RubyGems - sidekiq - Versions diffs - 8.0.10 → 8.1.0 - Mend

sidekiq 8.0.10 → 8.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

checksums.yaml +4 -4
data/Changes.md +19 -0
data/README.md +15 -0
data/bin/lint-herb +13 -0
data/lib/sidekiq/cli.rb +1 -0
data/lib/sidekiq/config.rb +3 -4
data/lib/sidekiq/job.rb +2 -0
data/lib/sidekiq/job_retry.rb +7 -3
data/lib/sidekiq/launcher.rb +4 -4
data/lib/sidekiq/scheduled.rb +4 -2
data/lib/sidekiq/version.rb +1 -1
data/lib/sidekiq/web/action.rb +1 -1
data/lib/sidekiq/web/config.rb +3 -6
data/lib/sidekiq/web/helpers.rb +1 -1
data/lib/sidekiq/web.rb +23 -4
data/sidekiq.gemspec +5 -5
data/web/assets/stylesheets/style.css +0 -2
data/web/views/{metrics.erb → metrics.html.erb} +3 -2
metadata +34 -34
data/lib/sidekiq/web/csrf_protection.rb +0 -183
/data/web/views/{_footer.erb → _footer.html.erb} +0 -0
/data/web/views/{_job_info.erb → _job_info.html.erb} +0 -0
/data/web/views/{_metrics_period_select.erb → _metrics_period_select.html.erb} +0 -0
/data/web/views/{_nav.erb → _nav.html.erb} +0 -0
/data/web/views/{_paging.erb → _paging.html.erb} +0 -0
/data/web/views/{_poll_link.erb → _poll_link.html.erb} +0 -0
/data/web/views/{_summary.erb → _summary.html.erb} +0 -0
/data/web/views/{busy.erb → busy.html.erb} +0 -0
/data/web/views/{dashboard.erb → dashboard.html.erb} +0 -0
/data/web/views/{dead.erb → dead.html.erb} +0 -0
/data/web/views/{filtering.erb → filtering.html.erb} +0 -0
/data/web/views/{layout.erb → layout.html.erb} +0 -0
/data/web/views/{metrics_for_job.erb → metrics_for_job.html.erb} +0 -0
/data/web/views/{morgue.erb → morgue.html.erb} +0 -0
/data/web/views/{profiles.erb → profiles.html.erb} +0 -0
/data/web/views/{queue.erb → queue.html.erb} +0 -0
/data/web/views/{queues.erb → queues.html.erb} +0 -0
/data/web/views/{retries.erb → retries.html.erb} +0 -0
/data/web/views/{retry.erb → retry.html.erb} +0 -0
/data/web/views/{scheduled.erb → scheduled.html.erb} +0 -0
/data/web/views/{scheduled_job_info.erb → scheduled_job_info.html.erb} +0 -0

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a831ed9ff5c1a11b447110fa77cbccf00fc44d3e3888fd5b1baa23cce5228ee9
-  data.tar.gz: 0b11c1b102a8ff8313992201b519b87e1e9446b84c72f23369e3390f671680f6
+  metadata.gz: 63658318932ac6b7045211590b07f84ed9e1e6398f908ace790a0df20d5ac1f0
+  data.tar.gz: 0c3f5e69ada7529bdac7392acb1c56ef2a19b8ed13210be8c36aac19858c6df4
 SHA512:
-  metadata.gz: f6139796abb98a9bc67bf6498438f52e135b85ea6a360f86b45ddafd4f46d9d5567592940005d93bab5c3700430adfb5be340e08ca4a9e5cbde529d19a9c7dcc
-  data.tar.gz: '08ac62d0c45ca1a8216833ecfb07ad8f37ca3d1a1137198f0994af7cf0b107c842741a4f8b62ea8c3f59b42aa209418f65d9bcf6b57127b6ae6e09daf9509907'
+  metadata.gz: 9a5e95a2faccbbf42f8e651c4882c9495ad72b0500bb8fe77fa2a93fb4aa6f8cb96fc820621cd1910fb4b00accf35d75a99d548b3cc8ccdd41a18b5620a9ad73
+  data.tar.gz: 1bc66490ee07c548c71f680fb280e876efa7eeb8c6f234277df73211ce05c5ae29f5c9bc13064972da945568d1df6634252a6c22a7c5298bdd436b7266246c53

