app_monit_rails 0.0.4 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Gemfile.lock +229 -158
- data/appmonit_rails_gem.gemspec +3 -6
- data/lib/app_monit/rails/config.rb +13 -3
- data/lib/app_monit/rails/subscriber.rb +3 -0
- data/lib/app_monit/rails/version.rb +1 -1
- data/spec/dummy/app/controllers/posts_controller.rb +4 -0
- data/spec/dummy/bin/rails +3 -3
- data/spec/dummy/bin/rake +2 -2
- data/spec/dummy/bin/setup +33 -0
- data/spec/dummy/config/application.rb +21 -15
- data/spec/dummy/config/boot.rb +2 -4
- data/spec/dummy/config/environment.rb +2 -2
- data/spec/dummy/config/environments/development.rb +47 -11
- data/spec/dummy/config/environments/production.rb +37 -38
- data/spec/dummy/config/environments/test.rb +33 -12
- data/spec/dummy/config/initializers/content_security_policy.rb +26 -0
- data/spec/dummy/config/initializers/filter_parameter_logging.rb +6 -2
- data/spec/dummy/config/initializers/inflections.rb +4 -4
- data/spec/dummy/config/initializers/new_framework_defaults_7_0.rb +117 -0
- data/spec/dummy/config/initializers/permissions_policy.rb +11 -0
- data/spec/dummy/config/routes.rb +4 -1
- data/spec/dummy/db/migrate/20130719074144_create_posts.rb +1 -1
- data/spec/dummy/db/schema.rb +11 -13
- data/spec/features/trigger_events_spec.rb +5 -2
- metadata +17 -52
@@ -1,29 +1,65 @@
|
|
1
|
-
|
1
|
+
require "active_support/core_ext/integer/time"
|
2
|
+
|
3
|
+
Rails.application.configure do
|
2
4
|
# Settings specified here will take precedence over those in config/application.rb.
|
3
5
|
|
4
|
-
# In the development environment your application's code is reloaded
|
5
|
-
#
|
6
|
+
# In the development environment your application's code is reloaded any time
|
7
|
+
# it changes. This slows down response time but is perfect for development
|
6
8
|
# since you don't have to restart the web server when you make code changes.
|
7
9
|
config.cache_classes = false
|
8
10
|
|
9
11
|
# Do not eager load code on boot.
|
10
12
|
config.eager_load = false
|
11
13
|
|
12
|
-
# Show full error reports
|
13
|
-
config.consider_all_requests_local
|
14
|
-
|
14
|
+
# Show full error reports.
|
15
|
+
config.consider_all_requests_local = true
|
16
|
+
|
17
|
+
# Enable server timing
|
18
|
+
config.server_timing = true
|
19
|
+
|
20
|
+
# Enable/disable caching. By default caching is disabled.
|
21
|
+
# Run rails dev:cache to toggle caching.
|
22
|
+
if Rails.root.join("tmp/caching-dev.txt").exist?
|
23
|
+
config.action_controller.perform_caching = true
|
24
|
+
config.action_controller.enable_fragment_cache_logging = true
|
25
|
+
|
26
|
+
config.cache_store = :memory_store
|
27
|
+
config.public_file_server.headers = {
|
28
|
+
"Cache-Control" => "public, max-age=#{2.days.to_i}"
