diff options
| author | yuuji.yaginuma <yuuji.yaginuma@gmail.com> | 2017-11-27 21:46:26 +0900 |
|---|---|---|
| committer | yuuji.yaginuma <yuuji.yaginuma@gmail.com> | 2017-11-27 21:57:22 +0900 |
| commit | a64be3ea6fae0d5e75cd987d725f71e91571c5cb (patch) | |
| tree | 8eeb0863ffe7da0eb75ff9ce0907c0a00874da8a | |
| parent | 9c10fec4c06da38f8975dfb851f4d899aa85f8b7 (diff) | |
| download | rails-a64be3ea6fae0d5e75cd987d725f71e91571c5cb.tar.gz rails-a64be3ea6fae0d5e75cd987d725f71e91571c5cb.tar.bz2 rails-a64be3ea6fae0d5e75cd987d725f71e91571c5cb.zip | |
Remove Content-Security-Policy initializer in API-only Applications
Since `ContentSecurityPolicy::Middleware` is not loaded in API-only
Applications, initializer is unnecessary.
Ref: https://github.com/rails/rails/blob/9c10fec4c06da38f8975dfb851f4d899aa85f8b7/railties/lib/rails/application/default_middleware_stack.rb#L66..L68
| -rw-r--r-- | railties/lib/rails/generators/rails/app/app_generator.rb | 6 | ||||
| -rw-r--r-- | railties/test/generators/api_app_generator_test.rb | 2 |
2 files changed, 8 insertions, 0 deletions
diff --git a/railties/lib/rails/generators/rails/app/app_generator.rb b/railties/lib/rails/generators/rails/app/app_generator.rb index 1fdfc3ca52..874bd772c7 100644 --- a/railties/lib/rails/generators/rails/app/app_generator.rb +++ b/railties/lib/rails/generators/rails/app/app_generator.rb @@ -128,6 +128,7 @@ module Rails active_storage_config_exist = File.exist?("config/storage.yml") rack_cors_config_exist = File.exist?("config/initializers/cors.rb") assets_config_exist = File.exist?("config/initializers/assets.rb") + csp_config_exist = File.exist?("config/initializers/content_security_policy.rb") config @@ -155,6 +156,10 @@ module Rails unless assets_config_exist remove_file "config/initializers/assets.rb" end + + unless csp_config_exist + remove_file "config/initializers/content_security_policy.rb" + end end end @@ -432,6 +437,7 @@ module Rails def delete_non_api_initializers_if_api_option if options[:api] remove_file "config/initializers/cookies_serializer.rb" + remove_file "config/initializers/content_security_policy.rb" end end diff --git a/railties/test/generators/api_app_generator_test.rb b/railties/test/generators/api_app_generator_test.rb index 7791d472d8..4815cf6362 100644 --- a/railties/test/generators/api_app_generator_test.rb +++ b/railties/test/generators/api_app_generator_test.rb @@ -72,6 +72,7 @@ class ApiAppGeneratorTest < Rails::Generators::TestCase assert_no_file "config/initializers/cookies_serializer.rb" assert_no_file "config/initializers/assets.rb" + assert_no_file "config/initializers/content_security_policy.rb" end def test_app_update_does_not_generate_unnecessary_bin_files @@ -149,6 +150,7 @@ class ApiAppGeneratorTest < Rails::Generators::TestCase bin/yarn config/initializers/assets.rb config/initializers/cookies_serializer.rb + config/initializers/content_security_policy.rb lib/assets test/helpers tmp/cache/assets |