diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index a97facd7a..21c98a15b 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -37,6 +37,10 @@ class ApplicationController < ActionController::Base
     logged_user.present?
   end
 
+  def logged_user_ids
+    logged_users.map(&:id)
+  end
+
   helper_method :logged_in?
 
   protected
diff --git a/app/controllers/champs/carte_controller.rb b/app/controllers/champs/carte_controller.rb
new file mode 100644
index 000000000..64f694c0c
--- /dev/null
+++ b/app/controllers/champs/carte_controller.rb
@@ -0,0 +1,61 @@
+class Champs::CarteController < ApplicationController
+  before_action :authenticate_logged_user!
+
+  def show
+    @selector = ".carte-#{params[:position]}"
+
+    if params[:dossier].key?(:champs_attributes)
+      geo_json = params[:dossier][:champs_attributes][params[:position]][:value]
+    else
+      geo_json = params[:dossier][:champs_private_attributes][params[:position]][:value]
+    end
+
+    if params[:champ_id].present?
+      @champ = Champ
+        .joins(:dossier)
+        .where(dossiers: { user_id: logged_user_ids })
+        .find_by(id: params[:champ_id])
+    else
+      @champ = Champs::CarteChamp.new(type_de_champ: TypeDeChamp.new(
+        type_champ: TypeDeChamp.type_champs.fetch(:carte),
+        options: {
+          quartiers_prioritaires: true,
+          cadastres: true
+        }
+      ))
+    end
+
+    geo_areas = []
+    geo_json = JSON.parse(geo_json)
+
+    if geo_json.first == ["error", "TooManyPolygons"]
+      @error = true
+    else
+      if @champ.cadastres?
+        cadastres = ModuleApiCartoService.generate_cadastre(geo_json)
+        geo_areas += cadastres.map do |cadastre|
+          cadastre[:source] = GeoArea.sources.fetch(:cadastre)
+          cadastre
+        end
+      end
+
+      if @champ.quartiers_prioritaires?
+        quartiers_prioritaires = ModuleApiCartoService.generate_qp(geo_json)
+        geo_areas += quartiers_prioritaires.map do |qp|
+          qp[:source] = GeoArea.sources.fetch(:quartier_prioritaire)
+          qp
+        end
+      end
+    end
+
+    @champ.geo_areas = geo_areas.map do |geo_area|
+      GeoArea.new(geo_area)
+    end
+
+    @champ.value = geo_json.to_json
+
+    if @champ.persisted?
+      @champ.save
+    end
+  end
+end
diff --git a/app/models/champs/carte_champ.rb b/app/models/champs/carte_champ.rb
index 843c11d3b..9a752722d 100644
--- a/app/models/champs/carte_champ.rb
+++ b/app/models/champs/carte_champ.rb
@@ -34,4 +34,8 @@ class Champs::CarteChamp < Champ
       { lon: lon, lat: lat, zoom: zoom }
     end
   end
+
+  def zones
+    value.blank? ? [] : JSON.parse(value)
+  end
 end
diff --git a/app/views/champs/carte/show.js.erb b/app/views/champs/carte/show.js.erb
new file mode 100644
index 000000000..45ae01b28
--- /dev/null
+++ b/app/views/champs/carte/show.js.erb
@@ -0,0 +1,5 @@
+<%= render_to_element("#{@selector} + .geo-areas",
+  partial: 'shared/champs/carte/geo_areas',
+  locals: { champ: @champ, error: @error }) %>
+
+DS.drawMapData("<%= @selector %>", <%= geo_data(@champ) %>);
diff --git a/app/views/shared/champs/carte/_geo_areas.html.haml b/app/views/shared/champs/carte/_geo_areas.html.haml
new file mode 100644
index 000000000..863adc1d3
--- /dev/null
+++ b/app/views/shared/champs/carte/_geo_areas.html.haml
@@ -0,0 +1,27 @@
+- if champ.quartiers_prioritaires?
+  .areas-title Quartiers prioritaires
+  .areas
+    - if error.present?
+      .error Merci de dessiner une surface plus petite afin de récupérer les quartiers prioritaires.
+    - elsif champ.value.blank?