|
29
|
+
}
|
30
|
+
else
|
31
|
+
config.action_controller.perform_caching = false
|
32
|
+
|
33
|
+
config.cache_store = :null_store
|
34
|
+
end
|
15
35
|
|
16
36
|
# Don't care if the mailer can't send.
|
17
37
|
config.action_mailer.raise_delivery_errors = false
|
18
38
|
|
39
|
+
config.action_mailer.perform_caching = false
|
40
|
+
|
19
41
|
# Print deprecation notices to the Rails logger.
|
20
42
|
config.active_support.deprecation = :log
|
21
43
|
|
22
|
-
# Raise
|
44
|
+
# Raise exceptions for disallowed deprecations.
|
45
|
+
config.active_support.disallowed_deprecation = :raise
|
46
|
+
|
47
|
+
# Tell Active Support which deprecation messages to disallow.
|
48
|
+
config.active_support.disallowed_deprecation_warnings = []
|
49
|
+
|
50
|
+
# Raise an error on page load if there are pending migrations.
|
23
51
|
config.active_record.migration_error = :page_load
|
24
52
|
|
25
|
-
#
|
26
|
-
|
27
|
-
|
28
|
-
|
53
|
+
# Highlight code that triggered database queries in logs.
|
54
|
+
config.active_record.verbose_query_logs = true
|
55
|
+
|
56
|
+
|
57
|
+
# Raises error for missing translations.
|
58
|
+
# config.i18n.raise_on_missing_translations = true
|
59
|
+
|
60
|
+
# Annotate rendered view with file names.
|
61
|
+
# config.action_view.annotate_rendered_view_with_filenames = true
|
62
|
+
|
63
|
+
# Uncomment if you wish to allow Action Cable access from any origin.
|
64
|
+
# config.action_cable.disable_request_forgery_protection = true
|
29
65
|
end
|
@@ -1,11 +1,13 @@
|
|
1
|
-
|
1
|
+
require "active_support/core_ext/integer/time"
|
2
|
+
|
3
|
+
Rails.application.configure do
|
2
4
|
# Settings specified here will take precedence over those in config/application.rb.
|
3
5
|
|
4
6
|
# Code is not reloaded between requests.
|
5
7
|
config.cache_classes = true
|
6
8
|
|
7
9
|
# Eager load code on boot. This eager loads most of Rails and
|
8
|
-
# your application in memory, allowing both
|
10
|
+
# your application in memory, allowing both threaded web servers
|
9
11
|
# and those relying on copy on write to perform better.
|
10
12
|
# Rake tasks automatically ignore this option for performance.
|
11
13
|
config.eager_load = true
|
@@ -14,67 +16,64 @@ Dummy::Application.configure do
|
|
14
16
|
config.consider_all_requests_local = false
|
15
17
|
config.action_controller.perform_caching = true
|
16
18
|
|
17
|
-
#
|
18
|
-
#
|
19
|
-
#
|
20
|
-
# config.action_dispatch.rack_cache = true
|
21
|
-
|
22
|
-
# Disable Rails's static asset server (Apache or nginx will already do this).
|
23
|
-
config.serve_static_assets = false
|
24
|
-
|
25
|
-
# Compress JavaScripts and CSS.
|
26
|
-
config.assets.js_compressor = :uglifier
|
27
|
-
# config.assets.css_compressor = :sass
|
28
|
-
|
29
|
-
# Do not fallback to assets pipeline if a precompiled asset is missed.
|
30
|
-
config.assets.compile = false
|
19
|
+
# Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
|
20
|
+
# or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
|
21
|
+
# config.require_master_key = true
|
31
22
|
|
32
|
-
#
|
33
|
-
|
23
|
+
# Disable serving static files from the `/public` folder by default since
|
24
|
+
# Apache or NGINX already handles this.
|
25
|
+
config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present?
|
34
26
|
|
35
|
-
#
|
36
|
-
config.
