X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/b16aa11f65ed1120ee546712150ad6f57ec50102..d2d5d48f2993f2ffca415362a40b8a02127bd4a8:/app/controllers/site_controller.rb

diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb
index 8f4aafa44..471e9f3c5 100644
--- a/app/controllers/site_controller.rb
+++ b/app/controllers/site_controller.rb
@@ -12,7 +12,7 @@ class SiteController < ApplicationController
   authorize_resource :class => false
 
   def index
-    session[:location] ||= OSM.ip_location(request.env["REMOTE_ADDR"]) unless STATUS == :database_readonly || STATUS == :database_offline
+    session[:location] ||= OSM.ip_location(request.env["REMOTE_ADDR"]) unless Settings.status == "database_readonly" || Settings.status == "database_offline"
   end
 
   def permalink
@@ -70,6 +70,7 @@ class SiteController < ApplicationController
 
     if %w[potlatch potlatch2].include?(editor)
       append_content_security_policy_directives(
+        :connect_src => %w[*],
         :object_src => %w[*],
         :plugin_types => %w[application/x-shockwave-flash],
         :script_src => %w['unsafe-inline']
@@ -103,9 +104,7 @@ class SiteController < ApplicationController
     @locale = params[:copyright_locale] || I18n.locale
   end
 
-  def welcome
-    require_user
-  end
+  def welcome; end
 
   def help; end
 
@@ -123,7 +122,7 @@ class SiteController < ApplicationController
     append_content_security_policy_directives(
       :connect_src => %w[*],
       :img_src => %w[* blob:],
-      :script_src => %w[dev.virtualearth.net *.wikipedia.org www.wikidata.org services.arcgisonline.com serviceslab.arcgisonline.com 'unsafe-eval'],
+      :script_src => %w[dev.virtualearth.net 'unsafe-eval'],
       :style_src => %w['unsafe-inline']
     )