static-rails 0.0.10 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7c20abb5a4b37f323a10e55d18ad7a65d0cb4219bf77bf1a9869d2ed0ab8f446
-  data.tar.gz: 3ca5e505c0b05eb36846153d0cb6b05947f3359eb1a92c6cfb477d99fc368484
+  metadata.gz: 8846ca971b36ed95a7ba06212eef226adb0fbdacf9d9aa15762b187e6aec03f9
+  data.tar.gz: ddb2e471f12f203ce116caf877146e233747a914c7e1a658bc2e9aa3aff7532a
 SHA512:
-  metadata.gz: eb489b95dfc77757c3e72e3612c7d5fa021393684b230de937355e230778d371468922e1d5277d3d0ef819b106d5ab07db09dc7284b9a6eefe1098baec9dc58e
-  data.tar.gz: cbba26724c30fcfec192893973d5ec83de0d50ab719b05c842e457d504319d4658b65688f154566091e8a3bd50c27e8cc7df5bd5ac1645e73b67a821e866150a
+  metadata.gz: c4f83928251c9b853b9085a9568d7f3209aa2f6b3b604ffd042e09970d18f2f45b896c08bfd2010abe6f25cc5b66306e85b00aa7048c49112ebe3133abea0eee
+  data.tar.gz: 3da16f4970943c2899d1c2ce908b3602fccf5f0076dee19e7b2bf082685d6d09085930a4d46b066ff74b8d89e81ef799ac4786f147ca602b17af313745a26e2b

data/.circleci/config.yml

@@ -13,31 +13,17 @@ jobs:
       # One of the apps needs hugo
       - run: sudo apt-get update && sudo apt-get install -y --no-install-recommends hugo
 
+      # Make sure we use the right Bundler
+      - run: gem install bundler --version `tail -1 Gemfile.lock`
+
       # Bundle install dependencies
       - type: cache-restore
         key: v1-main-{{ checksum "Gemfile.lock" }}
 
-      - run: gem install bundler --version `tail -1 Gemfile.lock`
-      - run: bundle install --path vendor/bundle
-
-      - type: cache-save
-        key: v1-main-{{ checksum "Gemfile.lock" }}
-        paths:
-          - vendor/bundle
-
       # Bundle install dependencies for example app
       - type: cache-restore
         key: v1-example-{{ checksum "example/Gemfile.lock" }}
 
-      - run: |
-          cd example
-          bundle install --path vendor/bundle
-
-      - type: cache-save
-        key: v1-example-{{ checksum "example/Gemfile.lock" }}
-        paths:
-          - example/vendor/bundle
-
       # Yarn dependencies
       - restore_cache:
           keys:
@@ -45,29 +31,10 @@ jobs:
             # fallback to using the latest cache if no exact match is found
             - v2-yarn-
 
-      - run: |
-          cd example
-          yarn install
-
-      - save_cache:
-          paths:
-            - example/node_modules
-            - ~/.cache
-          key: v2-yarn-{{ checksum "example/yarn.lock" }}
-
       # Bundle install dependencies for jekyll app
       - type: cache-restore
         key: v1-jekyll-{{ checksum "example/static/docs/Gemfile.lock" }}
 
-      - run: |
-          cd example/static/docs
-          bundle install --path vendor/bundle
-
-      - type: cache-save
-        key: v1-jekyll-{{ checksum "example/static/docs/Gemfile.lock" }}
-        paths:
-          - example/static/docs/vendor/bundle
-
       # Npm install for Eleventy app
       - restore_cache:
           keys:
@@ -75,16 +42,32 @@ jobs:
             # fallback to using the latest cache if no exact match is found
             - v1-eleventy-
 
-      - run: |
-          cd example/static/blog-docs
-          npm install
+      - run: ./script/setup
+
+      - type: cache-save
+        key: v1-main-{{ checksum "Gemfile.lock" }}
+        paths:
+          - vendor/bundle
+
+      - type: cache-save
+        key: v1-example-{{ checksum "example/Gemfile.lock" }}
+        paths:
+          - example/vendor/bundle
+
+      - save_cache:
+          paths:
+            - example/node_modules
+            - ~/.cache
+          key: v2-yarn-{{ checksum "example/yarn.lock" }}
+
+      - type: cache-save
+        key: v1-jekyll-{{ checksum "example/static/docs/Gemfile.lock" }}
+        paths:
+          - example/static/docs/vendor/bundle
 
       - save_cache:
           paths:
             - example/static/blog-docs/node_modules
           key: v1-eleventy-{{ checksum "example/static/blog-docs/package-lock.json" }}
 
