From 6a728491b66340345a91264b5983ad81944ab97a Mon Sep 17 00:00:00 2001 From: Akira Matsuda Date: Sat, 21 Oct 2017 22:08:33 +0900 Subject: [Railties] require_relative => require This basically reverts 618268b4b9382f4bcf004a945fe2d85c0bd03e32 --- railties/lib/rails/application/bootstrap.rb | 2 +- railties/lib/rails/application/configuration.rb | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'railties/lib/rails/application') diff --git a/railties/lib/rails/application/bootstrap.rb b/railties/lib/rails/application/bootstrap.rb index c24d4573a9..e3c0759f95 100644 --- a/railties/lib/rails/application/bootstrap.rb +++ b/railties/lib/rails/application/bootstrap.rb @@ -4,7 +4,7 @@ require "fileutils" require "active_support/notifications" require "active_support/dependencies" require "active_support/descendants_tracker" -require_relative "../secrets" +require "rails/secrets" module Rails class Application diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb index b65289177f..290ec13878 100644 --- a/railties/lib/rails/application/configuration.rb +++ b/railties/lib/rails/application/configuration.rb @@ -2,8 +2,8 @@ require "active_support/core_ext/kernel/reporting" require "active_support/file_update_checker" -require_relative "../engine/configuration" -require_relative "../source_annotation_extractor" +require "rails/engine/configuration" +require "rails/source_annotation_extractor" module Rails class Application -- cgit v1.2.3 From 260d6f112a0ffdbe03e6f5051504cb441c1e94cd Mon Sep 17 00:00:00 2001 From: npezza93 Date: Tue, 13 Jun 2017 10:54:35 -0400 Subject: Change `form_with` to generates ids by default When `form_with` was introduced we disabled the automatic generation of ids that was enabled in `form_for`. This usually is not an good idea since labels don't work when the input doesn't have an id and it made harder to test with Capybara. You can still disable the automatic generation of ids setting `config.action_view.form_with_generates_ids` to `false.` --- railties/lib/rails/application/configuration.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'railties/lib/rails/application') diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb index 290ec13878..7f23203e8b 100644 --- a/railties/lib/rails/application/configuration.rb +++ b/railties/lib/rails/application/configuration.rb @@ -81,6 +81,7 @@ module Rails if respond_to?(:action_view) action_view.form_with_generates_remote_forms = true + action_view.form_with_generates_ids = true end when "5.2" -- cgit v1.2.3 From 36ac675d2af5838c81afbd7c95b2e403e6366ba5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Sat, 25 Nov 2017 11:49:01 -0500 Subject: Make form_with_generates_ids default in Rails 5.2 When the defaults being loaded are the 5.0 or 5.1 we disable generation of ids with form_with. --- railties/lib/rails/application/configuration.rb | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'railties/lib/rails/application') diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb index 7f23203e8b..a1023e5d6e 100644 --- a/railties/lib/rails/application/configuration.rb +++ b/railties/lib/rails/application/configuration.rb @@ -72,6 +72,9 @@ module Rails self.ssl_options = { hsts: { subdomains: true } } + if respond_to?(:action_view) + action_view.form_with_generates_ids = false + end when "5.1" load_defaults "5.0" @@ -81,9 +84,7 @@ module Rails if respond_to?(:action_view) action_view.form_with_generates_remote_forms = true - action_view.form_with_generates_ids = true end - when "5.2" load_defaults "5.1" @@ -107,6 +108,10 @@ module Rails action_controller.default_protect_from_forgery = true end + if respond_to?(:action_view) + action_view.form_with_generates_remote_forms = true + action_view.form_with_generates_ids = true + end else raise "Unknown version #{target_version.to_s.inspect}" end -- cgit v1.2.3 From 11720c23476a49c6c75239182f096847172b1683 Mon Sep 17 00:00:00 2001 From: "yuuji.yaginuma" Date: Sun, 26 Nov 2017 09:37:55 +0900 Subject: Remove duplicated `form_with_generates_remote_forms` setting When load `5.1` config, `form_with_generates_remote_forms` is set. https://github.com/rails/rails/blob/89a209f1abba5a2320d31c4898dea150c0abd0c0/railties/lib/rails/application/configuration.rb#L86 --- railties/lib/rails/application/configuration.rb | 1 - 1 file changed, 1 deletion(-) (limited to 'railties/lib/rails/application') diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb index a1023e5d6e..e221889da0 100644 --- a/railties/lib/rails/application/configuration.rb +++ b/railties/lib/rails/application/configuration.rb @@ -109,7 +109,6 @@ module Rails end if respond_to?