
World Map

Issues about improving the base map of the whole world that is bundled with the app

No labels
Accessibility
Accessibility
Address
Address
Android
Android
Android Auto
Android Auto
Android Automotive (AAOS)
Android Automotive (AAOS)
API
API
AppGallery
AppGallery
AppStore
AppStore
Battery and Performance
Battery and Performance
Blocker
Blocker
Bookmarks and Tracks
Bookmarks and Tracks
Borders
Borders
Bug
Bug
Build
Build
CarPlay
CarPlay
Classificator
Classificator
Community
Community
Core
Core
CrashReports
CrashReports
Cycling
Cycling
Desktop
Desktop
DevEx
DevEx
DevOps
DevOps
dev_sandbox
dev_sandbox
Directions
Directions
Documentation
Documentation
Downloader
Downloader
Drape
Drape
Driving
Driving
Duplicate
Duplicate
Editor
Editor
Elevation
Elevation
Enhancement
Enhancement
Epic
Epic
External Map Datasets
External Map Datasets
F-Droid
F-Droid
Fonts
Fonts
Frequently User Reported
Frequently User Reported
Fund
Fund
Generator
Generator
Good first issue
Good first issue
Google Play
Google Play
GPS
GPS
GSoC
GSoC
iCloud
iCloud
Icons
Icons
iOS
iOS
Legal
Legal
Linux Desktop
Linux Desktop
Linux packaging
Linux packaging
Linux Phone
Linux Phone
Mac OS
Mac OS
Map Data
Map Data
Metro
Metro
Navigation
Navigation
Need Feedback
Need Feedback
Night Mode
Night Mode
NLnet 2024-06-281
NLnet 2024-06-281
No Feature Parity
No Feature Parity
Opening Hours
Opening Hours
Outdoors
Outdoors
POI Info
POI Info
Privacy
Privacy
Public Transport
Public Transport
Raw Idea
Raw Idea
Refactoring
Refactoring
Regional
Regional
Regression
Regression
Releases
Releases
RoboTest
RoboTest
Route Planning
Route Planning
Routing
Routing
Ruler
Ruler
Search
Search
Security
Security
Styles
Styles
Tests
Tests
Track Recording
Track Recording
Translations
Translations
TTS
TTS
UI
UI
UX
UX
Walk Navigation
Walk Navigation
Watches
Watches
Web
Web
Wikipedia
Wikipedia
Windows
Windows
Won't fix
Won't fix
World Map
World Map
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: organicmaps/organicmaps-tmp#9870
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?