data/Changes.md CHANGED Viewed

@@ -2,6 +2,25 @@
 [Sidekiq Changes](https://github.com/sidekiq/sidekiq/blob/main/Changes.md) | [Sidekiq Pro Changes](https://github.com/sidekiq/sidekiq/blob/main/Pro-Changes.md) | [Sidekiq Enterprise Changes](https://github.com/sidekiq/sidekiq/blob/main/Ent-Changes.md)
+8.1.0
+----------
+- `retry_for` and `retry` are now mutually exclusive [#6878, Saidbek]
+- `perform_inline` now enforces `strict_args!` [#6718, Saidbek]
+- Integrate Herb linting for ERB templates [#6760, Saidbek]
+- Remove CSRF code, use `Sec-Fetch-Site` header [#6874, deve1212]
+- Allow custom Web UI `assets_path` for CDN purposes [#6865, stanhu]
+- Upgrade to connection_pool 3.0
+- Allow idle connection reaping after N seconds.
+You can activate this **beta** feature like below.
+Feedback requested: is this feature stable and useful for you in production?
+This feature may or may not be enabled by default in Sidekiq 9.0.
+```ruby
+Sidekiq.configure_server do |cfg|
+  cfg.reap_idle_redis_connections(60)
+end
+```
 8.0.10
 ----------

data/README.md CHANGED Viewed

@@ -97,6 +97,21 @@ Contributing
 See [the contributing guidelines](https://github.com/sidekiq/sidekiq/blob/main/.github/contributing.md).
+### ERB Linting with HERB
+This project uses [HERB](https://herb-tools.dev/) for ERB file linting and formatting. All ERB files have been renamed to use the `.html.erb` extension for better tooling support.
+**Local Development:**
+```bash
+# Run HERB linting
+bundle exec rake lint:herb
+# or
+bin/lint-herb
+```
+**CI Integration:**
+HERB linting is automatically run in CI to ensure all ERB files are properly formatted and free of parse errors.
 License
 -----------------

data/bin/lint-herb ADDED Viewed

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+# HERB Linting Script
+# Run this script to lint all ERB files in the project
+# Usage: bin/lint-herb
+require "bundler/setup"
+puts "🔍 Running HERB linting on ERB files..."
+puts
+exec("bundle exec herb analyze web/views -n --no-log-file")

data/lib/sidekiq/cli.rb CHANGED Viewed

@@ -203,6 +203,7 @@ module Sidekiq # :nodoc:
       },
       # deprecated, use INFO
       "TTIN" => ->(cli) {
+        cli.logger.error { "DEPRECATED: Please use the INFO signal for backtraces, support for TTIN will be removed in Sidekiq 9.0." }
         Thread.list.each do |thread|
           cli.logger.warn "Thread TID-#{(thread.object_id ^ ::Process.pid).to_s(36)} #{thread.name}"
           if thread.backtrace

data/lib/sidekiq/config.rb CHANGED Viewed

@@ -37,7 +37,7 @@ module Sidekiq
       reloader: proc { |&block| block.call },
       backtrace_cleaner: ->(backtrace) { backtrace },
       logged_job_attributes: ["bid", "tags"],
-      reap_connections: nil # TODO Enable by default
+      redis_idle_timeout: nil
     }
     ERROR_HANDLER = ->(ex, ctx, cfg = Sidekiq.default_configuration) {
@@ -146,10 +146,9 @@ module Sidekiq
       @redis_config = @redis_config.merge(hash)
     end
-    def reap_idle_redis_connections(timeout = nil)
-      self[:reap_connections] = timeout
+    def reap_idle_redis_connections(timeout = 60)
+      self[:redis_idle_timeout] = timeout
     end
-    alias_method :reap, :reap_idle_redis_connections
     def redis_pool
       Thread.current[:sidekiq_redis_pool] || Thread.current[:sidekiq_capsule]&.redis_pool || local_redis_pool

data/lib/sidekiq/job.rb CHANGED Viewed

@@ -226,6 +226,8 @@ module Sidekiq
         end
         return nil unless result
+        verify_json(item)
         # round-trip the payload via JSON
         msg = Sidekiq.load_json(Sidekiq.dump_json(item))

