From b54a8458d5029b3494165b7430e21b3ae34ecc0c Mon Sep 17 00:00:00 2001 From: hellekin Date: Fri, 22 Jan 2021 05:32:15 +0100 Subject: Upgrade Rails and add StimulusJS support --- config/initializers/assets.rb | 1 + config/initializers/backtrace_silencers.rb | 7 +++-- config/initializers/content_security_policy.rb | 4 +++ config/initializers/filter_parameter_logging.rb | 4 ++- config/initializers/meta_tags.rb | 40 +++++++++++++++++++++++++ config/initializers/permissions_policy.rb | 11 +++++++ 6 files changed, 63 insertions(+), 4 deletions(-) create mode 100644 config/initializers/meta_tags.rb create mode 100644 config/initializers/permissions_policy.rb (limited to 'config/initializers') diff --git a/config/initializers/assets.rb b/config/initializers/assets.rb index 4b828e8..20d4046 100644 --- a/config/initializers/assets.rb +++ b/config/initializers/assets.rb @@ -12,3 +12,4 @@ Rails.application.config.assets.paths << Rails.root.join('node_modules') # application.js, application.css, and all non-JS/CSS in the app/assets # folder are already added. # Rails.application.config.assets.precompile += %w( admin.js admin.css ) +Rails.application.config.assets.precompile += %w(leaflet.markercluster.js leaflet.markercluster.css leaflet.markercluster-default.css) diff --git a/config/initializers/backtrace_silencers.rb b/config/initializers/backtrace_silencers.rb index 59385cd..33699c3 100644 --- a/config/initializers/backtrace_silencers.rb +++ b/config/initializers/backtrace_silencers.rb @@ -1,7 +1,8 @@ # Be sure to restart your server when you modify this file. # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces. -# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ } +# Rails.backtrace_cleaner.add_silencer { |line| /my_noisy_library/.match?(line) } -# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code. -# Rails.backtrace_cleaner.remove_silencers! +# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code +# by setting BACKTRACE=1 before calling your invocation, like "BACKTRACE=1 ./bin/rails runner 'MyClass.perform'". +Rails.backtrace_cleaner.remove_silencers! if ENV["BACKTRACE"] diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 35d0f26..9cd7f6a 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -28,3 +28,7 @@ # For further information see the following documentation: # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only # Rails.application.config.content_security_policy_report_only = true + +Rails.application.config.content_security_policy do |policy| + policy.connect_src :self, :https, 'http://localhost:3035', 'ws://localhost:3035' if Rails.env.development? +end diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index 4a994e1..4b34a03 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,4 +1,6 @@ # Be sure to restart your server when you modify this file. # Configure sensitive parameters which will be filtered from the log file. -Rails.application.config.filter_parameters += [:password] +Rails.application.config.filter_parameters += [ + :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn +] diff --git a/config/initializers/meta_tags.rb b/config/initializers/meta_tags.rb new file mode 100644 index 0000000..464d964 --- /dev/null +++ b/config/initializers/meta_tags.rb @@ -0,0 +1,40 @@ +# frozen_string_literal: true + +# Use this setup block to configure all options available in MetaTags. +MetaTags.configure do |config| + # How many characters should the title meta tag have at most. Default is 70. + # Set to nil or 0 to remove limits. + # config.title_limit = 70 + + # When true, site title will be truncated instead of title. Default is false. + # config.truncate_site_title_first = false + + # Maximum length of the page description. Default is 300. + # Set to nil or 0 to remove limits. + # config.description_limit = 300 + + # Maximum length of the keywords meta tag. Default is 255. + # config.keywords_limit = 255 + + # Default separator for keywords meta tag (used when an Array passed with + # the list of keywords). Default is ", ". + # config.keywords_separator = ', ' + + # When true, keywords will be converted to lowercase, otherwise they will + # appear on the page as is. Default is true. + # config.keywords_lowercase = true + + # When true, the output will not include new line characters between meta tags. + # Default is false. + # config.minify_output = false + + # When false, generated meta tags will be self-closing () instead + # of open (``). Default is true. + # config.open_meta_tags = true + + # List of additional meta tags that should use "property" attribute instead + # of "name" attribute in tags. + # config.property_tags.push( + # 'x-hearthstone:deck', + # ) +end diff --git a/config/initializers/permissions_policy.rb b/config/initializers/permissions_policy.rb new file mode 100644 index 0000000..00f64d7 --- /dev/null +++ b/config/initializers/permissions_policy.rb @@ -0,0 +1,11 @@ +# Define an application-wide HTTP permissions policy. For further +# information see https://developers.google.com/web/updates/2018/06/feature-policy +# +# Rails.application.config.permissions_policy do |f| +# f.camera :none +# f.gyroscope :none +# f.microphone :none +# f.usb :none +# f.fullscreen :self +# f.payment :self, "https://secure.example.com" +# end -- cgit v1.2.3