|
27
|
+
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
|
28
|
+
# config.asset_host = "http://assets.example.com"
|
37
29
|
|
38
30
|
# Specifies the header that your server uses for sending files.
|
39
|
-
# config.action_dispatch.x_sendfile_header = "X-Sendfile" # for
|
40
|
-
# config.action_dispatch.x_sendfile_header =
|
31
|
+
# config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
|
32
|
+
# config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
|
41
33
|
|
42
34
|
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
|
43
35
|
# config.force_ssl = true
|
44
36
|
|
45
|
-
#
|
37
|
+
# Include generic and useful information about system operation, but avoid logging too much
|
38
|
+
# information to avoid inadvertent exposure of personally identifiable information (PII).
|
46
39
|
config.log_level = :info
|
47
40
|
|
48
41
|
# Prepend all log lines with the following tags.
|
49
|
-
|
50
|
-
|
51
|
-
# Use a different logger for distributed setups.
|
52
|
-
# config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
|
42
|
+
config.log_tags = [ :request_id ]
|
53
43
|
|
54
44
|
# Use a different cache store in production.
|
55
45
|
# config.cache_store = :mem_cache_store
|
56
46
|
|
57
|
-
#
|
58
|
-
# config.
|
47
|
+
# Use a real queuing backend for Active Job (and separate queues per environment).
|
48
|
+
# config.active_job.queue_adapter = :resque
|
49
|
+
# config.active_job.queue_name_prefix = "dummy_production"
|
59
50
|
|
60
|
-
|
61
|
-
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
62
|
-
# config.assets.precompile += %w( search.js )
|
51
|
+
config.action_mailer.perform_caching = false
|
63
52
|
|
64
53
|
# Ignore bad email addresses and do not raise email delivery errors.
|
65
54
|
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
|
66
55
|
# config.action_mailer.raise_delivery_errors = false
|
67
56
|
|
68
57
|
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
|
69
|
-
# the I18n.default_locale when a translation
|
58
|
+
# the I18n.default_locale when a translation cannot be found).
|
70
59
|
config.i18n.fallbacks = true
|
71
60
|
|
72
|
-
#
|
73
|
-
config.active_support.
|
74
|
-
|
75
|
-
# Disable automatic flushing of the log to improve performance.
|
76
|
-
# config.autoflush_log = false
|
61
|
+
# Don't log any deprecations.
|
62
|
+
config.active_support.report_deprecations = false
|
77
63
|
|
78
64
|
# Use default logging formatter so that PID and timestamp are not suppressed.
|
79
65
|
config.log_formatter = ::Logger::Formatter.new
|
66
|
+
|
67
|
+
# Use a different logger for distributed setups.
|
68
|
+
# require "syslog/logger"
|
69
|
+
# config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
|
70
|
+
|
71
|
+
if ENV["RAILS_LOG_TO_STDOUT"].present?
|
72
|
+
logger = ActiveSupport::Logger.new(STDOUT)
|
73
|
+
logger.formatter = config.log_formatter
|
74
|
+
config.logger = ActiveSupport::TaggedLogging.new(logger)
|
75
|
+
end
|
76
|
+
|
77
|
+
# Do not dump schema after migrations.
|
78
|
+
config.active_record.dump_schema_after_migration = false
|
80
79
|
end
|
@@ -1,24 +1,31 @@
|
|
1
|
-
|
1
|
+
require "active_support/core_ext/integer/time"
|
2
|
+
|
3
|
+
# The test environment is used exclusively to run your application's
|
4
|
+
# test suite. You never need to work with it otherwise. Remember that
|
5
|
+
# your test database is "scratch space" for the test suite and is wiped
|
6
|
+
# and recreated between test runs. Don't rely on the data there!
|
7
|
+
|
8
|
+
Rails.application.configure do
|
2
9
|
# Settings specified here will take precedence over those in config/application.rb.
|
3
10
|
|
4
|
-
#
|
5
|
-
# test suite. You never need to work with it otherwise. Remember that
|
6
|
-
# your test database is "scratch space" for the test suite and is wiped
|
7
|
-
# and recreated between test runs. Don't rely on the data there!
|
11
|
+
# Turn false under Spring and add config.action_view.cache_template_loading = true.
|
8
12
|
config.cache_classes = true
|
9
13
|
|
10
|
-
#
|
11
|
-
#
|
12
|
-
#
|
13
|
-
config.eager_load =
|
14
|
+
# Eager loading loads your whole application. When running a single test locally,
|
15
|
+
# this probably isn't necessary. It's a good idea to do in a continuous integration
|
16
|
+
# system, or in some way before deploying your code.
|
17
|
+
config.eager_load = ENV["CI"].present?
|
14
18
|
|
15
|
-
# Configure
|
16
|
-
config.
|
17
|
-
config.