data/lib/sidekiq/job_retry.rb CHANGED Viewed

@@ -178,10 +178,14 @@ module Sidekiq
         msg["error_backtrace"] = compress_backtrace(lines)
       end
-      return retries_exhausted(jobinst, msg, exception) if count >= max_retry_attempts
+      # retry_for and retry are mutually exclusive - if retry_for is set,
+      # we exclusively use duration-based retry logic and ignore count-based logic
       rf = msg["retry_for"]
-      return retries_exhausted(jobinst, msg, exception) if rf && (time_for(msg["failed_at"]) + rf) < Time.now
+      if rf
+        return retries_exhausted(jobinst, msg, exception) if (time_for(msg["failed_at"]) + rf) < Time.now
+      elsif count >= max_retry_attempts
+        return retries_exhausted(jobinst, msg, exception)
+      end
       strategy, delay = delay_for(jobinst, count, exception, msg)
       case strategy

data/lib/sidekiq/launcher.rb CHANGED Viewed

@@ -142,10 +142,10 @@ module Sidekiq
       key = identity
       fails = procd = 0
-      idle = config[:reap_connections]
-      if idle
-        config.capsules.each_value { |cap| cap.local_redis_pool.reap(idle, &:close) }
-        config.local_redis_pool.reap(idle, &:close)
+      idle_timeout = config[:redis_idle_timeout]
+      if idle_timeout
+        config.capsules.each_value { |cap| cap.local_redis_pool.reap(idle_seconds: idle_timeout, &:close) }
+        config.local_redis_pool.reap(idle_seconds: idle_timeout, &:close)
       end
       begin

data/lib/sidekiq/scheduled.rb CHANGED Viewed

@@ -72,6 +72,7 @@ module Sidekiq
       include Sidekiq::Component
       INITIAL_WAIT = 10
+      attr_accessor :rnd
       def initialize(config)
         @config = config
@@ -80,6 +81,7 @@ module Sidekiq
         @done = false
         @thread = nil
         @count_calls = 0
+        @rnd = Random.new
       end
       # Shut down this instance, will pause until the thread is dead.
@@ -151,11 +153,11 @@ module Sidekiq
         if count < 10
           # For small clusters, calculate a random interval that is ±50% the desired average.
-          interval * rand + interval.to_f / 2
+          interval * @rnd.rand + interval.to_f / 2
         else
           # With 10+ processes, we should have enough randomness to get decent polling
           # across the entire timespan
-          interval * rand * 2
+          interval * @rnd.rand * 2
         end
       end

data/lib/sidekiq/version.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 module Sidekiq
-  VERSION = "8.0.10"
+  VERSION = "8.1.0"
   MAJOR = 8
   def self.gem_version

data/lib/sidekiq/web/action.rb CHANGED Viewed

@@ -117,7 +117,7 @@ module Sidekiq
         if content.is_a? Symbol
           unless respond_to?(:"_erb_#{content}")
             views = options[:views] || Web.views
-            filename = "#{views}/#{content}.erb"
+            filename = "#{views}/#{content}.html.erb"
             src = ERB.new(File.read(filename)).src
             # Need to use lineno less by 1 because erb generates a

data/lib/sidekiq/web/config.rb CHANGED Viewed

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
-require "sidekiq/web/csrf_protection"
 module Sidekiq
   class Web
     ##
@@ -24,10 +22,7 @@ module Sidekiq
         # and very difficult for us to vendor or provide ourselves. If you are worried
         # about data security and wish to self-host, you can change these URLs.
         profile_view_url: "https://profiler.firefox.com/public/%s",
-        profile_store_url: "https://api.profiler.firefox.com/compressed-store",
-        # TODO Will be false in Sidekiq 9.0.
-        # CSRF is unnecessary if you are using SameSite=(Strict|Lax) cookies.
-        csrf: true
+        profile_store_url: "https://api.profiler.firefox.com/compressed-store"
       }
       ##
@@ -54,11 +49,13 @@ module Sidekiq
       # Adds the "Back to App" link in the header
       attr_accessor :app_url
+      attr_accessor :assets_path
       def initialize
         @options = OPTIONS.dup
         @locales = LOCALES
         @views = VIEWS
+        @assets_path = ASSETS
         @tabs = DEFAULT_TABS.dup
         @middlewares = []
         @custom_job_info_rows = []

data/lib/sidekiq/web/helpers.rb CHANGED Viewed

@@ -329,7 +329,7 @@ module Sidekiq
     end
     def csrf_tag
-      "<input type='hidden' name='authenticity_token' value='#{env[:csrf_token]}'/>"
+      ""
     end
     def csp_nonce

