hanami 1.3.1 → 2.0.0.alpha2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (168) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +110 -6
  3. data/FEATURES.md +9 -1
  4. data/LICENSE.md +1 -1
  5. data/README.md +4 -5
  6. data/hanami.gemspec +26 -30
  7. data/lib/hanami.rb +40 -243
  8. data/lib/hanami/application.rb +338 -174
  9. data/lib/hanami/application/autoloader/inflector_adapter.rb +22 -0
  10. data/lib/hanami/application/container/boot/inflector.rb +7 -0
  11. data/lib/hanami/application/container/boot/logger.rb +8 -0
  12. data/lib/hanami/application/container/boot/rack_logger.rb +19 -0
  13. data/lib/hanami/application/container/boot/rack_monitor.rb +12 -0
  14. data/lib/hanami/application/container/boot/settings.rb +7 -0
  15. data/lib/hanami/application/router.rb +59 -0
  16. data/lib/hanami/application/routing/middleware/stack.rb +89 -0
  17. data/lib/hanami/application/routing/resolver.rb +82 -0
  18. data/lib/hanami/application/routing/resolver/node.rb +50 -0
  19. data/lib/hanami/application/routing/resolver/trie.rb +59 -0
  20. data/lib/hanami/application/settings.rb +23 -0
  21. data/lib/hanami/application/settings/definition.rb +26 -0
  22. data/lib/hanami/application/settings/loader.rb +97 -0
  23. data/lib/hanami/application/settings/struct.rb +65 -0
  24. data/lib/hanami/boot.rb +5 -0
  25. data/lib/hanami/cli/application/cli.rb +40 -0
  26. data/lib/hanami/cli/application/command.rb +47 -0
  27. data/lib/hanami/cli/application/commands.rb +16 -0
  28. data/lib/hanami/cli/application/commands/console.rb +81 -0
  29. data/lib/hanami/cli/base_command.rb +48 -0
  30. data/lib/hanami/cli/commands.rb +6 -42
  31. data/lib/hanami/cli/commands/command.rb +20 -30
  32. data/lib/hanami/cli/commands/server.rb +63 -14
  33. data/lib/hanami/configuration.rb +248 -190
  34. data/lib/hanami/configuration/middleware.rb +8 -28
  35. data/lib/hanami/configuration/router.rb +50 -0
  36. data/lib/hanami/configuration/sessions.rb +50 -0
  37. data/lib/hanami/init.rb +5 -0
  38. data/lib/hanami/server.rb +5 -69
  39. data/lib/hanami/setup.rb +8 -2
  40. data/lib/hanami/slice.rb +138 -0
  41. data/lib/hanami/version.rb +3 -1
  42. data/lib/hanami/web/rack_logger.rb +96 -0
  43. metadata +84 -228
  44. data/bin/hanami +0 -6
  45. data/lib/hanami/action/csrf_protection.rb +0 -211
  46. data/lib/hanami/action/routing_helpers.rb +0 -40
  47. data/lib/hanami/app.rb +0 -96
  48. data/lib/hanami/application_configuration.rb +0 -1495
  49. data/lib/hanami/application_name.rb +0 -108
  50. data/lib/hanami/application_namespace.rb +0 -14
  51. data/lib/hanami/assets/asset.rb +0 -72
  52. data/lib/hanami/assets/static.rb +0 -102
  53. data/lib/hanami/cli/commands/assets.rb +0 -16
  54. data/lib/hanami/cli/commands/assets/precompile.rb +0 -42
  55. data/lib/hanami/cli/commands/console.rb +0 -95
  56. data/lib/hanami/cli/commands/db.rb +0 -32
  57. data/lib/hanami/cli/commands/db/apply.rb +0 -32
  58. data/lib/hanami/cli/commands/db/console.rb +0 -44
  59. data/lib/hanami/cli/commands/db/create.rb +0 -32
  60. data/lib/hanami/cli/commands/db/drop.rb +0 -32
  61. data/lib/hanami/cli/commands/db/migrate.rb +0 -39
  62. data/lib/hanami/cli/commands/db/prepare.rb +0 -32
  63. data/lib/hanami/cli/commands/db/rollback.rb +0 -59
  64. data/lib/hanami/cli/commands/db/version.rb +0 -32
  65. data/lib/hanami/cli/commands/destroy.rb +0 -26
  66. data/lib/hanami/cli/commands/destroy/action.rb +0 -137
  67. data/lib/hanami/cli/commands/destroy/app.rb +0 -159
  68. data/lib/hanami/cli/commands/destroy/mailer.rb +0 -74
