request.xhr? ? "xhr" : "map"
end
+ def allow_thirdparty_images
+ append_content_security_policy_directives(:img_src => %w[*])
+ end
+
def preferred_editor
editor = if params[:editor]
params[:editor]
before_action :check_database_readable
before_action :check_database_writable, :only => [:new, :edit, :comment, :hide, :hidecomment, :subscribe, :unsubscribe]
before_action :require_administrator, :only => [:hide, :hidecomment]
+ before_action :allow_thirdparty_images, :only => [:new, :edit, :list, :view, :comments]
def new
@title = t "diary_entry.new.title"
before_action :lookup_this_user, :only => [:new]
before_action :check_database_readable
before_action :check_database_writable, :only => [:new, :reply, :mark]
+ before_action :allow_thirdparty_images, :only => [:new, :read]
# Allow the user to write a new message to another user. This action also
# deals with the sending of that message to the other user when the user
around_action :api_call_handle_error, :only => [:api_read, :api_details, :api_gpx_files]
before_action :lookup_user_by_id, :only => [:api_read]
before_action :lookup_user_by_name, :only => [:set_status, :delete]
+ before_action :allow_thirdparty_images, :only => [:view, :account]
def terms
@legale = params[:legale] || OSM.ip_to_country(request.remote_ip) || DEFAULT_LEGALE