diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 31 |
1 files changed, 26 insertions, 5 deletions
@@ -54,7 +54,7 @@ module ApplicationCable protected def find_verified_user - if current_user = User.find(cookies.signed[:user_id]) + if current_user = User.find_by(id: cookies.signed[:user_id]) current_user else reject_unauthorized_connection @@ -162,7 +162,7 @@ $(document).on 'click', '[data-behavior~=appear_away]', -> ``` Simply calling `App.cable.subscriptions.create` will setup the subscription, which will call `AppearanceChannel#subscribed`, -which in turn is linked to original `App.consumer` -> `ApplicationCable::Connection` instances. +which in turn is linked to original `App.cable` -> `ApplicationCable::Connection` instances. We then link `App.appearance#appear` to `AppearanceChannel#appear(data)`. This is possible because the server-side channel instance will automatically expose the public methods declared on the class (minus the callbacks), so that these @@ -274,8 +274,11 @@ See the [rails/actioncable-examples](http://github.com/rails/actioncable-example ## Configuration -The only must-configure part of Action Cable is the Redis connection. By default, `ActionCable::Server::Base` will look for a configuration -file in `Rails.root.join('config/redis/cable.yml')`. The file must follow the following format: +Action Cable has two required configurations: the Redis connection and specifying allowed request origins. + +### Redis + +By default, `ActionCable::Server::Base` will look for a configuration file in `Rails.root.join('config/redis/cable.yml')`. The file must follow the following format: ```yaml production: &production @@ -299,6 +302,24 @@ a Rails initializer with something like: ActionCable.server.config.redis_path = Rails.root('somewhere/else/cable.yml') ``` +### Allowed Request Origins + +Action Cable will only accepting requests from specified origins, which are passed to the server config as an array: + +```ruby +ActionCable.server.config.allowed_request_origins = %w( http://rubyonrails.com ) +``` + +To disable and allow requests from any origin: + +```ruby +ActionCable.server.config.disable_request_forgery_protection = true +``` + +By default, Action Cable allows all requests from localhost:3000 when running in the development environment. + +### Other Configurations + The other common option to configure is the log tags applied to the per-connection logger. Here's close to what we're using in Basecamp: ```ruby @@ -416,4 +437,4 @@ Action Cable is released under the MIT license: Bug reports can be filed for the alpha development project here: -* https://github.com/rails/actioncable/issues +* https://github.com/rails/actioncable/issues
\ No newline at end of file |