-
- before_filter :authorize
- after_filter :compress_output
-
- helper :user
- model :user
-
- #COUNT is the number of map requests to allow before exiting and stating a new process
- @@count = COUNT
-
- def authorize_web
- @current_user = User.find_by_token(session[:token])
- end
-
- # The maximum area you're allowed to request, in square degrees
- MAX_REQUEST_AREA = 0.25
-
- def map
- @@count+=1
- response.headers["Content-Type"] = 'text/xml'
- # Figure out the bbox
- bbox = params['bbox']
- unless bbox and bbox.count(',') == 3
- report_error("The parameter bbox is required, and must be of the form min_lon,min_lat,max_lon,max_lat")
- return
+ skip_before_action :verify_authenticity_token
+
+ private
+
+ ##
+ # Set default request format to xml unless a client requests a specific format,
+ # which can be done via (a) URL suffix and/or (b) HTTP Accept header, where
+ # the URL suffix always takes precedence over the Accept header.
+ def set_default_request_format
+ unless params[:format]
+ accept_header = request.headers["HTTP_ACCEPT"]
+ if accept_header.nil?
+ # e.g. unit tests don't set an Accept: header by default, force XML in this case
+ request.format = "xml"
+ return
+ end
+
+ req_mimetypes = []
+
+ # Some clients (JOSM) send Accept headers which cannot be parsed by Rails, example: *; q=.2
+ # To be fair, JOSM's Accept header doesn't adhere to RFC 7231, section 5.3.1, et al. either
+ # As a workaround for backwards compatibility, we're assuming XML format
+ begin
+ req_mimetypes = Mime::Type.parse(accept_header)
+ rescue Mime::Type::InvalidMimeType
+ request.format = "xml"
+ return
+ end
+
+ # req_mimetypes contains all Accept header MIME types with descending priority
+ req_mimetypes.each do |mime|
+ if mime.symbol == :xml
+ request.format = "xml"
+ break
+ end
+
+ if mime.symbol == :json
+ request.format = "json"
+ break
+ end
+
+ # Any format, not explicitly requesting XML or JSON -> assume XML as default
+ if mime == "*/*"
+ request.format = "xml"
+ break
+ end
+ end