  69. data/lib/hanami/cli/commands/destroy/migration.rb +0 -51
  70. data/lib/hanami/cli/commands/destroy/model.rb +0 -84
  71. data/lib/hanami/cli/commands/generate.rb +0 -28
  72. data/lib/hanami/cli/commands/generate/action.rb +0 -321
  73. data/lib/hanami/cli/commands/generate/action/action.erb +0 -7
  74. data/lib/hanami/cli/commands/generate/action/action_spec.minitest.erb +0 -11
  75. data/lib/hanami/cli/commands/generate/action/action_spec.rspec.erb +0 -9
  76. data/lib/hanami/cli/commands/generate/action/action_without_view.erb +0 -7
  77. data/lib/hanami/cli/commands/generate/action/view.erb +0 -7
  78. data/lib/hanami/cli/commands/generate/action/view_spec.minitest.erb +0 -12
  79. data/lib/hanami/cli/commands/generate/action/view_spec.rspec.erb +0 -10
  80. data/lib/hanami/cli/commands/generate/app.rb +0 -243
  81. data/lib/hanami/cli/commands/generate/app/application.erb +0 -313
  82. data/lib/hanami/cli/commands/generate/app/favicon.ico +0 -0
  83. data/lib/hanami/cli/commands/generate/app/gitkeep.erb +0 -0
  84. data/lib/hanami/cli/commands/generate/app/layout.erb +0 -7
  85. data/lib/hanami/cli/commands/generate/app/layout_spec.minitest.erb +0 -10
  86. data/lib/hanami/cli/commands/generate/app/layout_spec.rspec.erb +0 -10
  87. data/lib/hanami/cli/commands/generate/app/routes.erb +0 -5
  88. data/lib/hanami/cli/commands/generate/app/template.erb.erb +0 -10
  89. data/lib/hanami/cli/commands/generate/app/template.haml.erb +0 -7
  90. data/lib/hanami/cli/commands/generate/app/template.slim.erb +0 -8
  91. data/lib/hanami/cli/commands/generate/mailer.rb +0 -104
  92. data/lib/hanami/cli/commands/generate/mailer/mailer.erb +0 -9
  93. data/lib/hanami/cli/commands/generate/mailer/mailer_spec.minitest.erb +0 -7
  94. data/lib/hanami/cli/commands/generate/mailer/mailer_spec.rspec.erb +0 -5
  95. data/lib/hanami/cli/commands/generate/migration.rb +0 -41
  96. data/lib/hanami/cli/commands/generate/migration/migration.erb +0 -4
  97. data/lib/hanami/cli/commands/generate/model.rb +0 -125
  98. data/lib/hanami/cli/commands/generate/model/entity.erb +0 -2
  99. data/lib/hanami/cli/commands/generate/model/entity_spec.minitest.erb +0 -5
  100. data/lib/hanami/cli/commands/generate/model/entity_spec.rspec.erb +0 -3
  101. data/lib/hanami/cli/commands/generate/model/migration.erb +0 -10
  102. data/lib/hanami/cli/commands/generate/model/repository.erb +0 -5
  103. data/lib/hanami/cli/commands/generate/model/repository_spec.minitest.erb +0 -5
  104. data/lib/hanami/cli/commands/generate/model/repository_spec.rspec.erb +0 -3
  105. data/lib/hanami/cli/commands/generate/secret.rb +0 -48
  106. data/lib/hanami/cli/commands/new.rb +0 -578
  107. data/lib/hanami/cli/commands/new/.env.development.erb +0 -3
  108. data/lib/hanami/cli/commands/new/.env.test.erb +0 -3
  109. data/lib/hanami/cli/commands/new/.gitkeep.erb +0 -0
  110. data/lib/hanami/cli/commands/new/Gemfile.erb +0 -58
  111. data/lib/hanami/cli/commands/new/README.md.erb +0 -33
  112. data/lib/hanami/cli/commands/new/config.ru.erb +0 -3
  113. data/lib/hanami/cli/commands/new/config/boot.erb +0 -2
  114. data/lib/hanami/cli/commands/new/config/environment.erb +0 -49
  115. data/lib/hanami/cli/commands/new/gitignore.erb +0 -2
  116. data/lib/hanami/cli/commands/new/gitignore_with_sqlite.erb +0 -3
  117. data/lib/hanami/cli/commands/new/hanamirc.erb +0 -3
  118. data/lib/hanami/cli/commands/new/lib/project.erb +0 -2
  119. data/lib/hanami/cli/commands/new/minitest/Rakefile.erb +0 -12
