rails-assets-manifest 2.0.1 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +11 -1
- data/README.md +4 -4
- data/lib/rails/assets/manifest.rb +9 -2
- data/lib/rails/assets/manifest/helper.rb +12 -11
- data/lib/rails/assets/manifest/manifest.rb +4 -2
- data/lib/rails/assets/manifest/railtie.rb +4 -18
- data/lib/rails/assets/manifest/version.rb +2 -2
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 803f622685cadb160b0cf327865bf93587e178a4ffffead1f8605f9934cd6416
|
|
4
|
+
data.tar.gz: 5e41faf3bfb89d88005c3667d916ace976a4800c1b8336d1763e24b554b5dcd6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dd37845719179bf39ec81db748348b6d761a7877d1a0e3ddc20eb74115f45f6c0992c014a3be9087b3cdc432ce91faf87f2fcacc0bcdc2bd4a3c6dacc1da64ef
|
|
7
|
+
data.tar.gz: 5741fd20f61a7bde1f5acd7db3aa440a9613e125edc24b088e52a9ad3e6e1dec3d01c32c754a8120aadad66f2fb1195e58748642b6e4bfae8d1c169ddd7ae128
|
data/CHANGELOG.md
CHANGED
|
@@ -17,6 +17,17 @@ This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a Ch
|
|
|
17
17
|
### Breaks
|
|
18
18
|
|
|
19
19
|
|
|
20
|
+
## 2.1.0 - (2019-09-11)
|
|
21
|
+
---
|
|
22
|
+
|
|
23
|
+
### New
|
|
24
|
+
* Automatically add `crossorigin="anonymous"` for SRI resources
|
|
25
|
+
* Separate manifest caching and eager loading
|
|
26
|
+
|
|
27
|
+
### Changes
|
|
28
|
+
* Remove defunct onboot manifest validation (f3fe8f57)
|
|
29
|
+
|
|
30
|
+
|
|
20
31
|
## 2.0.1 - (2019-08-09)
|
|
21
32
|
---
|
|
22
33
|
|
|
@@ -33,7 +44,6 @@ This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a Ch
|
|
|
33
44
|
|
|
34
45
|
### Breaks
|
|
35
46
|
* Change `manifest` configuration option into `manifests` to support multiple files
|
|
36
|
-
* Change configuration option into to support multiple files
|
|
37
47
|
|
|
38
48
|
|
|
39
49
|
## 1.1.0 - (2019-08-08)
|
data/README.md
CHANGED
|
@@ -17,7 +17,7 @@ This gem does not make any assumption on which tool to use to make your assets n
|
|
|
17
17
|
}
|
|
18
18
|
```
|
|
19
19
|
|
|
20
|
-
This gem does not add new helper methods but extends the existing helpers. SRI is automatically added if available and within a secure context
|
|
20
|
+
This gem does not add new helper methods but extends the existing helpers. SRI is automatically added if available and within a secure context. A `crossorigin="anonymous"` attribute is automatically added if non is present.
|
|
21
21
|
|
|
22
22
|
```slim
|
|
23
23
|
html
|
|
@@ -27,8 +27,8 @@ html
|
|
|
27
27
|
```
|
|
28
28
|
|
|
29
29
|
```html
|
|
30
|
-
<link rel="stylesheet" media="all" href="2b16adf6f756625a0194.css" integrity="sha384-/oreyvcV6U6htGZD0fDWR8/Txezke8KhD0QNgHb660hSaW7M+ZzxxuB4Vo+PuAC9">
|
|
31
|
-
<script src="2b16adf6f756625a0194.js" integrity="sha384-iJ55fQQApbQGxWEWSbWStBabi+yNGxZSQy/010+1Dhxl+rymyhGF4NtjUkOsYv7B"></script>
|
|
30
|
+
<link rel="stylesheet" media="all" href="2b16adf6f756625a0194.css" integrity="sha384-/oreyvcV6U6htGZD0fDWR8/Txezke8KhD0QNgHb660hSaW7M+ZzxxuB4Vo+PuAC9" crossorigin="anonymous">
|
|
31
|
+
<script src="2b16adf6f756625a0194.js" integrity="sha384-iJ55fQQApbQGxWEWSbWStBabi+yNGxZSQy/010+1Dhxl+rymyhGF4NtjUkOsYv7B" crossorigin="anonymous"></script>
|
|
32
32
|
```
|
|
33
33
|
|
|
34
34
|
## Installation
|
|
@@ -47,7 +47,7 @@ The manifest path can be configured e.g. in an environment:
|
|
|
47
47
|
config.assets.manifests = %w(public/.asset-manifest.json)
|
|
48
48
|
```
|
|
49
49
|
|
|
50
|
-
If `config.cache_classes` is set to `true` the manifest file be loaded once on boot
|
|
50
|
+
If `config.cache_classes` is set to `true` the manifest file be loaded once on boot.
