rails-assets-manifest 2.0.1 → 2.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b3b37255b188591ca005e9421faf46d08a6906e5d13d7b6d2bc27cc278dde8ea
4
- data.tar.gz: 1d3faec5a30ce6c2cbe41b7c543b9e1b3fd9162320c2a8babf08533b4aebec41
3
+ metadata.gz: 803f622685cadb160b0cf327865bf93587e178a4ffffead1f8605f9934cd6416
4
+ data.tar.gz: 5e41faf3bfb89d88005c3667d916ace976a4800c1b8336d1763e24b554b5dcd6
5
5
  SHA512:
6
- metadata.gz: f2dce0a879ba0931ed9ff2544ebabae420780a3f6c25bc9617f36c833758d4408f4c2ef388ed5bf59974a225d6cdfa2a578d217f5c552f9b0abfc0242de381c1
7
- data.tar.gz: b29d086dcf4a9c93f5892ae204ac1f0ad8a51cd24d918fdcecc56f02cc87de8b99cdeccce4eb2111de563d923aa4059ed8f294a2f1c00c71f066d3cb313de15b
6
+ metadata.gz: dd37845719179bf39ec81db748348b6d761a7877d1a0e3ddc20eb74115f45f6c0992c014a3be9087b3cdc432ce91faf87f2fcacc0bcdc2bd4a3c6dacc1da64ef
7
+ data.tar.gz: 5741fd20f61a7bde1f5acd7db3aa440a9613e125edc24b088e52a9ad3e6e1dec3d01c32c754a8120aadad66f2fb1195e58748642b6e4bfae8d1c169ddd7ae128
@@ -17,6 +17,17 @@ This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a Ch
17
17
  ### Breaks
18
18
 
19
19
 
20
+ ## 2.1.0 - (2019-09-11)
21
+ ---
22
+
23
+ ### New
24
+ * Automatically add `crossorigin="anonymous"` for SRI resources
25
+ * Separate manifest caching and eager loading
26
+
27
+ ### Changes
28
+ * Remove defunct onboot manifest validation (f3fe8f57)
29
+
30
+
20
31
  ## 2.0.1 - (2019-08-09)
21
32
  ---
22
33
 
@@ -33,7 +44,6 @@ This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a Ch
33
44
 
34
45
  ### Breaks
35
46
  * Change `manifest` configuration option into `manifests` to support multiple files
36
- * Change configuration option into to support multiple files
37
47
 
38
48
 
39
49
  ## 1.1.0 - (2019-08-08)
data/README.md CHANGED
@@ -17,7 +17,7 @@ This gem does not make any assumption on which tool to use to make your assets n
17
17
  }
18
18
  ```
19
19
 
20
- This gem does not add new helper methods but extends the existing helpers. SRI is automatically added if available and within a secure context:
20
+ This gem does not add new helper methods but extends the existing helpers. SRI is automatically added if available and within a secure context. A `crossorigin="anonymous"` attribute is automatically added if non is present.
21
21
 
22
22
  ```slim
23
23
  html
@@ -27,8 +27,8 @@ html
27
27
  ```
28
28
 
29
29
  ```html
30
- <link rel="stylesheet" media="all" href="2b16adf6f756625a0194.css" integrity="sha384-/oreyvcV6U6htGZD0fDWR8/Txezke8KhD0QNgHb660hSaW7M+ZzxxuB4Vo+PuAC9">
31
- <script src="2b16adf6f756625a0194.js" integrity="sha384-iJ55fQQApbQGxWEWSbWStBabi+yNGxZSQy/010+1Dhxl+rymyhGF4NtjUkOsYv7B"></script>
30
+ <link rel="stylesheet" media="all" href="2b16adf6f756625a0194.css" integrity="sha384-/oreyvcV6U6htGZD0fDWR8/Txezke8KhD0QNgHb660hSaW7M+ZzxxuB4Vo+PuAC9" crossorigin="anonymous">
31
+ <script src="2b16adf6f756625a0194.js" integrity="sha384-iJ55fQQApbQGxWEWSbWStBabi+yNGxZSQy/010+1Dhxl+rymyhGF4NtjUkOsYv7B" crossorigin="anonymous"></script>
32
32
  ```
33
33
 
34
34
  ## Installation
@@ -47,7 +47,7 @@ The manifest path can be configured e.g. in an environment:
47
47
  config.assets.manifests = %w(public/.asset-manifest.json)
48
48
  ```
49
49
 
50
- If `config.cache_classes` is set to `true` the manifest file be loaded once on boot and raise errors if missing or invalid.
50
+ If `config.cache_classes` is set to `true` the manifest file be loaded once on boot.
51
51
 
52
52
  Assets included with `integrity: true` will raise an error if the integrity option is missing in the manifest.
53
53
 
@@ -20,8 +20,10 @@ module Rails
20
20
  class << self
21
21
  delegate :lookup, :lookup!, to: :instance
22
22
 
23
- def instance
24
- @instance ||= begin
23
+ attr_reader :instance
24
+
25
+ def prepare!
26
+ @instance = begin
25
27
  config = Rails.application.config
26
28
 
27
29
  Manifest.new \
@@ -30,6 +32,11 @@ module Rails
30
32
  end
31
33
  end
32
34
 
35
+ def eager_load!
36
+ return unless @instance
37
+ @instance.eager_load!
38
+ end
39
+
33
40
  def passthrough?
34
41
  Rails.application.config.assets.passthrough
35
42
  end
@@ -17,7 +17,7 @@ module Rails::Assets::Manifest
17
17
  end
18
18
 