  120. data/lib/hanami/cli/commands/new/minitest/features_helper.erb +0 -11
  121. data/lib/hanami/cli/commands/new/minitest/spec_helper.erb +0 -7
  122. data/lib/hanami/cli/commands/new/rspec/Rakefile.erb +0 -9
  123. data/lib/hanami/cli/commands/new/rspec/capybara.erb +0 -8
  124. data/lib/hanami/cli/commands/new/rspec/features_helper.erb +0 -12
  125. data/lib/hanami/cli/commands/new/rspec/rspec.erb +0 -2
  126. data/lib/hanami/cli/commands/new/rspec/spec_helper.erb +0 -103
  127. data/lib/hanami/cli/commands/new/schema.sql.erb +0 -0
  128. data/lib/hanami/cli/commands/project.rb +0 -421
  129. data/lib/hanami/cli/commands/routes.rb +0 -21
  130. data/lib/hanami/cli/commands/templates.rb +0 -31
  131. data/lib/hanami/cli/commands/version.rb +0 -19
  132. data/lib/hanami/common_logger.rb +0 -93
  133. data/lib/hanami/components.rb +0 -156
  134. data/lib/hanami/components/app/assets.rb +0 -59
  135. data/lib/hanami/components/app/controller.rb +0 -74
  136. data/lib/hanami/components/app/routes.rb +0 -59
  137. data/lib/hanami/components/app/view.rb +0 -44
  138. data/lib/hanami/components/component.rb +0 -182
  139. data/lib/hanami/components/components.rb +0 -479
  140. data/lib/hanami/components/routes_inspector.rb +0 -72
  141. data/lib/hanami/config/cookies.rb +0 -69
  142. data/lib/hanami/config/framework_configuration.rb +0 -43
  143. data/lib/hanami/config/load_paths.rb +0 -46
  144. data/lib/hanami/config/mapper.rb +0 -47
  145. data/lib/hanami/config/routes.rb +0 -20
  146. data/lib/hanami/config/security.rb +0 -110
  147. data/lib/hanami/config/sessions.rb +0 -103
  148. data/lib/hanami/configuration/app.rb +0 -18
  149. data/lib/hanami/early_hints.rb +0 -129
  150. data/lib/hanami/env.rb +0 -69
  151. data/lib/hanami/environment.rb +0 -513
  152. data/lib/hanami/environment_application_configurations.rb +0 -37
  153. data/lib/hanami/frameworks.rb +0 -22
  154. data/lib/hanami/hanamirc.rb +0 -169
  155. data/lib/hanami/mailer/glue.rb +0 -27
  156. data/lib/hanami/middleware_stack.rb +0 -172
  157. data/lib/hanami/rake_helper.rb +0 -78
  158. data/lib/hanami/rake_tasks.rb +0 -2
  159. data/lib/hanami/rendering_policy.rb +0 -95
  160. data/lib/hanami/routes.rb +0 -219
  161. data/lib/hanami/routing/default.rb +0 -32
  162. data/lib/hanami/static.rb +0 -63
  163. data/lib/hanami/templates/default.html.erb +0 -30
  164. data/lib/hanami/templates/welcome.html.erb +0 -52
  165. data/lib/hanami/views/default.rb +0 -37
  166. data/lib/hanami/views/default_template_finder.rb +0 -22
  167. data/lib/hanami/views/null_view.rb +0 -15
  168. data/lib/hanami/welcome.rb +0 -36
@@ -1,7 +0,0 @@
1
- module <%= app.classify %>
2
- module Controllers
3
- <%= beginning_module_definition %>
4
- <%= action_class_definition %>
5
- <%= ending_module_definition %>
6
- end
7
- end
@@ -1,11 +0,0 @@
1
- require_relative '../../../spec_helper'
2
-
3
- describe <%= app.classify %>::Controllers::<%= classified_controller_name %>::<%= action.classify %> do
4
- let(:action) { <%= app.classify %>::Controllers::<%= classified_controller_name %>::<%= action.classify %>.new }
5
- let(:params) { Hash[] }
6
-
7
- it 'is successful' do
8
- response = action.call(params)
9
- response[0].must_equal 200
10
- end
11
- end
@@ -1,9 +0,0 @@
1
- RSpec.describe <%= app.classify %>::Controllers::<%= classified_controller_name %>::<%= action.classify %>, type: :action do
2
- let(:action) { described_class.new }
3
- let(:params) { Hash[] }
4
-
5
- it 'is successful' do
6
- response = action.call(params)
7
- expect(response[0]).to eq 200
8
- end
9
- end