|
|
51
51
|
|
|
52
52
|
Assets included with `integrity: true` will raise an error if the integrity option is missing in the manifest.
|
|
53
53
|
|
|
@@ -20,8 +20,10 @@ module Rails
|
|
|
20
20
|
class << self
|
|
21
21
|
delegate :lookup, :lookup!, to: :instance
|
|
22
22
|
|
|
23
|
-
|
|
24
|
-
|
|
23
|
+
attr_reader :instance
|
|
24
|
+
|
|
25
|
+
def prepare!
|
|
26
|
+
@instance = begin
|
|
25
27
|
config = Rails.application.config
|
|
26
28
|
|
|
27
29
|
Manifest.new \
|
|
@@ -30,6 +32,11 @@ module Rails
|
|
|
30
32
|
end
|
|
31
33
|
end
|
|
32
34
|
|
|
35
|
+
def eager_load!
|
|
36
|
+
return unless @instance
|
|
37
|
+
@instance.eager_load!
|
|
38
|
+
end
|
|
39
|
+
|
|
33
40
|
def passthrough?
|
|
34
41
|
Rails.application.config.assets.passthrough
|
|
35
42
|
end
|
|
@@ -17,7 +17,7 @@ module Rails::Assets::Manifest
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def javascript_include_tag(*sources, integrity: nil, **kwargs)
|
|
20
|
-
return super(*sources, **kwargs) unless
|
|
20
|
+
return super(*sources, **kwargs) unless manifest_use_integrity?(integrity)
|
|
21
21
|
|
|
22
22
|
with_integrity(sources, integrity, :javascript, **kwargs) do |source, options|
|
|
23
23
|
super(source, options)
|
|
@@ -25,7 +25,7 @@ module Rails::Assets::Manifest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def stylesheet_link_tag(*sources, integrity: nil, **kwargs)
|
|
28
|
-
return super(*sources, **kwargs) unless
|
|
28
|
+
return super(*sources, **kwargs) unless manifest_use_integrity?(integrity)
|
|
29
29
|
|
|
30
30
|
with_integrity(sources, integrity, :stylesheet, **kwargs) do |source, options|
|
|
31
31
|
super(source, options)
|
|
@@ -34,19 +34,24 @@ module Rails::Assets::Manifest
|
|
|
34
34
|
|
|
35
35
|
private
|
|
36
36
|
|
|
37
|
-
def
|
|
38
|
-
return false unless
|
|
37
|
+
def manifest_use_integrity?(option)
|
|
38
|
+
return false unless secure_request_context?
|
|
39
39
|
|
|
40
40
|
option || option.nil?
|
|
41
41
|
end
|
|
42
42
|
|
|
43
|
+
# http://www.w3.org/TR/SRI/#non-secure-contexts-remain-non-secure
|
|
44
|
+
def secure_request_context?
|
|
45
|
+
respond_to?(:request) && self.request && (self.request.local? || self.request.ssl?)
