HEX
Server: Apache/2.4.41 (Ubuntu)
System: Linux vmi1674223.contaboserver.net 5.4.0-182-generic #202-Ubuntu SMP Fri Apr 26 12:29:36 UTC 2024 x86_64
User: root (0)
PHP: 7.4.3-4ubuntu2.22
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /opt/openproject/app/helpers/
Upload Files
File: //opt/openproject/app/helpers/crowdin_helper.rb
module CrowdinHelper
  def crowdin_in_context_translation
    return unless OpenProject::Configuration.crowdin_in_context_translations?
    return unless ::I18n.locale == :lol

    # Enable CSP to load the following script by whitelisting for this request.
    # This will be slower than manually adding it to the initializer, but we wouldn't want to
    # allow cdn.crowdin.com for users without in context translations.
    controller.append_content_security_policy_directives(
      # initial script and setup API calls
      script_src: %w(cdn.crowdin.com crowdin.com),
      # Form action to crowdin, github etc.
      form_action: %w[https://crowdin.com
                      https://accounts.google.com
                      https://api.twitter.com
                      https://github.com
                      https://gitlab.com],
      # Iframe
      frame_src: %w(crowdin.com),
      # CSS loaded from cdn
      style_src: %w(cdn.crowdin.com)
    )

    concat(nonced_javascript_tag do
      "var _jipt = []; _jipt.push(['project', 'openproject']);".html_safe
    end)
    concat javascript_include_tag 'https://cdn.crowdin.com/jipt/jipt.js'
  end
end
@ Telegram