(:action_view) - action_view.form_with_generates_remote_forms = true action_view.form_with_generates_ids = true end else -- cgit v1.2.3 From 456c3ffdbe37d430c12ad269514674cc89f38c11 Mon Sep 17 00:00:00 2001 From: Andrew White Date: Wed, 15 Nov 2017 21:07:28 +0000 Subject: Add DSL for configuring Content-Security-Policy header https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy --- railties/lib/rails/application/configuration.rb | 72 ++++++++++++---------- .../rails/application/default_middleware_stack.rb | 4 ++ 2 files changed, 43 insertions(+), 33 deletions(-) (limited to 'railties/lib/rails/application') diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb index e221889da0..0ff0aeb73e 100644 --- a/railties/lib/rails/application/configuration.rb +++ b/railties/lib/rails/application/configuration.rb @@ -16,44 +16,46 @@ module Rails :ssl_options, :public_file_server, :session_options, :time_zone, :reload_classes_only_on_change, :beginning_of_week, :filter_redirect, :x, :enable_dependency_loading, - :read_encrypted_secrets, :log_level + :read_encrypted_secrets, :log_level, :content_security_policy_report_only attr_reader :encoding, :api_only def initialize(*) super - self.encoding = Encoding::UTF_8 - @allow_concurrency = nil - @consider_all_requests_local = false - @filter_parameters = [] - @filter_redirect = [] - @helpers_paths = [] - @public_file_server = ActiveSupport::OrderedOptions.new - @public_file_server.enabled = true - @public_file_server.index_name = "index" - @force_ssl = false - @ssl_options = {} - @session_store = nil - @time_zone = "UTC" - @beginning_of_week = :monday - @log_level = :debug - @generators = app_generators - @cache_store = [ :file_store, "#{root}/tmp/cache/" ] - @railties_order = [:all] - @relative_url_root = ENV["RAILS_RELATIVE_URL_ROOT"] - @reload_classes_only_on_change = true - @file_watcher = ActiveSupport::FileUpdateChecker - @exceptions_app = nil - @autoflush_log = true - @log_formatter = ActiveSupport::Logger::SimpleFormatter.new - @eager_load = nil - @secret_token = nil - @secret_key_base = nil - @api_only = false - @debug_exception_response_format = nil - @x = Custom.new - @enable_dependency_loading = false - @read_encrypted_secrets = false + self.encoding = Encoding::UTF_8 + @allow_concurrency = nil + @consider_all_requests_local = false + @filter_parameters = [] + @filter_redirect = [] + @helpers_paths = [] + @public_file_server = ActiveSupport::OrderedOptions.new + @public_file_server.enabled = true + @public_file_server.index_name = "index" + @force_ssl = false + @ssl_options = {} + @session_store = nil + @time_zone = "UTC" + @beginning_of_week = :monday + @log_level = :debug + @generators = app_generators + @cache_store = [ :file_store, "#{root}/tmp/cache/" ] + @railties_order = [:all] + @relative_url_root = ENV["RAILS_RELATIVE_URL_ROOT"] + @reload_classes_only_on_change = true + @file_watcher = ActiveSupport::FileUpdateChecker + @exceptions_app = nil + @autoflush_log = true + @log_formatter = ActiveSupport::Logger::SimpleFormatter.new + @eager_load = nil + @secret_token = nil + @secret_key_base = nil + @api_only = false + @debug_exception_response_format = nil + @x = Custom.new + @enable_dependency_loading = false + @read_encrypted_secrets = false + @content_security_policy = nil + @content_security_policy_report_only = false end def load_defaults(target_version) @@ -233,6 +235,10 @@ module Rails SourceAnnotationExtractor::Annotation end + def content_security_policy(&block) + @content_security_policy ||= ActionDispatch::ContentSecurityPolicy.new(&block) + end + class Custom #:nodoc: def initialize @configurations = Hash.new diff --git a/railties/lib/rails/application/default_middleware_stack.rb b/railties/lib/rails/application/default_middleware_stack.rb index ea2273c1f2..0e79ba7da0 100644 --- a/railties/lib/rails/application/default_middleware_stack.rb +++ b/railties/lib/rails/application/default_middleware_stack.rb @@ -63,6 +63,10 @@ module Rails middleware.use ::ActionDispatch::Flash end + unless config.api_only + middleware.use ::ActionDispatch::ContentSecurityPolicy::Middleware + end + middleware.use ::Rack::Head middleware.use ::Rack::ConditionalGet middleware.use ::Rack::ETag, "no-cache" -- cgit v1.2.3 From 21cd5b3031b0c022439a88cb750c1e00cd07f1e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Mon, 27 Nov 2017 11:52:39 -0500 Subject: Make form_with_generates_ids default value to be false This will keep the behavior of an application with the defaults of a 4.2 or 5.0 application behaving the same when upgrading to 5.2. --- railties/lib/rails/application/configuration.rb | 4 ---- 1 file changed, 4 deletions(-) (limited to 'railties/lib/rails/application') diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb index 0ff0aeb73e..cbc04f8a48 100644 --- a/railties/lib/rails/application/configuration.rb +++ b/railties/lib/rails/application/configuration.rb @@ -73,10 +73,6 @@ module Rails end self.ssl_options = { hsts: { subdomains: true } } - - if respond_to?(:action_view) - action_view.form_with_generates_ids = false - end when "5.1" load_defaults "5.0" -- cgit v1.2.3