]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/application_controller.rb
Move admin users list to its own controller
[rails.git] / app / controllers / application_controller.rb
index cc006c19cf78a6e8634f57e42258c60300722827..bde7e028765c81b5426a5eed2e8c74957abee4b2 100644 (file)
@@ -21,7 +21,7 @@ class ApplicationController < ActionController::Base
 
   def self.allow_thirdparty_images(**options)
     content_security_policy(options) do |policy|
 
   def self.allow_thirdparty_images(**options)
     content_security_policy(options) do |policy|
-      policy.img_src("*")
+      policy.img_src("*", :data)
     end
   end
 
     end
   end
 
@@ -215,21 +215,26 @@ class ApplicationController < ActionController::Base
 
   ##
   # wrap a web page in a timeout
 
   ##
   # wrap a web page in a timeout
-  def web_timeout(&block)
-    Timeout.timeout(Settings.web_timeout, &block)
+  def web_timeout(&)
+    raise Timeout::Error if Settings.web_timeout.negative?
+
+    Timeout.timeout(Settings.web_timeout, &)
   rescue ActionView::Template::Error => e
     e = e.cause
 
     if e.is_a?(Timeout::Error) ||
        (e.is_a?(ActiveRecord::StatementInvalid) && e.message.include?("execution expired"))
   rescue ActionView::Template::Error => e
     e = e.cause
 
     if e.is_a?(Timeout::Error) ||
        (e.is_a?(ActiveRecord::StatementInvalid) && e.message.include?("execution expired"))
-      ActiveRecord::Base.connection.raw_connection.cancel
-      render :action => "timeout"
+      respond_to_timeout
     else
       raise
     end
   rescue Timeout::Error
     else
       raise
     end
   rescue Timeout::Error
+    respond_to_timeout
+  end
+
+  def respond_to_timeout
     ActiveRecord::Base.connection.raw_connection.cancel
     ActiveRecord::Base.connection.raw_connection.cancel
-    render :action => "timeout"
+    render :action => "timeout", :status => :gateway_timeout
   end
 
   ##
   end
 
   ##
@@ -248,9 +253,7 @@ class ApplicationController < ActionController::Base
   def map_layout
     policy = request.content_security_policy.clone
 
   def map_layout
     policy = request.content_security_policy.clone
 
-    policy.child_src(*policy.child_src, "http://127.0.0.1:8111", "https://127.0.0.1:8112")
-    policy.frame_src(*policy.frame_src, "http://127.0.0.1:8111", "https://127.0.0.1:8112")
-    policy.connect_src(*policy.connect_src, Settings.nominatim_url, Settings.overpass_url, Settings.fossgis_osrm_url, Settings.graphhopper_url, Settings.fossgis_valhalla_url)
+    policy.connect_src(*policy.connect_src, "http://127.0.0.1:8111", Settings.nominatim_url, Settings.overpass_url, Settings.fossgis_osrm_url, Settings.graphhopper_url, Settings.fossgis_valhalla_url)
     policy.form_action(*policy.form_action, "render.openstreetmap.org")
     policy.style_src(*policy.style_src, :unsafe_inline)
 
     policy.form_action(*policy.form_action, "render.openstreetmap.org")
     policy.style_src(*policy.style_src, :unsafe_inline)
 
@@ -323,20 +326,6 @@ class ApplicationController < ActionController::Base
     end
   end
 
     end
   end
 
-  # extract authorisation credentials from headers, returns user = nil if none
-  def auth_data
-    if request.env.key? "X-HTTP_AUTHORIZATION" # where mod_rewrite might have put it
-      authdata = request.env["X-HTTP_AUTHORIZATION"].to_s.split
-    elsif request.env.key? "REDIRECT_X_HTTP_AUTHORIZATION" # mod_fcgi
-      authdata = request.env["REDIRECT_X_HTTP_AUTHORIZATION"].to_s.split
-    elsif request.env.key? "HTTP_AUTHORIZATION" # regular location
-      authdata = request.env["HTTP_AUTHORIZATION"].to_s.split
-    end
-    # only basic authentication supported
-    user, pass = Base64.decode64(authdata[1]).split(":", 2) if authdata && authdata[0] == "Basic"
-    [user, pass]
-  end
-
   # clean any referer parameter
   def safe_referer(referer)
     begin
   # clean any referer parameter
   def safe_referer(referer)
     begin