@@ -1,7 +0,0 @@
1
- module <%= app.classify %>
2
- module Controllers
3
- <%= beginning_module_definition %>
4
- <%= action_class_definition %>
5
- <%= ending_module_definition %>
6
- end
7
- end
@@ -1,7 +0,0 @@
1
- module <%= app.classify %>
2
- module Views
3
- <%= beginning_module_definition %>
4
- <%= view_class_definition %>
5
- <%= ending_module_definition %>
6
- end
7
- end
@@ -1,12 +0,0 @@
1
- require_relative '../../../spec_helper'
2
-
3
- describe <%= app.classify %>::Views::<%= classified_controller_name %>::<%= action.classify %> do
4
- let(:exposures) { Hash[format: :html] }
5
- let(:template) { Hanami::View::Template.new('<%= template %>') }
6
- let(:view) { <%= app.classify %>::Views::<%= classified_controller_name %>::<%= action.classify %>.new(template, exposures) }
7
- let(:rendered) { view.render }
8
-
9
- it 'exposes #format' do
10
- view.format.must_equal exposures.fetch(:format)
11
- end
12
- end
@@ -1,10 +0,0 @@
1
- RSpec.describe <%= app.classify %>::Views::<%= classified_controller_name %>::<%= action.classify %>, type: :view do
2
- let(:exposures) { Hash[format: :html] }
3
- let(:template) { Hanami::View::Template.new('<%= template %>') }
4
- let(:view) { described_class.new(template, exposures) }
5
- let(:rendered) { view.render }
6
-
7
- it 'exposes #format' do
8
- expect(view.format).to eq exposures.fetch(:format)
9
- end
10
- end
@@ -1,243 +0,0 @@
1
- module Hanami
2
- class CLI
3
- module Commands
4
- module Generate
5
- # @since 1.1.0
6
- # @api private
7
- class App < Command # rubocop:disable Metrics/ClassLength
8
- requires "environment"
9
-
10
- desc "Generate an app"
11
-
12
- argument :app, required: true, desc: "The application name (eg. `web`)"
13
- option :application_base_url, desc: "The app base URL (eg. `/api/v1`)"
14
-
15
- example [
16
- "admin # Generate `admin` app",
17
- "api --application-base-url=/api/v1 # Generate `api` app and mount at `/api/v1`"
18
- ]
19
-
20
- # @since 1.1.0
21
- # @api private
22
- #
23
- # rubocop:disable Metrics/AbcSize
24
- # rubocop:disable Metrics/MethodLength
25
- def call(app:, application_base_url: nil, **options)
26
- app = Utils::String.underscore(app)
27
- template = options.fetch(:template)
28
- base_url = application_base_url || "/#{app}"
29
- context = Context.new(app: app, base_url: base_url, test: options.fetch(:test), template: template, options: options)
30
-
31
- assert_valid_base_url!(context)
32
-
33
- generate_app(context)
34
- generate_routes(context)
35
- generate_layout(context)
36
- generate_template(context)
37
- generate_favicon(context)
38
-
39
- create_controllers_directory(context)
40
- create_assets_images_directory(context)
41
- create_assets_javascripts_directory(context)
42
- create_assets_stylesheets_directory(context)
43
-
44
- create_spec_features_directory(context)
45
- create_spec_controllers_directory(context)
46
- generate_layout_spec(context)
47
-
48
- inject_require_app(context)
49
- inject_mount_app(context)
50
-
51
- append_development_http_session_secret(context)
52
- append_test_http_session_secret(context)
53
- end
54
- # rubocop:enable Metrics/MethodLength
55
- # rubocop:enable Metrics/AbcSize
56
-
57
- private
58
-
59
- # @since 1.1.0
60
- # @api private
61
- def assert_valid_base_url!(context)
62
- if Utils::Blank.blank?(context.base_url) # rubocop:disable Style/GuardClause
63
- warn "`' is not a valid URL"
64
- exit(1)
65
- end
66
- end
67
-
68
- # @since 1.1.0
69
- # @api private
70
- def generate_app(context)
71
- source = templates.find("application.erb")
72