|
19
|
+
# Configure public file server for tests with Cache-Control for performance.
|
20
|
+
config.public_file_server.enabled = true
|
21
|
+
config.public_file_server.headers = {
|
22
|
+
"Cache-Control" => "public, max-age=#{1.hour.to_i}"
|
23
|
+
}
|
18
24
|
|
19
25
|
# Show full error reports and disable caching.
|
20
26
|
config.consider_all_requests_local = true
|
21
27
|
config.action_controller.perform_caching = false
|
28
|
+
config.cache_store = :null_store
|
22
29
|
|
23
30
|
# Raise exceptions instead of rendering exception templates.
|
24
31
|
config.action_dispatch.show_exceptions = false
|
@@ -26,6 +33,8 @@ Dummy::Application.configure do
|
|
26
33
|
# Disable request forgery protection in test environment.
|
27
34
|
config.action_controller.allow_forgery_protection = false
|
28
35
|
|
36
|
+
config.action_mailer.perform_caching = false
|
37
|
+
|
29
38
|
# Tell Action Mailer not to deliver emails to the real world.
|
30
39
|
# The :test delivery method accumulates sent emails in the
|
31
40
|
# ActionMailer::Base.deliveries array.
|
@@ -33,4 +42,16 @@ Dummy::Application.configure do
|
|
33
42
|
|
34
43
|
# Print deprecation notices to the stderr.
|
35
44
|
config.active_support.deprecation = :stderr
|
45
|
+
|
46
|
+
# Raise exceptions for disallowed deprecations.
|
47
|
+
config.active_support.disallowed_deprecation = :raise
|
48
|
+
|
49
|
+
# Tell Active Support which deprecation messages to disallow.
|
50
|
+
config.active_support.disallowed_deprecation_warnings = []
|
51
|
+
|
52
|
+
# Raises error for missing translations.
|
53
|
+
# config.i18n.raise_on_missing_translations = true
|
54
|
+
|
55
|
+
# Annotate rendered view with file names.
|
56
|
+
# config.action_view.annotate_rendered_view_with_filenames = true
|
36
57
|
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# Define an application-wide content security policy
