From 3b51c8a591b0b79fa6d9f42f948b6b733dfae936 Mon Sep 17 00:00:00 2001 From: Hendy Tanata Date: Tue, 21 Mar 2017 08:49:48 -0700 Subject: Update Configuring Rails Component guide example config.time_zone is no longer in included in config/application.rb. See 28dcadc0140dfdebe87d5e691fd709c0a9ae0bae. --- guides/source/configuring.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides/source/configuring.md') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index a4f3882124..ae70b06996 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -32,7 +32,7 @@ Configuring Rails Components In general, the work of configuring Rails means configuring the components of Rails, as well as configuring Rails itself. The configuration file `config/application.rb` and environment-specific configuration files (such as `config/environments/production.rb`) allow you to specify the various settings that you want to pass down to all of the components. -For example, the `config/application.rb` file includes this setting: +For example, you could add this setting to `config/application.rb` file: ```ruby config.time_zone = 'Central Time (US & Canada)' -- cgit v1.2.3 From 247dace670d3f29a435b43e03a38816371090f6b Mon Sep 17 00:00:00 2001 From: "yuuji.yaginuma" Date: Tue, 25 Apr 2017 07:34:39 +0900 Subject: Add `form_with_generates_remote_forms` to configuring guide [ci skip] --- guides/source/configuring.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'guides/source/configuring.md') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index ae70b06996..3cfb3e2d6a 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -543,6 +543,8 @@ encrypted cookies salt value. Defaults to `'signed encrypted cookie'`. * `config.action_view.debug_missing_translation` determines whether to wrap the missing translations key in a `` tag or not. This defaults to `true`. +* `config.form_with_generates_remote_forms` determines whether `form_with` generates remote forms or not. This defaults to `true`. + ### Configuring Action Mailer There are a number of settings available on `config.action_mailer`: -- cgit v1.2.3 From c2e3e0d2096836bfb6072af70bd0914a960a50fe Mon Sep 17 00:00:00 2001 From: Jon Moss Date: Mon, 24 Apr 2017 19:06:31 -0400 Subject: Add missing `action_view` section of config flag [ci skip] --- guides/source/configuring.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides/source/configuring.md') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index 3cfb3e2d6a..bf9456a482 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -543,7 +543,7 @@ encrypted cookies salt value. Defaults to `'signed encrypted cookie'`. * `config.action_view.debug_missing_translation` determines whether to wrap the missing translations key in a `` tag or not. This defaults to `true`. -* `config.form_with_generates_remote_forms` determines whether `form_with` generates remote forms or not. This defaults to `true`. +* `config.action_view.form_with_generates_remote_forms` determines whether `form_with` generates remote forms or not. This defaults to `true`. ### Configuring Action Mailer -- cgit v1.2.3 From 5a3ba63d9abad86b7f6dd36a92cfaf722e52760b Mon Sep 17 00:00:00 2001 From: Michael Coyne Date: Thu, 23 Feb 2017 13:54:17 -0500 Subject: AEAD encrypted cookies and sessions This commit changes encrypted cookies from AES in CBC HMAC mode to Authenticated Encryption using AES-GCM. It also provides a cookie jar to transparently upgrade encrypted cookies to this new scheme. Some other notable changes include: - There is a new application configuration value: +use_authenticated_cookie_encryption+. When enabled, AEAD encrypted cookies will be used. - +cookies.signed+ does not raise a +TypeError+ now if the name of an encrypted cookie is used. Encrypted cookies using the same key as signed cookies would be verified and serialization would then fail due the message still be encrypted. --- guides/source/configuring.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'guides/source/configuring.md') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index bf9456a482..6a7eaf00e1 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -456,10 +456,14 @@ to `'http authentication'`. Defaults to `'signed cookie'`. * `config.action_dispatch.encrypted_cookie_salt` sets the encrypted cookies salt -value. Defaults to `'encrypted cookie'`. + value. Defaults to `'encrypted cookie'`. * `config.action_dispatch.encrypted_signed_cookie_salt` sets the signed -encrypted cookies salt value. Defaults to `'signed encrypted cookie'`. + encrypted cookies salt value. Defaults to `'signed encrypted cookie'`. + +* `config.action_dispatch.authenticated_encrypted_cookie_salt` sets the + authenticated encrypted cookie salt. Defaults to `'authenticated encrypted + cookie'`. * `config.action_dispatch.perform_deep_munge` configures whether `deep_munge` method should be performed on the parameters. See [Security Guide](security.html#unsafe-query-generation) -- cgit v1.2.3 From 3b2e3f01488581d9e153dcb6b8ef333bda370aa0 Mon Sep 17 00:00:00 2001 From: Christoph Lupprich Date: Sun, 28 May 2017 16:24:43 +0200 Subject: Remove mentions of deprecated callbacks on ActionDispatch::Callbacks ActionDispatch::Callbacks.to_prepare was removed in #27587 [ci skip] --- guides/source/configuring.