- destination = project.app_application(context)
73
-
74
- generate_file(source, destination, context)
75
- say(:create, destination)
76
- end
77
-
78
- # @since 1.1.0
79
- # @api private
80
- def generate_routes(context)
81
- source = templates.find("routes.erb")
82
- destination = project.app_routes(context)
83
-
84
- generate_file(source, destination, context)
85
- say(:create, destination)
86
- end
87
-
88
- # @since 1.1.0
89
- # @api private
90
- def generate_layout(context)
91
- source = templates.find("layout.erb")
92
- destination = project.app_layout(context)
93
-
94
- generate_file(source, destination, context)
95
- say(:create, destination)
96
- end
97
-
98
- # @since 1.1.0
99
- # @api private
100
- def generate_template(context)
101
- source = templates.find("template.#{context.template}.erb")
102
- destination = project.app_template(context)
103
-
104
- generate_file(source, destination, context)
105
- say(:create, destination)
106
- end
107
-
108
- # @since 1.1.0
109
- # @api private
110
- def generate_favicon(context)
111
- source = templates.find("favicon.ico")
112
- destination = project.app_favicon(context)
113
-
114
- files.cp(source, destination)
115
- say(:create, destination)
116
- end
117
-
118
- # @since 1.1.0
119
- # @api private
120
- def create_controllers_directory(context)
121
- source = templates.find("gitkeep.erb")
122
- destination = project.keep(project.controllers(context))
123
-
124
- generate_file(source, destination, context)
125
- say(:create, destination)
126
- end
127
-
128
- # @since 1.1.0
129
- # @api private
130
- def create_assets_images_directory(context)
131
- source = templates.find("gitkeep.erb")
132
- destination = project.keep(project.images(context))
133
-
134
- generate_file(source, destination, context)
135
- say(:create, destination)
136
- end
137
-
138
- # @since 1.1.0
139
- # @api private
140
- def create_assets_javascripts_directory(context)
141
- source = templates.find("gitkeep.erb")
142
- destination = project.keep(project.javascripts(context))
143
-
144
- generate_file(source, destination, context)
145
- say(:create, destination)
146
- end
147
-
148
- # @since 1.1.0
149
- # @api private
150
- def create_assets_stylesheets_directory(context)
151
- source = templates.find("gitkeep.erb")
152
- destination = project.keep(project.stylesheets(context))
153
-
154
- generate_file(source, destination, context)
155
- say(:create, destination)
156
- end
157
-
158
- # @since 1.1.0
159
- # @api private
160
- def create_spec_features_directory(context)
161
- source = templates.find("gitkeep.erb")
162
- destination = project.keep(project.features_spec(context))
163
-
164
- generate_file(source, destination, context)
165
- say(:create, destination)
166
- end
167
-
168
- # @since 1.1.0
169
- # @api private
170
- def create_spec_controllers_directory(context)
171
- source = templates.find("gitkeep.erb")
172
- destination = project.keep(project.controllers_spec(context))
173
-
174
- generate_file(source, destination, context)
175
- say(:create, destination)
176
- end
177
-
178
- # @since 1.1.0
179
- # @api private
180
- def generate_layout_spec(context)
181
- source = templates.find("layout_spec.#{context.options.fetch(:test)}.erb")
182
- destination = project.app_layout_spec(context)
183
-
184
- generate_file(source, destination, context)
185
- say(:create, destination)
186
- end
187
-
188
- # @since 1.1.0
189
- # @api private
190
- def inject_require_app(context)
191
- content = "require_relative '../apps/#{context.app}/application'"
192