19
19
  def javascript_include_tag(*sources, integrity: nil, **kwargs)
20
- return super(*sources, **kwargs) unless compute_integrity?(integrity)
20
+ return super(*sources, **kwargs) unless manifest_use_integrity?(integrity)
21
21
 
22
22
  with_integrity(sources, integrity, :javascript, **kwargs) do |source, options|
23
23
  super(source, options)
@@ -25,7 +25,7 @@ module Rails::Assets::Manifest
25
25
  end
26
26
 
27
27
  def stylesheet_link_tag(*sources, integrity: nil, **kwargs)
28
- return super(*sources, **kwargs) unless compute_integrity?(integrity)
28
+ return super(*sources, **kwargs) unless manifest_use_integrity?(integrity)
29
29
 
30
30
  with_integrity(sources, integrity, :stylesheet, **kwargs) do |source, options|
31
31
  super(source, options)
@@ -34,19 +34,24 @@ module Rails::Assets::Manifest
34
34
 
35
35
  private
36
36
 
37
- def compute_integrity?(option)
38
- return false unless secure_subresource_integrity_context?
37
+ def manifest_use_integrity?(option)
38
+ return false unless secure_request_context?
39
39
 
40
40
  option || option.nil?
41
41
  end
42
42
 
43
+ # http://www.w3.org/TR/SRI/#non-secure-contexts-remain-non-secure
44
+ def secure_request_context?
45
+ respond_to?(:request) && self.request && (self.request.local? || self.request.ssl?)
46
+ end
47
+
43
48
  def with_integrity(sources, required, type, **kwargs)
44
49
  sources.map do |source|
45
50
  path = path_with_extname(source, type: type, **kwargs)
46
51
 
47
52
  # integrity hash passed directly
48
53
  if required.is_a?(String)
49
- next yield(source, integrity: required, **kwargs)
54
+ next yield(source, integrity: required, crossorigin: 'anonymous', **kwargs)
50
55
 
51
56
  # Explicit passed `true` option
52
57
  elsif required
@@ -56,7 +61,7 @@ module Rails::Assets::Manifest
56
61
  raise IntegrityMissing.new "SRI missing for #{path}"
57
62
  end
58
63
 
59
- next yield(source, integrity: integrity, **kwargs)
64
+ next yield(source, integrity: integrity, crossorigin: 'anonymous', **kwargs)
60
65
 
61
66
  # No integrity option passed or `nil` default from above
62
67
  elsif required.nil?
@@ -65,7 +70,7 @@ module Rails::Assets::Manifest
65
70
  # Only if it is an asset from our manifest and there is an integrity
66
71
  # we default to adding one
67
72
  if(entry && entry.integrity)
68
- next yield(source, integrity: entry.integrity, **kwargs)
73
+ next yield(source, integrity: entry.integrity, crossorigin: 'anonymous', **kwargs)
69
74
  end
70
75
  end
71
76
 
@@ -73,10 +78,6 @@ module Rails::Assets::Manifest
73
78
  end.join.html_safe
74
79
  end
75
80
 
76
- def secure_subresource_integrity_context?
77
- respond_to?(:request) && (request&.local? || request&.ssl?)
78
- end
79
-
80
81
  def path_with_extname(path, options)
81
82
  path = path.to_s
82
83
  "#{path}#{compute_asset_extname(path, options)}"
@@ -7,8 +7,6 @@ module Rails::Assets::Manifest
7
7
  def initialize(files:, cache: true)
8
8
  @files = Array(files).flatten.each(&:freeze).freeze
9
9
  @cache = cache
10
-
11
- data if cache?
12
10
  end
13
11
 
14
12
  def cache?
@@ -32,6 +30,10 @@ module Rails::Assets::Manifest
32
30
  data.key?(name.to_s)
33
31
  end
34
32
 
33
+ def eager_load!
34
+ data
35
+ end
36
+
35
37
  private
36
38
 
37
39
  Entry = Struct.new(:src, :integrity) do
@@ -26,26 +26,12 @@ module Rails
26
26
  end
27
27
  end
28
28
 
29
- initializer 'rails-assets-manifest' do |app|
30
- ::Rails::Assets::Manifest.instance if server?
29
+ config.to_prepare do
30
+ ::Rails::Assets::Manifest.prepare!
31
31
  end
32
32
 
33
- private
34
-
35
- def server?
36
- !(console? || generator? || rake?)
37
- end
38
-
39
- def console?
40
- defined?(Rails::Console)
41
- end
42
-
43
- def generator?
44
- defined?(Rails::Generators)
45
- end
46
-
47
- def rake?
48
- File.basename($0) == "rake"
33
+ config.before_eager_load do
34
+ ::Rails::Assets::Manifest.eager_load!
49
35
  end
50
36
  end
51
37
  end
@@ -5,8 +5,8 @@ module Rails
5
5
  module Manifest
6
6
  module VERSION
7
7
  MAJOR = 2
8
- MINOR = 0
9
- PATCH = 1
8
+ MINOR = 1
9
+ PATCH = 0
10
10
  STAGE = nil
11
11
 
12
12
  STRING = [MAJOR, MINOR, PATCH, STAGE].reject(&:nil?).join('.')
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails-assets-manifest
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.1
4
+ version: 2.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jan Graichen
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-08-09 00:00:00.000000000 Z
11
+ date: 2019-09-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -103,7 +103,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
103
103
  - !ruby/object:Gem::Version
104
104
  version: '0'
105
105
  requirements: []
106
- rubygems_version: 3.0.3
106
+ rubygems_version: 3.0.6
107
107
  signing_key:
108
108
  specification_version: 4
109
109
  summary: Load all rails assets from an external manifest.