+      Aucune zone tracée
+    - elsif champ.quartiers_prioritaires.blank?
+      = t('errors.messages.quartiers_prioritaires_empty', count: champ.zones.size)
+    - else
+      %ul
+        - champ.quartiers_prioritaires.each do |qp|
+          %li #{qp.commune} : #{qp.nom}
+
+- if champ.cadastres?
+  .areas-title Parcelles cadastrales
+  .areas
+    - if error.present?
+      .error Merci de dessiner une surface plus petite afin de récupérer les parcelles cadastrales.
+    - elsif champ.value.blank?
+      Aucune zone tracée
+    - elsif champ.cadastres.blank?
+      = t('errors.messages.cadastres_empty', count: champ.zones.size)
+    - else
+      %ul
+        - champ.cadastres.each do |pc|
+          %li Parcelle n° #{pc.numero} - Feuille #{pc.code_arr} #{pc.section} #{pc.feuille}
diff --git a/config/brakeman.ignore b/config/brakeman.ignore
index cb8344d0e..50bbaa0bc 100644
--- a/config/brakeman.ignore
+++ b/config/brakeman.ignore
@@ -1,5 +1,24 @@
 {
   "ignored_warnings": [
+    {
+      "warning_type": "Cross-Site Scripting",
+      "warning_code": 2,
+      "fingerprint": "0d61a1267d264f1e61cc2398a2683703ac60878129dc9515542f246a80ad575b",
+      "check_name": "CrossSiteScripting",
+      "message": "Unescaped model attribute",
+      "file": "app/views/champs/carto/show.js.erb",
+      "line": 5,
+      "link": "https://brakemanscanner.org/docs/warning_types/cross_site_scripting",
+      "code": "geo_data((Champ.joins(:dossier).where(:dossiers => ({ :user_id => logged_user_ids })).find_by(:id => params.permit(:champ_id)) or CartoChamp.new))",
+      "render_path": [{"type":"controller","class":"Champs::CartoController","method":"show","line":48,"file":"app/controllers/champs/carto_controller.rb"}],
+      "location": {
+        "type": "template",
+        "template": "champs/carto/show"
+      },
+      "user_input": "Champ.joins(:dossier).where(:dossiers => ({ :user_id => logged_user_ids }))",
+      "confidence": "Weak",
+      "note": "Not an injection because logged_user_ids have no user input"
+    },
     {
       "warning_type": "SQL Injection",
       "warning_code": 0,
@@ -61,6 +80,6 @@
       "note": "Not an injection because of `sanitized_column`"
     }
   ],
-  "updated": "2018-10-11 12:09:03 +0200",
+  "updated": "2018-10-16 11:28:34 +0300",
   "brakeman_version": "4.3.1"
 }
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index 1079a5629..fbd48b6db 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -177,6 +177,12 @@ fr:
         connexion: "Erreur lors de la connexion à France Connect."
       extension_white_list_error: "Le format de fichier de la pièce jointe n'est pas valide."
       procedure_archived: "Cette démarche en ligne a été fermée, il n'est plus possible de déposer de dossier."
+      cadastres_empty:
+        one: "Aucune parcelle cadastrale sur la zone séléctionnée"
+        other: "Aucune parcelle cadastrale sur les zones séléctionnées"
+      quartiers_prioritaires_empty:
+        one: "Aucun quartier prioritaire sur la zone séléctionnée"
+        other: "Aucun quartier prioritaire sur les zones séléctionnées"
 
   date:
     abbr_day_names:
diff --git a/config/routes.rb b/config/routes.rb
index 8e7faec7f..8479addd8 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -125,6 +125,7 @@ Rails.application.routes.draw do
   namespace :champs do
     get ':position/siret', to: 'siret#show', as: :siret
     get ':position/dossier_link', to: 'dossier_link#show', as: :dossier_link
+    post ':position/carte', to: 'carte#show', as: :carte
   end
 
   namespace :commencer do