|
4
|
+
# For further information see the following documentation
|
5
|
+
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
|
6
|
+
|
7
|
+
# Rails.application.configure do
|
8
|
+
# config.content_security_policy do |policy|
|
9
|
+
# policy.default_src :self, :https
|
10
|
+
# policy.font_src :self, :https, :data
|
11
|
+
# policy.img_src :self, :https, :data
|
12
|
+
# policy.object_src :none
|
13
|
+
# policy.script_src :self, :https
|
14
|
+
# policy.style_src :self, :https
|
15
|
+
# # Specify URI for violation reports
|
16
|
+
# # policy.report_uri "/csp-violation-report-endpoint"
|
17
|
+
# end
|
18
|
+
#
|
19
|
+
# # Generate session nonces for permitted importmap and inline scripts
|
20
|
+
# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
|
21
|
+
# config.content_security_policy_nonce_directives = %w(script-src)
|
22
|
+
#
|
23
|
+
# # Report CSP violations to a specified URI. See:
|
24
|
+
# # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
|
25
|
+
# # config.content_security_policy_report_only = true
|
26
|
+
# end
|
@@ -1,4 +1,8 @@
|
|
1
1
|
# Be sure to restart your server when you modify this file.
|
2
2
|
|
3
|
-
# Configure
|
4
|
-
|
3
|
+
# Configure parameters to be filtered from the log file. Use this to limit dissemination of
|
4
|
+
# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
|
5
|
+
# notations and behaviors.
|
6
|
+
Rails.application.config.filter_parameters += [
|
7
|
+
:passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
|
8
|
+
]