-      - run: bundle exec rake standard:fix
-      - run: |
-          cd example
-          ./script/test
+      - run: ./script/test

data/.gitignore

@@ -6,3 +6,5 @@
 /pkg/
 /spec/reports/
 /tmp/
+/vendor/bundle
+/example/vendor/bundle

data/.standard.yml

@@ -1,3 +1,4 @@
+ruby_version: 2.5
 ignore:
   - example/**/*
   - node_modules/**/*

data/CHANGELOG.md

@@ -1,3 +1,32 @@
+## 0.1.0
+
+* Add support for Rails 6.1 when CSRF is enabled
+* Increase required Ruby to 2.5
+
+## 0.0.14
+
+* HTML & XML won't be cached by default in production
+  [#20](https://github.com/testdouble/static-rails/pull/20)
+
+## 0.0.13
+
+* 404 pages served in production via a site's `compile_404_file_path` setting
+  will now also send the HTTP status code of 404 instead of 200
+
+## 0.0.12
+
+* Fix an issue in which enabling force_ssl would result in redirects to the
+  obfuscated `/_static_rails/` path. Resolved this by placing the static-rails
+  middleware after `ActionDispatch::SSL`. Note that this will break if you
+  remove `Rack::SendFile` from your app's middleware stack
+
+## 0.0.11
+
+* Inline the `ActionDispatch::FileHandler` from Rails master so that we can
+  target a single stable version of its API and control what MIME types it
+  considers to be compressible (bonus is that it effectively backports brotli
+  compression to pre-6.1 rails apps)
+
 ## 0.0.10
 
 * Change default `cache-control` header for static assets being served from disk

data/Gemfile.lock

@@ -1,51 +1,53 @@
 PATH
   remote: .
   specs:
-    static-rails (0.0.10)
+    static-rails (0.1.0)
       rack-proxy (~> 0.6)
       railties (>= 5.0.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (6.0.3.1)
-      actionview (= 6.0.3.1)
-      activesupport (= 6.0.3.1)
-      rack (~> 2.0, >= 2.0.8)
+    actionpack (6.1.3.2)
+      actionview (= 6.1.3.2)
+      activesupport (= 6.1.3.2)
+      rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (6.0.3.1)
-      activesupport (= 6.0.3.1)
+    actionview (6.1.3.2)
+      activesupport (= 6.1.3.2)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activesupport (6.0.3.1)
+    activesupport (6.1.3.2)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-      zeitwerk (~> 2.2, >= 2.2.2)
-    ast (2.4.0)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
+    ast (2.4.2)
     builder (3.2.4)
-    concurrent-ruby (1.1.6)
+    concurrent-ruby (1.1.8)
     crass (1.0.6)
-    erubi (1.9.0)
-    i18n (1.8.3)
+    erubi (1.10.0)
+    i18n (1.8.10)
       concurrent-ruby (~> 1.0)
-    loofah (2.5.0)
+    loofah (2.9.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     method_source (1.0.0)
-    mini_portile2 (2.4.0)
-    minitest (5.14.1)
-    nokogiri (1.10.9)
-      mini_portile2 (~> 2.4.0)
-    parallel (1.19.1)
-    parser (2.7.1.3)
-      ast (~> 2.4.0)
-    rack (2.2.2)
+    mini_portile2 (2.5.1)
+    minitest (5.14.4)
+    nokogiri (1.11.3)
+      mini_portile2 (~> 2.5.0)
+      racc (~> 1.4)
+    parallel (1.20.1)
+    parser (3.0.1.1)
+      ast (~> 2.4.1)
+    racc (1.5.2)
+    rack (2.2.3)
     rack-proxy (0.6.5)
       rack
     rack-test (1.1.0)
@@ -55,39 +57,39 @@ GEM
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.3.0)
       loofah (~> 2.3)
-    railties (6.0.3.1)
-      actionpack (= 6.0.3.1)
-      activesupport (= 6.0.3.1)
+    railties (6.1.3.2)
+      actionpack (= 6.1.3.2)
+      activesupport (= 6.1.3.2)
       method_source
       rake (>= 0.8.7)
-      thor (>= 0.20.3, < 2.0)
+      thor (~> 1.0)
     rainbow (3.0.0)
-    rake (13.0.1)
-    regexp_parser (1.7.1)
-    rexml (3.2.4)
-    rubocop (0.85.1)
+    rake (13.0.3)
+    regexp_parser (2.1.1)
+    rexml (3.2.5)
+    rubocop (1.14.0)
       parallel (~> 1.10)
-      parser (>= 2.7.0.1)
+      parser (>= 3.0.0.0)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.7)
+      regexp_parser (>= 1.8, < 3.0)
       rexml
-      rubocop-ast (>= 0.0.3)
+      rubocop-ast (>= 1.5.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-ast (0.0.3)
-      parser (>= 2.7.0.1)
-    rubocop-performance (1.6.1)
-      rubocop (>= 0.71.0)
-    ruby-progressbar (1.10.1)
-    standard (0.4.7)
-      rubocop (~> 0.85.0)
-      rubocop-performance (~> 1.6.0)
-    thor (1.0.1)
-    thread_safe (0.3.6)
-    tzinfo (1.2.7)
-      thread_safe (~> 0.1)
-    unicode-display_width (1.7.0)
-    zeitwerk (2.3.0)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.5.0)
+      parser (>= 3.0.1.1)
+    rubocop-performance (1.11.2)
+      rubocop (>= 1.7.0, < 2.0)
+      rubocop-ast (>= 0.4.0)
+    ruby-progressbar (1.11.0)
+    standard (1.1.1)
+      rubocop (= 1.14.0)
+      rubocop-performance (= 1.11.2)
+    thor (1.1.0)
+    tzinfo (2.0.4)
+      concurrent-ruby (~> 1.0)
+    unicode-display_width (2.0.0)
+    zeitwerk (2.4.2)
 
