|
|
|
@@ -6,12 +6,17 @@ class MediaController < ApplicationController |
|
|
|
before_action :set_media_attachment |
|
|
|
before_action :verify_permitted_status! |
|
|
|
|
|
|
|
content_security_policy only: :player do |p| |
|
|
|
p.frame_ancestors(false) |
|
|
|
end |
|
|
|
|
|
|
|
def show |
|
|
|
redirect_to @media_attachment.file.url(:original) |
|
|
|
end |
|
|
|
|
|
|
|
def player |
|
|
|
@body_classes = 'player' |
|
|
|
response.headers['X-Frame-Options'] = 'ALLOWALL' |
|
|
|
raise ActiveRecord::RecordNotFound unless @media_attachment.video? || @media_attachment.gifv? |
|
|
|
end |
|
|
|
|
|
|
|
|
jomo
5 年前
Eugen Rochko