diff options
| author | yuuji.yaginuma <yuuji.yaginuma@gmail.com> | 2018-02-24 09:21:26 +0900 |
|---|---|---|
| committer | yuuji.yaginuma <yuuji.yaginuma@gmail.com> | 2018-02-24 09:21:26 +0900 |
| commit | f9fa1a9dca4a3808bd38ff490dc8ee899813f181 (patch) | |
| tree | ea4703aae3553a99838093bd825ffe03227074f7 /railties | |
| parent | ddb7da8535b07f51b7a8f5e3062cc8ffbd4ff23b (diff) | |
| download | rails-f9fa1a9dca4a3808bd38ff490dc8ee899813f181.tar.gz rails-f9fa1a9dca4a3808bd38ff490dc8ee899813f181.tar.bz2 rails-f9fa1a9dca4a3808bd38ff490dc8ee899813f181.zip | |
Correctly set `content_security_policy_nonce_generator`
`content_security_policy_nonce_generator` specifies request as an argument when calling.
https://github.com/rails/rails/blob/ddb7da8535b07f51b7a8f5e3062cc8ffbd4ff23b/actionpack/lib/action_dispatch/http/content_security_policy.rb#L100
So without this fix, will raise `ArgumentError` when start server.
Diffstat (limited to 'railties')
| -rw-r--r-- | railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt index 38c658548d..ae868e4c73 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt +++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/content_security_policy.rb.tt @@ -17,7 +17,7 @@ # end # If you are using UJS then enable automatic nonce generation -# Rails.application.config.content_security_policy_nonce_generator = -> { SecureRandom.base64(16) } +# Rails.application.config.content_security_policy_nonce_generator = ->(req) { SecureRandom.base64(16) } # Report CSP violations to a specified URI # For further information see the following documentation: |