|
@@ -4,13 +4,13 @@
|
|
4
4
|
# are locale specific, and you may define rules for as many different
|
5
5
|
# locales as you wish. All of these examples are active by default:
|
6
6
|
# ActiveSupport::Inflector.inflections(:en) do |inflect|
|
7
|
-
# inflect.plural /^(ox)$/i,
|
8
|
-
# inflect.singular /^(ox)en/i,
|
9
|
-
# inflect.irregular
|
7
|
+
# inflect.plural /^(ox)$/i, "\\1en"
|
8
|
+
# inflect.singular /^(ox)en/i, "\\1"
|
9
|
+
# inflect.irregular "person", "people"
|
10
10
|
# inflect.uncountable %w( fish sheep )
|
11
11
|
# end
|
12
12
|
|
13
13
|
# These inflection rules are supported but not enabled by default:
|
14
14
|
# ActiveSupport::Inflector.inflections(:en) do |inflect|
|
15
|
-
# inflect.acronym
|
15
|
+
# inflect.acronym "RESTful"
|
16
16
|
# end
|
@@ -0,0 +1,117 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
#
|
3
|
+
# This file eases your Rails 7.0 framework defaults upgrade.
|
4
|
+
#
|
5
|
+
# Uncomment each configuration one by one to switch to the new default.
|
6
|
+
# Once your application is ready to run with all new defaults, you can remove
|
7
|
+
# this file and set the `config.load_defaults` to `7.0`.
|
8
|
+
#
|
9
|
+
# Read the Guide for Upgrading Ruby on Rails for more info on each option.
|
10
|
+
# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html
|
11
|
+
|
12
|
+
# `button_to` view helper will render `<button>` element, regardless of whether
|
13
|
+
# or not the content is passed as the first argument or as a block.
|
14
|
+
# Rails.application.config.action_view.button_to_generates_button_tag = true
|
15
|
+
|
16
|
+
# `stylesheet_link_tag` view helper will not render the media attribute by default.
|
17
|
+
# Rails.application.config.action_view.apply_stylesheet_media_default = false
|
18
|
+
|
19
|
+
# Change the digest class for the key generators to `OpenSSL::Digest::SHA256`.
|
20
|
+
# Changing this default means invalidate all encrypted messages generated by
|
21
|
+
# your application and, all the encrypted cookies. Only change this after you
|
22
|
+
# rotated all the messages using the key rotator.
|
23
|
+
#
|
24
|
+
# See upgrading guide for more information on how to build a rotator.
|
25
|
+
# https://guides.rubyonrails.org/v7.0/upgrading_ruby_on_rails.html
|
26
|
+
# Rails.application.config.active_support.key_generator_hash_digest_class = OpenSSL::Digest::SHA256
|
27
|
+
|
28
|
+
# Change the digest class for ActiveSupport::Digest.
|
29
|
+
# Changing this default means that for example Etags change and
|
30
|
+
# various cache keys leading to cache invalidation.
|
31
|
+
# Rails.application.config.active_support.hash_digest_class = OpenSSL::Digest::SHA256
|
32
|
+
|
33
|
+
# Don't override ActiveSupport::TimeWithZone.name and use the default Ruby
|
34
|
+
# implementation.
|
35
|
+
# Rails.application.config.active_support.remove_deprecated_time_with_zone_name = true
|
36
|
+
|
37
|
+
# Change the format of the cache entry.
|
38
|
+
# Changing this default means that all new cache entries added to the cache
|
39
|
+
# will have a different format that is not supported by Rails 6.1 applications.
|
40
|
+
# Only change this value after your application is fully deployed to Rails 7.0
|
41
|
+
# and you have no plans to rollback.
|
42
|
+
# Rails.application.config.active_support.cache_format_version = 7.0
|
43
|
+
|
44
|
+
# Calls `Rails.application.executor.wrap` around test cases.
|
45
|
+
# This makes test cases behave closer to an actual request or job.
|
46
|
+
# Several features that are normally disabled in test, such as Active Record query cache
|
47
|
+
# and asynchronous queries will then be enabled.
|
48
|
+
# Rails.application.config.active_support.executor_around_test_case = true
|
49
|
+
|
50
|
+
# Define the isolation level of most of Rails internal state.
|
51
|
+
# If you use a fiber based server or job processor, you should set it to `:fiber`.
|
52
|
+
# Otherwise the default of `:thread` if preferable.
|
53
|
+
# Rails.application.config.active_support.isolation_level = :thread
|
54
|
+
|
55
|
+
# Set both the `:open_timeout` and `:read_timeout` values for `:smtp` delivery method.
|
56
|
+
# Rails.application.config.action_mailer.smtp_timeout = 5
|
57
|
+
|
58
|
+
# The ActiveStorage video previewer will now use scene change detection to generate
|
59
|
+
# better preview images (rather than the previous default of using the first frame
|
60
|
+
# of the video).
|
61
|
+
# Rails.application.config.active_storage.video_preview_arguments =
|
62
|
+
# "-vf 'select=eq(n\\,0)+eq(key\\,1)+gt(scene\\,0.015),loop=loop=-1:size=2,trim=start_frame=1' -frames:v 1 -f image2"
|
63
|
+
|
64
|
+
# Automatically infer `inverse_of` for associations with a scope.
|
65
|
+
# Rails.application.config.active_record.automatic_scope_inversing = true
|
66
|
+
|
67
|
+
# Raise when running tests if fixtures contained foreign key violations
|
68
|
+
# Rails.application.config.active_record.verify_foreign_keys_for_fixtures = true
|
69
|
+
|
70
|
+
# Disable partial inserts.
|
71
|
+
# This default means that all columns will be referenced in INSERT queries
|
72
|
+
# regardless of whether they have a default or not.
|
73
|
+
# Rails.application.config.active_record.partial_inserts = false
|
74
|
+
#
|
75
|
+