- destination = project.environment(context)
193
-
194
- req_regex = /^\s*require .*$/
195
- rel_regex = /^\s*require_relative .*$/
196
-
197
- case File.read(destination)
198
- when rel_regex
199
- files.inject_line_after_last(destination, rel_regex, content)
200
- when req_regex
201
- files.inject_line_after_last(destination, req_regex, content)
202
- else
203
- raise "No require found"
204
- end
205
- say(:insert, destination)
206
- end
207
-
208
- # @since 1.1.0
209
- # @api private
210
- def inject_mount_app(context)
211
- content = " mount #{context.app.classify}::Application, at: '#{context.base_url}'"
212
- destination = project.environment(context)
213
-
214
- files.inject_line_after(destination, /Hanami.configure do/, content)
215
- say(:insert, destination)
216
- end
217
-
218
- # @since 1.1.0
219
- # @api private
220
- def append_development_http_session_secret(context)
221
- append_env_to_http_session_secret(context, "development")
222
- end
223
-
224
- # @since 1.1.0
225
- # @api private
226
- def append_test_http_session_secret(context)
227
- append_env_to_http_session_secret(context, "test")
228
- end
229
-
230
- private
231
-
232
- def append_env_to_http_session_secret(context, env)
233
- content = %(#{context.app.upcase}_SESSIONS_SECRET="#{project.app_sessions_secret}")
234
- destination = project.env(context, env)
235
-
236
- files.append(destination, content)
237
- say(:append, destination)
238
- end
239
- end
240
- end
241
- end
242
- end
243
- end
@@ -1,313 +0,0 @@
1
- require 'hanami/helpers'
2
- require 'hanami/assets'
3
-
4
- module <%= app.classify %>
5
- class Application < Hanami::Application
6
- configure do
7
- ##
8
- # BASIC
9
- #
10
-
11
- # Define the root path of this application.
12
- # All paths specified in this configuration are relative to path below.
13
- #
14
- root __dir__
15
-
16
- # Relative load paths where this application will recursively load the
17
- # code.
18
- #
19
- # When you add new directories, remember to add them here.
20
- #
21
- load_paths << [
22
- 'controllers',
23
- 'views'
24
- ]
25
-
26
- # Handle exceptions with HTTP statuses (true) or don't catch them (false).
27
- # Defaults to true.
28
- # See: http://www.rubydoc.info/gems/hanami-controller/#Exceptions_management
29
- #
30
- # handle_exceptions true
31
-
32
- ##
33
- # HTTP
34
- #
35
-
36
- # Routes definitions for this application
37
- # See: http://www.rubydoc.info/gems/hanami-router#Usage
38
- #
39
- routes 'config/routes'
40
-
41
- # URI scheme used by the routing system to generate absolute URLs
42
- # Defaults to "http"
43
- #
44
- # scheme 'https'
45
-
46
- # URI host used by the routing system to generate absolute URLs
47
- # Defaults to "localhost"
48
- #
49
- # host 'example.org'
50
-
51
- # URI port used by the routing system to generate absolute URLs
52
- # Argument: An object coercible to integer, defaults to 80 if the scheme
53
- # is http and 443 if it's https
54
- #
55
- # This should only be configured if app listens to non-standard ports
56
- #
57
- # port 443
58
-
59
- # Enable cookies
60
- # Argument: boolean to toggle the feature
61
- # A Hash with options
62
- #
63
- # Options:
64
- # :domain - The domain (String - nil by default, not required)
65
- # :path - Restrict cookies to a relative URI
66
- # (String - nil by default)
67
- # :max_age - Cookies expiration expressed in seconds
68
- # (Integer - nil by default)
69
- # :secure - Restrict cookies to secure connections
70
- # (Boolean - Automatically true when using HTTPS)
71
- # See #scheme and #ssl?
