2 files changed, 14 insertions, 11 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 410778d9a..78a82316a 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -129,7 +129,7 @@ class ApplicationController < ActionController::Base
         @exception_class = exception.class.to_s
         @exception_message = exception.message
         case exception
-        when ActiveRecord::RecordNotFound, RouteNotFound
+        when ActiveRecord::RecordNotFound, RouteNotFound, WillPaginate::InvalidPage
             @status = 404
             sanitize_path(params)
         when PermissionDenied
@@ -432,7 +432,11 @@ class ApplicationController < ActionController::Base
     def country_from_ip
         country = ""
         if !AlaveteliConfiguration::gaze_url.empty?
-            country = quietly_try_to_open("#{AlaveteliConfiguration::gaze_url}/gaze-rest?f=get_country_from_ip;ip=#{request.remote_ip}")
+            begin
+                country = quietly_try_to_open("#{AlaveteliConfiguration::gaze_url}/gaze-rest?f=get_country_from_ip;ip=#{request.remote_ip}")
+            rescue ActionDispatch::RemoteIp::IpSpoofAttackError
+                country = AlaveteliConfiguration::iso_country_code
+            end
         end
         country = AlaveteliConfiguration::iso_country_code if country.empty?
         return country
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index 6445dd685..d66c28275 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -763,18 +763,17 @@ class RequestController < ApplicationController
         key_path = foi_fragment_cache_path(key)
         image_dir = File.dirname(key_path)
         FileUtils.mkdir_p(image_dir)
-        html, wrapper_id = @attachment.body_as_html(image_dir)
 
-        view_html_stylesheet = render_to_string :partial => "request/view_html_stylesheet"
-        html.sub!(/<head>/i, "<head>" + view_html_stylesheet)
-        html.sub!(/<body[^>]*>/i, '<body><prefix-here><div id="' + wrapper_id + '"><div id="view-html-content">')
-        html.sub!(/<\/body[^>]*>/i, '</div></div></body>')
-
-        view_html_prefix = render_to_string :partial => "request/view_html_prefix"
-        html.sub!("<prefix-here>", view_html_prefix)
-        html.sub!("<attachment-url-here>", CGI.escape(@attachment_url))
+        html = @attachment.body_as_html(image_dir,
+            :attachment_url => Rack::Utils.escape(@attachment_url),
+            :content_for => {
+                :head_suffix => render_to_string(:partial => "request/view_html_stylesheet"),
+                :body_prefix => render_to_string(:partial => "request/view_html_prefix")
+            }
+        )
 
         @incoming_message.html_mask_stuff!(html)
+
         response.content_type = 'text/html'
         render :text => html
     end