content_security_policy(:only => :id) do |policy|
policy.connect_src("*")
policy.img_src(*policy.img_src, "*", :blob)
+ policy.script_src(*policy.script_src, :unsafe_eval)
policy.style_src(*policy.style_src, :unsafe_inline)
end
def index
- session[:location] ||= OSM.ip_location(request.env["REMOTE_ADDR"]) unless Settings.status == "database_readonly" || Settings.status == "database_offline"
+ session[:location] ||= OSM.ip_location(request.env["REMOTE_ADDR"]) unless %w[database_readonly database_offline].include?(Settings.status)
end
def permalink
end
def copyright
+ @title = t ".title"
@locale = params[:copyright_locale] || I18n.locale
end
end
def preview
- render :html => RichText.new(params[:type], params[:text]).to_html
+ if params[:text].blank?
+ flash.now[:warning] = t("layouts.nothing_to_preview")
+ render :partial => "layouts/flash"
+ else
+ render :html => RichText.new(params[:type], params[:text]).to_html
+ end
end
def id