# Protect from open redirect attacks in `redirect_back_or_to` and `redirect_to`.
|
76
|
+
# Rails.application.config.action_controller.raise_on_open_redirects = true
|
77
|
+
|
78
|
+
# Change the variant processor for Active Storage.
|
79
|
+
# Changing this default means updating all places in your code that
|
80
|
+
# generate variants to use image processing macros and ruby-vips
|
81
|
+
# operations. See the upgrading guide for detail on the changes required.
|
82
|
+
# The `:mini_magick` option is not deprecated; it's fine to keep using it.
|
83
|
+
# Rails.application.config.active_storage.variant_processor = :vips
|
84
|
+
|
85
|
+
# If you're upgrading and haven't set `cookies_serializer` previously, your cookie serializer
|
86
|
+
# was `:marshal`. Convert all cookies to JSON, using the `:hybrid` formatter.
|
87
|
+
#
|
88
|
+
# If you're confident all your cookies are JSON formatted, you can switch to the `:json` formatter.
|
89
|
+
#
|
90
|
+
# Continue to use `:marshal` for backward-compatibility with old cookies.
|
91
|
+
#
|
92
|
+
# If you have configured the serializer elsewhere, you can remove this.
|
93
|
+
#
|
94
|
+
# See https://guides.rubyonrails.org/action_controller_overview.html#cookies for more information.
|
95
|
+
# Rails.application.config.action_dispatch.cookies_serializer = :hybrid
|
96
|
+
|
97
|
+
# Enable parameter wrapping for JSON.
|
98
|
+
# Previously this was set in an initializer. It's fine to keep using that initializer if you've customized it.
|
99
|
+
# To disable parameter wrapping entirely, set this config to `false`.
|
100
|
+
# Rails.application.config.action_controller.wrap_parameters_by_default = true
|
101
|
+
|
102
|
+
# Specifies whether generated namespaced UUIDs follow the RFC 4122 standard for namespace IDs provided as a
|
103
|
+
# `String` to `Digest::UUID.uuid_v3` or `Digest::UUID.uuid_v5` method calls.
|
104
|
+
#
|
105
|
+
# See https://guides.rubyonrails.org/configuring.html#config-active-support-use-rfc4122-namespaced-uuids for
|
106
|
+
# more information.
|
107
|
+
# Rails.application.config.active_support.use_rfc4122_namespaced_uuids = true
|
108
|
+
|
109
|
+
# Change the default headers to disable browsers' flawed legacy XSS protection.
|
110
|
+
# Rails.application.config.action_dispatch.default_headers = {
|
111
|
+
# "X-Frame-Options" => "SAMEORIGIN",
|
112
|
+
# "X-XSS-Protection" => "0",
|
113
|
+
# "X-Content-Type-Options" => "nosniff",
|
114
|
+
# "X-Download-Options" => "noopen",
|
115
|
+
# "X-Permitted-Cross-Domain-Policies" => "none",
|
116
|
+
# "Referrer-Policy" => "strict-origin-when-cross-origin"
|
117
|
+
# }
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# Define an application-wide HTTP permissions policy. For further
|
2
|
+
# information see https://developers.google.com/web/updates/2018/06/feature-policy
|
3
|
+
#
|
4
|
+
# Rails.application.config.permissions_policy do |f|
|
5
|
+
# f.camera :none
|
6
|
+
# f.gyroscope :none
|
7
|
+
# f.microphone :none
|
8
|
+
# f.usb :none
|
9
|
+
# f.fullscreen :self
|
10
|
+
# f.payment :self, "https://secure.example.com"
|
11
|
+
# end
|
data/spec/dummy/config/routes.rb
CHANGED
data/spec/dummy/db/schema.rb
CHANGED
@@ -1,23 +1,21 @@
|
|
1
|
-
# encoding: UTF-8
|
2
1
|
# This file is auto-generated from the current state of the database. Instead
|
3
2
|
# of editing this file, please use the migrations feature of Active Record to
|
4
3
|
# incrementally modify your database, and then regenerate this schema definition.
|
5
4
|
#
|
6
|
-
#
|
7
|
-
#
|
8
|
-
#
|
9
|
-
# from scratch.
|
10
|
-
#
|
5
|
+
# This file is the source Rails uses to define your schema when running `bin/rails
|
6
|
+
# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
|
7
|
+
# be faster and is potentially less error prone than running all of your
|
8
|
+
# migrations from scratch. Old migrations may fail to apply correctly if those
|
9
|
+
# migrations use external dependencies or application code.
|
11
10
|
#
|
12
11
|
# It's strongly recommended that you check this file into your version control system.
|
13
12
|
|
14
|
-
ActiveRecord::Schema.define(version:
|
15
|
-
|
16
|
-
|
17
|
-
t.
|
18
|
-
t.
|
19
|
-
t.datetime "
|
20
|
-
t.datetime "updated_at"
|
13
|
+
ActiveRecord::Schema[7.0].define(version: 2013_07_19_074144) do
|
14
|
+
create_table "posts", force: :cascade do |t|
|
15
|
+
t.string "title"
|
16
|
+
t.text "body"
|
17
|
+
t.datetime "created_at", precision: nil
|
18
|
+
t.datetime "updated_at", precision: nil
|
21
19
|
end
|
22
20
|
|
23
21
|
end
|
@@ -5,6 +5,7 @@ feature 'Triggered events' do
|
|
5
5
|
AppMonit::Config.end_point = 'http://test.local'
|
6
6
|
AppMonit::Config.api_key = 'api_key'
|
7
7
|
AppMonit::Config.env = 'test'
|
8
|
+
AppMonit::Rails::Config.skipped_endpoints = %w(PostsController#skipped)
|
8
9
|
|
9
10
|
10.times do
|
10
11
|
visit '/posts/'
|
@@ -28,11 +29,13 @@ feature 'Triggered events' do
|
|
28
29
|
|
29
30
|
expect {
|
30
31
|
visit '/not_found'
|
31
|
-
}.to raise_error
|
32
|
+
}.to raise_error(ActionController::RoutingError)
|
32
33
|
|
33
34
|
expect {
|
34
35
|
visit '/posts/with_exception'
|
35
|
-
}.to raise_error
|
36
|
+
}.to raise_error(RuntimeError)
|
37
|
+
|
38
|
+
visit '/posts/skipped'
|
36
39
|
|
37
40
|
@worker = AppMonit::Rails::Worker.instance
|
38
41
|
@worker.push(:flush)
|