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'guides/source/configuring.md') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index bf9456a482..aced401bca 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -493,8 +493,6 @@ encrypted cookies salt value. Defaults to `'signed encrypted cookie'`. * `ActionDispatch::Callbacks.before` takes a block of code to run before the request. -* `ActionDispatch::Callbacks.to_prepare` takes a block to run after `ActionDispatch::Callbacks.before`, but before the request. Runs for every request in `development` mode, but only once for `production` or environments with `cache_classes` set to `true`. - * `ActionDispatch::Callbacks.after` takes a block of code to run after the request. ### Configuring Action View @@ -1188,7 +1186,7 @@ Below is a comprehensive list of all the initializers found in Rails in the orde * `finisher_hook`: Provides a hook for after the initialization of process of the application is complete, as well as running all the `config.after_initialize` blocks for the application, railties and engines. -* `set_routes_reloader_hook`: Configures Action Dispatch to reload the routes file using `ActionDispatch::Callbacks.to_prepare`. +* `set_routes_reloader_hook`: Configures Action Dispatch to reload the routes file using `ActiveSupport::Callbacks.to_run`. * `disable_dependency_loading`: Disables the automatic dependency loading if the `config.eager_load` is set to `true`. -- cgit v1.2.3 From 019c7f92f09170f0f87105f544ae4eff49e83de7 Mon Sep 17 00:00:00 2001 From: Vipul A M Date: Sat, 17 Jun 2017 03:05:37 +0530 Subject: Remove references to deprecared raise_runtime_errors from documentation, which is always enabled now. Ref: https://github.com/rails/sprockets-rails/commit/655b93bffc6f51b96a7cc097f9010942693bfaae and https://github.com/rails/rails/pull/24070 . Fixes #29483 [ci skip] (#29484) --- guides/source/configuring.md | 2 -- 1 file changed, 2 deletions(-) (limited to 'guides/source/configuring.md') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index 1234e1f192..21b3ca0efa 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -157,8 +157,6 @@ defaults to `:debug` for all environments. The available log levels are: `:debug * `config.assets.enabled` a flag that controls whether the asset pipeline is enabled. It is set to `true` by default. -* `config.assets.raise_runtime_errors` Set this flag to `true` to enable additional runtime error checking. Recommended in `config/environments/development.rb` to minimize unexpected behavior when deploying to `production`. - * `config.assets.css_compressor` defines the CSS compressor to use. It is set by default by `sass-rails`. The unique alternative value at the moment is `:yui`, which uses the `yui-compressor` gem. * `config.assets.js_compressor` defines the JavaScript compressor to use. Possible values are `:closure`, `:uglifier` and `:yui` which require the use of the `closure-compiler`, `uglifier` or `yui-compressor` gems respectively. -- cgit v1.2.3 From ec4a836919c021c0a5cf9ebeebb4db5e02104a55 Mon Sep 17 00:00:00 2001 From: Lisa Ugray Date: Mon, 10 Jul 2017 11:12:45 -0400 Subject: Protect from forgery by default Rather than protecting from forgery in the generated ApplicationController, add it to ActionController::Base by config. This configuration defaults to false to support older versions which have removed it from their ApplicationController, but is set to true for Rails 5.2. --- guides/source/configuring.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'guides/source/configuring.md') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index 21b3ca0efa..28ceef9740 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -401,6 +401,8 @@ The schema dumper adds one additional configuration option: * `config.action_controller.per_form_csrf_tokens` configures whether CSRF tokens are only valid for the method/action they were generated for. +* `config.action_controller.default_protect_from_forgery` determines whether forgery protection is added on `ActionController:Base`. This is false by default, but enabled when loading defaults for Rails 5.2. + * `config.action_controller.relative_url_root` can be used to tell Rails that you