diff options
Diffstat (limited to 'railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults.rb.tt')
-rw-r--r-- | railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults.rb.tt | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults.rb.tt new file mode 100644 index 0000000000..991963b65e --- /dev/null +++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults.rb.tt @@ -0,0 +1,34 @@ +# Be sure to restart your server when you modify this file. +# +# This file contains migration options to ease your Rails 5.0 upgrade. +# +<%- if options[:update] -%> +# Once upgraded flip defaults one by one to migrate to the new default. +# +<%- end -%> +# Read the Rails 5.0 release notes for more info on each option. +<%- unless options[:api] -%> + +# Enable per-form CSRF tokens. Previous versions had false. +Rails.application.config.action_controller.per_form_csrf_tokens = <%= options[:update] ? false : true %> + +# Enable origin-checking CSRF mitigation. Previous versions had false. +Rails.application.config.action_controller.forgery_protection_origin_check = <%= options[:update] ? false : true %> +<%- end -%> + +# Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`. +# Previous versions had false. +ActiveSupport.to_time_preserves_timezone = <%= options[:update] ? false : true %> +<%- unless options[:skip_active_record] -%> + +# Require `belongs_to` associations by default. Previous versions had false. +Rails.application.config.active_record.belongs_to_required_by_default = <%= options[:update] ? false : true %> +<%- end -%> + +# Do not halt callback chains when a callback returns false. Previous versions had true. +ActiveSupport.halt_callback_chains_on_return_false = <%= options[:update] ? true : false %> +<%- unless options[:update] -%> + +# Configure SSL options to enable HSTS with subdomains. Previous versions had false. +Rails.application.config.ssl_options = { hsts: { subdomains: true } } +<%- end -%> |