72
- # :httponly - Prevent JavaScript access (Boolean - true by default)
73
- #
74
- # cookies true
75
- # or
76
- # cookies max_age: 300
77
-
78
- # Enable sessions
79
- # Argument: Symbol the Rack session adapter
80
- # A Hash with options
81
- #
82
- # See: http://www.rubydoc.info/gems/rack/Rack/Session/Cookie
83
- #
84
- # sessions :cookie, secret: ENV['<%= app.upcase %>_SESSIONS_SECRET']
85
-
86
- # Configure Rack middleware for this application
87
- #
88
- # middleware.use Rack::Protection
89
-
90
- # Default format for the requests that don't specify an HTTP_ACCEPT header
91
- # Argument: A symbol representation of a mime type, defaults to :html
92
- #
93
- # default_request_format :html
94
-
95
- # Default format for responses that don't consider the request format
96
- # Argument: A symbol representation of a mime type, defaults to :html
97
- #
98
- # default_response_format :html
99
-
100
- ##
101
- # TEMPLATES
102
- #
103
-
104
- # The layout to be used by all views
105
- #
106
- layout :application # It will load <%= app.classify %>::Views::ApplicationLayout
107
-
108
- # The relative path to templates
109
- #
110
- templates 'templates'
111
-
112
- ##
113
- # ASSETS
114
- #
115
- assets do
116
- # JavaScript compressor
117
- #
118
- # Supported engines:
119
- #
120
- # * :builtin
121
- # * :uglifier
122
- # * :yui
123
- # * :closure
124
- #
125
- # See: http://hanamirb.org/guides/assets/compressors
126
- #
127
- # In order to skip JavaScript compression comment the following line
128
- javascript_compressor :builtin
129
-
130
- # Stylesheet compressor
131
- #
132
- # Supported engines:
133
- #
134
- # * :builtin
135
- # * :yui
136
- # * :sass
137
- #
138
- # See: http://hanamirb.org/guides/assets/compressors
139
- #
140
- # In order to skip stylesheet compression comment the following line
141
- stylesheet_compressor :builtin
142
-
143
- # Specify sources for assets
144
- #
145
- sources << [
146
- 'assets'
147
- ]
148
- end
149
-
150
- ##
151
- # SECURITY
152
- #
153
-
154
- # X-Frame-Options is a HTTP header supported by modern browsers.
155
- # It determines if a web page can or cannot be included via <frame> and
156
- # <iframe> tags by untrusted domains.
157
- #
158
- # Web applications can send this header to prevent Clickjacking attacks.
159
- #
160
- # Read more at:
161
- #
162
- # * https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
163
- # * https://www.owasp.org/index.php/Clickjacking
164
- #
165
- security.x_frame_options 'DENY'
166
-
167
- # X-Content-Type-Options prevents browsers from interpreting files as
168
- # something else than declared by the content type in the HTTP headers.
169
- #
170
- # Read more at:
171
- #
172
- # * https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-Content-Type-Options
173
- # * https://msdn.microsoft.com/en-us/library/gg622941%28v=vs.85%29.aspx
174
- # * https://blogs.msdn.microsoft.com/ie/2008/09/02/ie8-security-part-vi-beta-2-update
175
- #
176
- security.x_content_type_options 'nosniff'
177
-
178
- # X-XSS-Protection is a HTTP header to determine the behavior of the
179
- # browser in case an XSS attack is detected.
180
- #
181
- # Read more at:
182
- #
183
- # * https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
184
- # * https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-XSS-Protection
185
- #
186
- security.x_xss_protection '1; mode=block'
187
-
188
- # Content-Security-Policy (CSP) is a HTTP header supported by modern
189
- # browsers. It determines trusted sources of execution for dynamic
190
- # contents (JavaScript) or other web related assets: stylesheets, images,
191
- # fonts, plugins, etc.