|
|
46
|
+
end
|
|
47
|
+
|
|
43
48
|
def with_integrity(sources, required, type, **kwargs)
|
|
44
49
|
sources.map do |source|
|
|
45
50
|
path = path_with_extname(source, type: type, **kwargs)
|
|
46
51
|
|
|
47
52
|
# integrity hash passed directly
|
|
48
53
|
if required.is_a?(String)
|
|
49
|
-
next yield(source, integrity: required, **kwargs)
|
|
54
|
+
next yield(source, integrity: required, crossorigin: 'anonymous', **kwargs)
|
|
50
55
|
|
|
51
56
|
# Explicit passed `true` option
|
|
52
57
|
elsif required
|
|
@@ -56,7 +61,7 @@ module Rails::Assets::Manifest
|
|
|
56
61
|
raise IntegrityMissing.new "SRI missing for #{path}"
|
|
57
62
|
end
|
|
58
63
|
|
|
59
|
-
next yield(source, integrity: integrity, **kwargs)
|
|
64
|
+
next yield(source, integrity: integrity, crossorigin: 'anonymous', **kwargs)
|
|
60
65
|
|
|
61
66
|
# No integrity option passed or `nil` default from above
|
|
62
67
|
elsif required.nil?
|
|
@@ -65,7 +70,7 @@ module Rails::Assets::Manifest
|
|
|
65
70
|
# Only if it is an asset from our manifest and there is an integrity
|
|
66
71
|
# we default to adding one
|
|
67
72
|
if(entry && entry.integrity)
|
|
68
|
-
next yield(source, integrity: entry.integrity, **kwargs)
|
|
73
|
+
next yield(source, integrity: entry.integrity, crossorigin: 'anonymous', **kwargs)
|
|
69
74
|
end
|
|
70
75
|
end
|
|
71
76
|
|
|
@@ -73,10 +78,6 @@ module Rails::Assets::Manifest
|
|
|
73
78
|
end.join.html_safe
|
|
74
79
|
end
|
|
75
80
|
|
|
76
|
-
def secure_subresource_integrity_context?
|
|
77
|
-
respond_to?(:request) && (request&.local? || request&.ssl?)
|
|
78
|
-
end
|
|
79
|
-
|
|
80
81
|
def path_with_extname(path, options)
|
|
81
82
|
path = path.to_s
|
|
82
83
|
"#{path}#{compute_asset_extname(path, options)}"
|
|
@@ -7,8 +7,6 @@ module Rails::Assets::Manifest
|
|
|
7
7
|
def initialize(files:, cache: true)
|
|
8
8
|
@files = Array(files).flatten.each(&:freeze).freeze
|
|
9
9
|
@cache = cache
|
|
10
|
-
|
|
11
|
-
data if cache?
|
|
12
10
|
end
|
|
13
11
|
|
|
14
12
|
def cache?
|
|
@@ -32,6 +30,10 @@ module Rails::Assets::Manifest
|
|
|
32
30
|
data.key?(name.to_s)
|
|
33
31
|
end
|
|
34
32
|
|
|
33
|
+
def eager_load!
|
|
34
|
+
data
|
|
35
|
+
end
|
|
36
|
+
|
|
35
37
|
private
|
|
36
38
|
|
|
37
39
|
Entry = Struct.new(:src, :integrity) do
|
|
@@ -26,26 +26,12 @@ module Rails
|
|
|
26
26
|
end
|
|
27
27
|
end
|
|
28
28
|
|
|
29
|
-
|
|
30
|
-
::Rails::Assets::Manifest.
|
|
29
|
+
config.to_prepare do
|
|
30
|
+
::Rails::Assets::Manifest.prepare!
|
|
31
31
|
end
|
|
32
32
|
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
def server?
|
|
36
|
-
!(console? || generator? || rake?)
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
def console?
|
|
40
|
-
defined?(Rails::Console)
|
|
41
|
-
end
|
|
42
|
-
|
|
43
|
-
def generator?
|
|
44
|
-
defined?(Rails::Generators)
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
def rake?
|
|
48
|
-
File.basename($0) == "rake"
|
|
33
|
+
config.before_eager_load do
|
|
34
|
+
::Rails::Assets::Manifest.eager_load!
|
|
49
35
|
end
|
|
50
36
|
end
|
|
51
37
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rails-assets-manifest
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jan Graichen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-09-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -103,7 +103,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
103
103
|
- !ruby/object:Gem::Version
|
|
104
104
|
version: '0'
|
|
105
105
|
requirements: []
|
|
106
|
-
rubygems_version: 3.0.
|
|
106
|
+
rubygems_version: 3.0.6
|
|
107
107
|
signing_key:
|
|
108
108
|
specification_version: 4
|
|
109
109
|
summary: Load all rails assets from an external manifest.
|