From cc469b5bde4dc0c138c2fe927b4b987c4fd2d992 Mon Sep 17 00:00:00 2001 From: Harald Eilertsen Date: Wed, 20 Jun 2018 21:01:28 +0200 Subject: CVE-2018-3760: Disable compilation of assets in production. All assets should be precompiled during deploy anyways, so no idea why this was on in the first place. --- config/environments/production.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/environments/production.rb b/config/environments/production.rb index e39ab27..6a4c8e0 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -17,7 +17,7 @@ BetaWebApp::Application.configure do config.assets.compress = true # Don't fallback to assets pipeline if a precompiled asset is missed - config.assets.compile = true + config.assets.compile = false # Generate digests for assets URLs config.assets.digest = true -- cgit v1.2.3