192
- #
193
- # Web applications can send this header to mitigate Cross Site Scripting
194
- # (XSS) attacks.
195
- #
196
- # The default value allows images, scripts, AJAX, fonts and CSS from the
197
- # same origin, and does not allow any other resources to load (eg object,
198
- # frame, media, etc).
199
- #
200
- # Inline JavaScript is NOT allowed. To enable it, please use:
201
- # "script-src 'unsafe-inline'".
202
- #
203
- # Content Security Policy introduction:
204
- #
205
- # * http://www.html5rocks.com/en/tutorials/security/content-security-policy/
206
- # * https://www.owasp.org/index.php/Content_Security_Policy
207
- # * https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29
208
- #
209
- # Inline and eval JavaScript risks:
210
- #
211
- # * http://www.html5rocks.com/en/tutorials/security/content-security-policy/#inline-code-considered-harmful
212
- # * http://www.html5rocks.com/en/tutorials/security/content-security-policy/#eval-too
213
- #
214
- # Content Security Policy usage:
215
- #
216
- # * http://content-security-policy.com/
217
- # * https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Using_Content_Security_Policy
218
- #
219
- # Content Security Policy references:
220
- #
221
- # * https://developer.mozilla.org/en-US/docs/Web/Security/CSP/CSP_policy_directives
222
- #
223
- security.content_security_policy %{
224
- form-action 'self';
225
- frame-ancestors 'self';
226
- base-uri 'self';
227
- default-src 'none';
228
- script-src 'self';
229
- connect-src 'self';
230
- img-src 'self' https: data:;
231
- style-src 'self' 'unsafe-inline' https:;
232
- font-src 'self';
233
- object-src 'none';
234
- plugin-types application/pdf;
235
- child-src 'self';
236
- frame-src 'self';
237
- media-src 'self'
238
- }
239
-
240
- ##
241
- # FRAMEWORKS
242
- #
243
-
244
- # Configure the code that will yield each time <%= app.classify %>::Action is included
245
- # This is useful for sharing common functionality
246
- #
247
- # See: http://www.rubydoc.info/gems/hanami-controller#Configuration
248
- controller.prepare do
249
- # include MyAuthentication # included in all the actions
250
- # before :authenticate! # run an authentication before callback
251
- end
252
-
253
- # Configure the code that will yield each time <%= app.classify %>::View is included
254
- # This is useful for sharing common functionality
255
- #
256
- # See: http://www.rubydoc.info/gems/hanami-view#Configuration
257
- view.prepare do
258
- include Hanami::Helpers
259
- include <%= app.classify %>::Assets::Helpers
260
- end
261
- end
262
-
263
- ##
264
- # DEVELOPMENT
265
- #
266
- configure :development do
267
- # Don't handle exceptions, render the stack trace
268
- handle_exceptions false
269
- end
270
-
271
- ##
272
- # TEST
273
- #
274
- configure :test do
275
- # Don't handle exceptions, render the stack trace
276
- handle_exceptions false
277
- end
278
-
279
- ##
280
- # PRODUCTION
281
- #
282
- configure :production do
283
- # scheme 'https'
284
- # host 'example.org'
285
- # port 443
286
-
287
- assets do
288
- # Don't compile static assets in production mode (eg. Sass, ES6)
289
- #
290
- # See: http://www.rubydoc.info/gems/hanami-assets#Configuration
291
- compile false
292
-
293
- # Use fingerprint file name for asset paths
294
- #
295
- # See: http://hanamirb.org/guides/assets/overview
296
- fingerprint true
297
-
298
- # Content Delivery Network (CDN)
299
- #
300
- # See: http://hanamirb.org/guides/assets/content-delivery-network
301
- #
302
- # scheme 'https'
303
- # host 'cdn.example.org'
304
- # port 443
305
-
306
- # Subresource Integrity
307
- #
308
- # See: http://hanamirb.org/guides/assets/content-delivery-network/#subresource-integrity
309
- subresource_integrity :sha256
310
- end
311
- end
312
- end
313
- end