data/lib/sidekiq/web.rb CHANGED Viewed

@@ -13,7 +13,7 @@ module Sidekiq
     ROOT = File.expand_path("#{File.dirname(__FILE__)}/../../web")
     VIEWS = "#{ROOT}/views"
     LOCALES = ["#{ROOT}/locales"]
-    LAYOUT = "#{VIEWS}/layout.erb"
+    LAYOUT = "#{VIEWS}/layout.html.erb"
     ASSETS = "#{ROOT}/assets"
     DEFAULT_TABS = {
@@ -42,6 +42,12 @@ module Sidekiq
         @@config.app_url = url
       end
+      def assets_path=(path)
+        @@config.assets_path = path
+      end
+      def assets_path = @@config.assets_path
       def tabs = @@config.tabs
       def locales = @@config.locales
@@ -87,13 +93,27 @@ module Sidekiq
       env[:web_config] = Sidekiq::Web.configure
       env[:csp_nonce] = SecureRandom.hex(8)
       env[:redis_pool] = self.class.redis_pool
-      app.call(env)
+      safe_request?(env) ? app.call(env) : deny(env)
     end
     def app
       @app ||= build(@@config)
     end
+    def safe_methods?(env)
+      %w[GET HEAD OPTIONS TRACE].include? env["REQUEST_METHOD"]
+    end
+    def safe_request?(env)
+      return true if safe_methods?(env)
+      env["HTTP_SEC_FETCH_SITE"] == "same-origin"
+    end
+    def deny(env)
+      Sidekiq.logger.warn "attack prevented by #{self.class}"
+      [403, {Rack::CONTENT_TYPE => "text/plain"}, ["Forbidden"]]
+    end
     private
     def build(cfg)
@@ -105,11 +125,10 @@ module Sidekiq
       ::Rack::Builder.new do
         use Rack::Static, urls: ["/stylesheets", "/images", "/javascripts"],
-          root: ASSETS,
+          root: cfg.assets_path,
           cascade: true,
           header_rules: rules
         m.each { |middleware, block| use(*middleware, &block) }
-        use CsrfProtection if cfg[:csrf]
         run Sidekiq::Web::Application.new(self.class)
       end
     end

data/sidekiq.gemspec CHANGED Viewed

@@ -23,9 +23,9 @@ Gem::Specification.new do |gem|
     "rubygems_mfa_required" => "true"
   }
-  gem.add_dependency "redis-client", ">= 0.23.2"
-  gem.add_dependency "connection_pool", ">= 2.5.0"
-  gem.add_dependency "rack", ">= 3.1.0"
-  gem.add_dependency "json", ">= 2.9.0"
-  gem.add_dependency "logger", ">= 1.6.2"
+  gem.add_dependency "redis-client", ">= 0.26.0"
+  gem.add_dependency "connection_pool", ">= 3.0.0"
+  gem.add_dependency "rack", ">= 3.2.0"
+  gem.add_dependency "json", ">= 2.16.0"
+  gem.add_dependency "logger", ">= 1.7.0"
 end

data/web/assets/stylesheets/style.css CHANGED Viewed

@@ -448,9 +448,7 @@ canvas + .table_container {
 }
 .buttons-row {
-  margin-top: var(--space-3x);
   display: flex;
-  flex-wrap: wrap;
   gap: 8px;
 }

data/web/views/{metrics.erb → metrics.html.erb} RENAMED Viewed

@@ -58,8 +58,9 @@
                     id="<%= id %>"
                     class="metrics-swatch"
                     value="<%= kls %>"
-                    <%= visible_kls.include?(kls) ? 'checked' : '' %>
-                  >
+                    <% if visible_kls.include?(kls) %>
+                    checked
+                    <% end %>>
                   <code><a href="<%= root_path %>metrics/<%= kls %>?period=<%= @period %>"><%= kls %></a></code>
                 </div>
               </td>

