diff options
| author | Guillermo Iguaran <guilleiguaran@gmail.com> | 2019-07-08 10:20:45 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-07-08 10:20:45 -0500 |
| commit | c00cd7b446aaeb8e2486142938238b26c48ed711 (patch) | |
| tree | d33b5cb6ab8bf61f4f04ac5731c54a2336661461 /railties/lib/rails/generators | |
| parent | fe30211574648fa21bff958a3cf952fd0c20c3b1 (diff) | |
| parent | 84ff4f6ea2a118b47160e3fe7ed29bff52c2a7a2 (diff) | |
| download | rails-c00cd7b446aaeb8e2486142938238b26c48ed711.tar.gz rails-c00cd7b446aaeb8e2486142938238b26c48ed711.tar.bz2 rails-c00cd7b446aaeb8e2486142938238b26c48ed711.zip | |
Merge branch 'master' into add_database_exist_method
Diffstat (limited to 'railties/lib/rails/generators')
3 files changed, 7 insertions, 1 deletions
diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt index c517b0f96b..3d468f7633 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt +++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt @@ -23,6 +23,9 @@ # If you are using UJS then enable automatic nonce generation # Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } +# Set the nonce only to specific directives +# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) + # Report CSP violations to a specified URI # For further information see the following documentation: # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_6_0.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_6_0.rb.tt index d25552e923..abb03e761b 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_6_0.rb.tt +++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_6_0.rb.tt @@ -16,6 +16,9 @@ # It's best enabled when your entire app is migrated and stable on 6.0. # Rails.application.config.action_dispatch.use_cookies_with_metadata = true +# Change the return value of `ActionDispatch::Response#content_type` to Content-Type header without modification. +# Rails.application.config.action_dispatch.return_only_media_type_on_content_type = true + # Return false instead of self when enqueuing is aborted from a callback. # Rails.application.config.active_job.return_false_on_aborted_enqueue = true diff --git a/railties/lib/rails/generators/rails/app/templates/public/robots.txt b/railties/lib/rails/generators/rails/app/templates/public/robots.txt index 37b576a4a0..c19f78ab68 100644 --- a/railties/lib/rails/generators/rails/app/templates/public/robots.txt +++ b/railties/lib/rails/generators/rails/app/templates/public/robots.txt @@ -1 +1 @@ -# See http://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file +# See https://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file |