are [deploying to a subdirectory](configuring.html#deploy-to-a-subdirectory-relative-url-root). The default is `ENV['RAILS_RELATIVE_URL_ROOT']`. * `config.action_controller.permit_all_parameters` sets all the parameters for mass assignment to be permitted by default. The default value is `false`. -- cgit v1.2.3 From 52e050ed00b023968fecda82f19a858876a7c435 Mon Sep 17 00:00:00 2001 From: Lisa Ugray Date: Thu, 6 Jul 2017 12:59:33 -0400 Subject: Change sqlite3 boolean serialization to use 1 and 0 Abstract boolean serialization has been using 't' and 'f', with MySQL overriding that to use 1 and 0. This has the advantage that SQLite natively recognizes 1 and 0 as true and false, but does not natively recognize 't' and 'f'. This change in serialization requires a migration of stored boolean data for SQLite databases, so it's implemented behind a configuration flag whose default false value is deprecated. The flag itself can be deprecated in a future version of Rails. While loaded models will give the correct result for boolean columns without migrating old data, where() clauses will interact incorrectly with old data. While working in this area, also change the abstract adapter to use `"TRUE"` and `"FALSE"` as quoted values and `true` and `false` for unquoted. These are supported by PostreSQL, and MySQL remains overriden. --- guides/source/configuring.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'guides/source/configuring.md') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index 28ceef9740..d7fa8813b2 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -375,6 +375,28 @@ The MySQL adapter adds one additional configuration option: * `ActiveRecord::ConnectionAdapters::Mysql2Adapter.emulate_booleans` controls whether Active Record will consider all `tinyint(1)` columns as booleans. Defaults to `true`. +The SQLite3Adapter adapter adds one additional configuration option: + +* `ActiveRecord::ConnectionAdapters::SQLite3Adapter.represent_boolean_as_integer` +indicates whether boolean values are stored in sqlite3 databases as 1 and 0 or +'t' and 'f'. Leaving `ActiveRecord::ConnectionAdapters::SQLite3Adapter.represent_boolean_as_integer` +set to false is deprecated. SQLite databases have used 't' and 'f' to serialize +boolean values and must have old data converted to 1 and 0 (its native boolean +serialization) before setting this flag to true. Conversion can be accomplished +by setting up a rake task which runs + + ```ruby + ExampleModel.where("boolean_column = 't'").update_all(boolean_column: 1) + ExampleModel.where("boolean_column = 't'").update_all(boolean_column: 0) + ``` + + for all models and all boolean columns, after which the flag must be set to true +by adding the following to your application.rb file: + + ```ruby + ActiveRecord::ConnectionAdapters::SQLite3Adapter.represent_boolean_as_integer = true + ``` + The schema dumper adds one additional configuration option: * `ActiveRecord::SchemaDumper.ignore_tables` accepts an array of tables that should _not_ be included in any generated schema file. This setting is ignored unless `config.active_record.schema_format == :ruby`. -- cgit v1.2.3 From 90bb874ea15a16d3fa363a6f5b2fe7302c913f7b Mon Sep 17 00:00:00 2001 From: "yuuji.yaginuma" Date: Thu, 13 Jul 2017 07:36:40 +0900 Subject: Fix boolean column migration script --- guides/source/configuring.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides/source/configuring.md') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index d7fa8813b2..bc8df5a797 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -387,7 +387,7 @@ by setting up a rake task which runs ```ruby ExampleModel.where("boolean_column = 't'").update_all(boolean_column: 1) - ExampleModel.where("boolean_column = 't'").update_all(boolean_column: 0) + ExampleModel.where("boolean_column = 'f'").update_all(boolean_column: 0) ``` for all models and all boolean columns, after which the flag must be set to true -- cgit v1.2.3 From a18cf23a9cbcbeed61e8049442640c7153e0a8fb Mon Sep 17 00:00:00 2001 From: "yuuji.yaginuma" Date: Fri, 14 Jul 2017 08:01:49 +0900 Subject: Set `represent_boolean_as_integer` via `configuration` --- guides/source/configuring.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides/source/configuring.md') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index bc8df5a797..61c4bd1e61 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -394,7 +394,7 @@ by setting up a rake task which runs by adding the following to your application.rb file: ```ruby - ActiveRecord::ConnectionAdapters::SQLite3Adapter.represent_boolean_as_integer = true + Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true ``` The schema dumper adds one additional configuration option: -- cgit v1.2.3