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sidekiq
 version: !ruby/object:Gem::Version
-  version: 8.0.10
+  version: 8.1.0
 platform: ruby
 authors:
 - Mike Perham
@@ -15,70 +15,70 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.23.2
+        version: 0.26.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.23.2
+        version: 0.26.0
 - !ruby/object:Gem::Dependency
   name: connection_pool
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.5.0
+        version: 3.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.5.0
+        version: 3.0.0
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.1.0
+        version: 3.2.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.1.0
+        version: 3.2.0
 - !ruby/object:Gem::Dependency
   name: json
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.9.0
+        version: 2.16.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.9.0
+        version: 2.16.0
 - !ruby/object:Gem::Dependency
   name: logger
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.2
+        version: 1.7.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.2
+        version: 1.7.0
 description: Simple, efficient background processing for Ruby.
 email:
 - info@contribsys.com
@@ -91,6 +91,7 @@ files:
 - Changes.md
 - LICENSE.txt
 - README.md
+- bin/lint-herb
 - bin/multi_queue_bench
 - bin/sidekiq
 - bin/sidekiqload
@@ -151,7 +152,6 @@ files:
 - lib/sidekiq/web/action.rb
 - lib/sidekiq/web/application.rb
 - lib/sidekiq/web/config.rb
-- lib/sidekiq/web/csrf_protection.rb
 - lib/sidekiq/web/helpers.rb
 - lib/sidekiq/web/router.rb
 - lib/sidekiq/worker_compatibility_alias.rb
@@ -199,28 +199,28 @@ files:
 - web/locales/vi.yml
 - web/locales/zh-CN.yml
 - web/locales/zh-TW.yml
-- web/views/_footer.erb
-- web/views/_job_info.erb
-- web/views/_metrics_period_select.erb
-- web/views/_nav.erb
-- web/views/_paging.erb
-- web/views/_poll_link.erb
-- web/views/_summary.erb
-- web/views/busy.erb
-- web/views/dashboard.erb
-- web/views/dead.erb
-- web/views/filtering.erb
-- web/views/layout.erb
-- web/views/metrics.erb
-- web/views/metrics_for_job.erb
-- web/views/morgue.erb
-- web/views/profiles.erb
-- web/views/queue.erb
-- web/views/queues.erb
-- web/views/retries.erb
-- web/views/retry.erb
-- web/views/scheduled.erb
-- web/views/scheduled_job_info.erb
+- web/views/_footer.html.erb
+- web/views/_job_info.html.erb
+- web/views/_metrics_period_select.html.erb
+- web/views/_nav.html.erb
+- web/views/_paging.html.erb
+- web/views/_poll_link.html.erb
+- web/views/_summary.html.erb
+- web/views/busy.html.erb
+- web/views/dashboard.html.erb
+- web/views/dead.html.erb
+- web/views/filtering.html.erb
+- web/views/layout.html.erb
+- web/views/metrics.html.erb
+- web/views/metrics_for_job.html.erb
+- web/views/morgue.html.erb
+- web/views/profiles.html.erb
+- web/views/queue.html.erb
+- web/views/queues.html.erb
+- web/views/retries.html.erb
+- web/views/retry.html.erb
+- web/views/scheduled.html.erb
+- web/views/scheduled_job_info.html.erb
 homepage: https://sidekiq.org
 licenses:
 - LGPL-3.0

