Mercurial > rsstweet
changeset 213:609e96a79ad8
Update defaults
author | nanaya <me@nanaya.pro> |
---|---|
date | Fri, 11 Dec 2020 03:41:31 +0900 |
parents | 1b2dbba1e119 |
children | 2335107f35d0 |
files | config/application.rb config/initializers/new_framework_defaults.rb config/initializers/new_framework_defaults_6_0.rb config/initializers/per_form_csrf_tokens.rb config/initializers/request_forgery_protection.rb |
diffstat | 5 files changed, 1 insertions(+), 67 deletions(-) [+] |
line wrap: on
line diff
--- a/config/application.rb Fri Dec 11 03:33:37 2020 +0900 +++ b/config/application.rb Fri Dec 11 03:41:31 2020 +0900 @@ -24,6 +24,7 @@ module Rsstweet class Application < Rails::Application + config.load_defaults 6.1 # Settings in config/environments/* take precedence over those specified here. # Application configuration can go into files in config/initializers # -- all .rb files in that directory are automatically loaded after loading @@ -31,8 +32,6 @@ config.middleware.delete ActionDispatch::HostAuthorization config.middleware.delete ActionDispatch::Cookies - # this isn't actually used but railties checks this variable during boot. - config.secret_key_base = "herp a derp" config.session_store :disabled if $cfg[:redis_server]
--- a/config/initializers/new_framework_defaults.rb Fri Dec 11 03:33:37 2020 +0900 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,24 +0,0 @@ -# Be sure to restart your server when you modify this file. -# -# This file contains migration options to ease your Rails 5.0 upgrade. -# -# Read the Rails 5.0 release notes for more info on each option. - -# Enable per-form CSRF tokens. Previous versions had false. -# Rails.application.config.action_controller.per_form_csrf_tokens = true - -# Enable origin-checking CSRF mitigation. Previous versions had false. -# Rails.application.config.action_controller.forgery_protection_origin_check = true - -# Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`. -# Previous versions had false. -ActiveSupport.to_time_preserves_timezone = true - -# Require `belongs_to` associations by default. Previous versions had false. -# Rails.application.config.active_record.belongs_to_required_by_default = true - -# Do not halt callback chains when a callback returns false. Previous versions had true. -# ActiveSupport.halt_callback_chains_on_return_false = false - -# Configure SSL options to enable HSTS with subdomains. Previous versions had false. -# Rails.application.config.ssl_options = { hsts: { subdomains: true } }
--- a/config/initializers/new_framework_defaults_6_0.rb Fri Dec 11 03:33:37 2020 +0900 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,33 +0,0 @@ -# Be sure to restart your server when you modify this file. -# -# This file contains migration options to ease your Rails 6.0 upgrade. -# -# Once upgraded flip defaults one by one to migrate to the new default. -# -# Read the Guide for Upgrading Ruby on Rails for more info on each option. - -# Don't force requests from old versions of IE to be UTF-8 encoded. -# Rails.application.config.action_view.default_enforce_utf8 = false - -# Embed purpose and expiry metadata inside signed and encrypted -# cookies for increased security. -# -# This option is not backwards compatible with earlier Rails versions. -# It's best enabled when your entire app is migrated and stable on 6.0. -# Rails.application.config.action_dispatch.use_cookies_with_metadata = true - -# Return false instead of self when enqueuing is aborted from a callback. -# Rails.application.config.active_job.return_false_on_aborted_enqueue = true - -# Send Active Storage analysis and purge jobs to dedicated queues. -# Rails.application.config.active_storage.queues.analysis = :active_storage_analysis -# Rails.application.config.active_storage.queues.purge = :active_storage_purge - -# Use ActionMailer::MailDeliveryJob for sending parameterized and normal mail. -# -# The default delivery jobs (ActionMailer::Parameterized::DeliveryJob, ActionMailer::DeliveryJob), -# will be removed in Rails 6.1. This setting is not backwards compatible with earlier Rails versions. -# If you send mail in the background, job workers need to have a copy of -# MailDeliveryJob to ensure all delivery jobs are processed properly. -# Make sure your entire app is migrated and stable on 6.0 before using this setting. -# Rails.application.config.action_mailer.delivery_job = "ActionMailer::MailDeliveryJob"
--- a/config/initializers/per_form_csrf_tokens.rb Fri Dec 11 03:33:37 2020 +0900 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,4 +0,0 @@ -# Be sure to restart your server when you modify this file. - -# Enable per-form CSRF tokens. -Rails.application.config.action_controller.per_form_csrf_tokens = true
--- a/config/initializers/request_forgery_protection.rb Fri Dec 11 03:33:37 2020 +0900 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,4 +0,0 @@ -# Be sure to restart your server when you modify this file. - -# Enable origin-checking CSRF mitigation. -Rails.application.config.action_controller.forgery_protection_origin_check = true