+ # Unfortunately if a PUT or POST request that has a body fails to
+ # read it then Apache will sometimes fail to return the response it
+ # is given to the client properly, instead erroring:
+ #
+ # https://issues.apache.org/bugzilla/show_bug.cgi?id=44782
+ #
+ # To work round this we call rewind on the body here, which is added
+ # as a filter, to force it to be fetched from Apache into a file.
+ def fetch_body
+ request.body.rewind
+ end
+
+ def map_layout
+ append_content_security_policy_directives(
+ :child_src => %w[127.0.0.1:8111],
+ :connect_src => %w[nominatim.openstreetmap.org overpass-api.de router.project-osrm.org],
+ :form_action => %w[render.openstreetmap.org],
+ :script_src => %w[graphhopper.com open.mapquestapi.com],
+ :img_src => %w[developer.mapquest.com]
+ )
+
+ if STATUS == :database_offline || STATUS == :api_offline
+ flash.now[:warning] = t("layouts.osm_offline")
+ elsif STATUS == :database_readonly || STATUS == :api_readonly
+ flash.now[:warning] = t("layouts.osm_read_only")
+ end
+
+ request.xhr? ? "xhr" : "map"
+ end
+
+ def allow_thirdparty_images
+ append_content_security_policy_directives(:img_src => %w[*])
+ end
+
+ def preferred_editor
+ editor = if params[:editor]
+ params[:editor]
+ elsif current_user && current_user.preferred_editor
+ current_user.preferred_editor
+ else
+ DEFAULT_EDITOR
+ end
+
+ editor
+ end
+
+ helper_method :preferred_editor
+
+ def update_totp
+ if defined?(TOTP_KEY)
+ cookies["_osm_totp_token"] = {
+ :value => ROTP::TOTP.new(TOTP_KEY, :interval => 3600).now,
+ :domain => "openstreetmap.org",
+ :expires => 1.hour.from_now
+ }
+ end