data/lib/sidekiq/web/csrf_protection.rb DELETED Viewed

@@ -1,183 +0,0 @@
-# frozen_string_literal: true
-# this file originally based on authenticity_token.rb from the sinatra/rack-protection project
-#
-# The MIT License (MIT)
-#
-# Copyright (c) 2011-2017 Konstantin Haase
-# Copyright (c) 2015-2017 Zachary Scott
-#
-# Permission is hereby granted, free of charge, to any person obtaining
-# a copy of this software and associated documentation files (the
-# 'Software'), to deal in the Software without restriction, including
-# without limitation the rights to use, copy, modify, merge, publish,
-# distribute, sublicense, and/or sell copies of the Software, and to
-# permit persons to whom the Software is furnished to do so, subject to
-# the following conditions:
-#
-# The above copyright notice and this permission notice shall be
-# included in all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
-# CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
-# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
-# SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-require "securerandom"
-require "rack/request"
-module Sidekiq
-  class Web
-    class CsrfProtection
-      def initialize(app, options = nil)
-        @app = app
-      end
-      def call(env)
-        accept?(env) ? admit(env) : deny(env)
-      end
-      private
-      def admit(env)
-        # On each successful request, we create a fresh masked token
-        # which will be used in any forms rendered for this request.
-        s = session(env)
-        s[:csrf] ||= SecureRandom.base64(TOKEN_LENGTH)
-        env[:csrf_token] = mask_token(s[:csrf])
-        @app.call(env)
-      end
-      def safe?(env)
-        %w[GET HEAD OPTIONS TRACE].include? env["REQUEST_METHOD"]
-      end
-      def logger(env)
-        @logger ||= env["rack.logger"] || ::Logger.new(env["rack.errors"])
-      end
-      def deny(env)
-        logger(env).warn "attack prevented by #{self.class}"
-        [403, {Rack::CONTENT_TYPE => "text/plain"}, ["Forbidden"]]
-      end
-      def session(env)
-        env["rack.session"] || fail(<<~EOM)
-          Sidekiq::Web needs a valid Rack session for CSRF protection. If this is a Rails app,
-          make sure you mount Sidekiq::Web *inside* your application routes:
-          Rails.application.routes.draw do
-            mount Sidekiq::Web => "/sidekiq"
-            ....
-          end
-          If this is a Rails app in API mode, you need to enable sessions.
-            https://guides.rubyonrails.org/api_app.html#using-session-middlewares
-          If this is a bare Rack app, use a session middleware before Sidekiq::Web:
-            # first, use IRB to create a shared secret key for sessions and commit it
-            require 'securerandom'; File.open(".session.key", "w") {|f| f.write(SecureRandom.hex(32)) }
-            # now use the secret with a session cookie middleware
-            use Rack::Session::Cookie, secret: File.read(".session.key"), same_site: true, max_age: 86400
-            run Sidekiq::Web
-        EOM
-      end
-      def accept?(env)
-        return true if safe?(env)
-        giventoken = ::Rack::Request.new(env).params["authenticity_token"]
-        valid_token?(env, giventoken)
-      end
-      TOKEN_LENGTH = 32
-      # Checks that the token given to us as a parameter matches
-      # the token stored in the session.
-      def valid_token?(env, giventoken)
-        return false if giventoken.nil? || giventoken.empty?
-        begin
-          token = decode_token(giventoken)
-        rescue ArgumentError # client input is invalid
-          return false
-        end
-        sess = session(env)
-        localtoken = sess[:csrf]
-        # Checks that Rack::Session::Cookie actually contains the csrf token
-        return false if localtoken.nil?
-        # Rotate the session token after every use
-        sess[:csrf] = SecureRandom.base64(TOKEN_LENGTH)
-        # See if it's actually a masked token or not. We should be able
-        # to handle any unmasked tokens that we've issued without error.
-        if unmasked_token?(token)
-          compare_with_real_token token, localtoken
-        elsif masked_token?(token)
-          unmasked = unmask_token(token)
-          compare_with_real_token unmasked, localtoken
-        else
-          false # Token is malformed
-        end
-      end
-      # Creates a masked version of the authenticity token that varies
-      # on each request. The masking is used to mitigate SSL attacks
-      # like BREACH.
-      def mask_token(token)
-        token = decode_token(token)
-        one_time_pad = SecureRandom.random_bytes(token.length)
-        encrypted_token = xor_byte_strings(one_time_pad, token)
-        masked_token = one_time_pad + encrypted_token
-        encode_token(masked_token)
-      end
-      # Essentially the inverse of +mask_token+.
-      def unmask_token(masked_token)
-        # Split the token into the one-time pad and the encrypted
-        # value and decrypt it
-        token_length = masked_token.length / 2
-        one_time_pad = masked_token[0...token_length]
-        encrypted_token = masked_token[token_length..]
-        xor_byte_strings(one_time_pad, encrypted_token)
-      end
-      def unmasked_token?(token)
-        token.length == TOKEN_LENGTH
-      end
-      def masked_token?(token)
-        token.length == TOKEN_LENGTH * 2
-      end
-      def compare_with_real_token(token, local)
-        ::Rack::Utils.secure_compare(token.to_s, decode_token(local).to_s)
-      end
-      def encode_token(token)
-        [token].pack("m0").tr("+/", "-_")
-      end
-      def decode_token(token)
-        token.tr("-_", "+/").unpack1("m0")
-      end
-      def xor_byte_strings(s1, s2)
-        s1.bytes.zip(s2.bytes).map { |(c1, c2)| c1 ^ c2 }.pack("c*")
-      end
-    end
-  end
-end