 PLATFORMS
   ruby
@@ -99,4 +101,4 @@ DEPENDENCIES
   static-rails!
 
 BUNDLED WITH
-   2.1.4
+   2.2.15

data/lib/generators/templates/static.rb

@@ -34,14 +34,14 @@ StaticRails.config do |config|
     #   url_root_path: "/",
     #
     #   # Don't serve/redirect routes whose paths start with these strings
-    #   url_skip_paths_starting_with: ["/api"]
+    #   url_skip_paths_starting_with: ["/api"],
     #
     #   # Whether to run the local development/test server or not
     #   start_server: !Rails.env.production?,
     #
     #   # If start_server is true, wait to proxy requests to the server until it
     #   #   can connect to server_host over TCP on server_port
-    #   ping_server: true
+    #   ping_server: true,
     #
     #   # Any environment variables you need to pass to the server & compile
     #   #   commands as a hash (e.g. `env: {"BUNDLE_PATH" => "vendor/bundle"}`)
@@ -65,7 +65,7 @@ StaticRails.config do |config|
     #   compile_command: "hugo",
     #
     #   # The destination of production-compiled assets, relative to Rails root
-    #   compile_dir: "static/blog/dist"
+    #   compile_dir: "static/blog/dist",
     #
     #   # A 404 page to be sent when serving compiled assets and no file matches
     #   compile_404_file_path: "404.html"

data/lib/static-rails/configuration.rb

@@ -36,7 +36,7 @@ module StaticRails
     attr_reader :sites
     def sites=(sites)
       @sites = Array.wrap(sites).map { |site|
-        Site.new(site)
+        Site.new(**site)
       }
     end
   end

data/lib/static-rails/file_handler.rb

@@ -0,0 +1,172 @@
+module StaticRails
+  # This class was extracted from Ruby on Rails:
+  #
+  #   - actionpack/lib/action_dispatch/middleware/static.rb
+  #
+  # Copyright (c) 2005-2020 David Heinemeier Hansson, Ryan Edward Hall, Jeremy Daer
+  #
+  # License here: https://github.com/rails/rails/blob/master/MIT-LICENSE
+  #
+  # This endpoint serves static files from disk using Rack::File.
+  #
+  # URL paths are matched with static files according to expected
+  # conventions: +path+, +path+.html, +path+/index.html.
+  #
+  # Precompressed versions of these files are checked first. Brotli (.br)
+  # and gzip (.gz) files are supported. If +path+.br exists, this
+  # endpoint returns that file with a +Content-Encoding: br+ header.
+  #
+  # If no matching file is found, this endpoint responds 404 Not Found.
+  #
+  # Pass the +root+ directory to search for matching files, an optional
+  # +index: "index"+ to change the default +path+/index.html, and optional
+  # additional response headers.
+  class FileHandler
+    # Accept-Encoding value -> file extension
+    PRECOMPRESSED = {
+      "br" => ".br",
+      "gzip" => ".gz",
+      "identity" => nil
+    }
+
+    def initialize(root, index: "index", headers: {}, precompressed: %i[br gzip], compressible_content_types: /\A(?:text\/|application\/javascript)/)
+      @root = root.chomp("/").b
+      @index = index
+
+      @precompressed = Array(precompressed).map(&:to_s) | %w[identity]
+      @compressible_content_types = compressible_content_types
+
+      @file_server = ::Rack::File.new(@root, headers)
+    end
+
+    def call(env)
+      attempt(env) || @file_server.call(env)
+    end
+
+    def attempt(env)
+      request = Rack::Request.new env
+
+      if request.get? || request.head?
+        if (found = find_file(request.path_info, accept_encoding: request.accept_encoding))
+          serve request, *found
+        end
+      end
+    end
+
+    def serve(request, filepath, content_headers)
+      original, request.path_info = request.path_info, ::Rack::Utils.escape_path(filepath).b
+
+      @file_server.call(request.env).tap do |status, headers, body|
+        # Omit Content-Encoding/Type/etc headers for 304 Not Modified
+        if status != 304
+          headers.update(content_headers)
+        end
+      end
+    ensure
+      request.path_info = original
+    end
+
+    # Match a URI path to a static file to be served.
+    #
+    # Used by the +Static+ class to negotiate a servable file in the
+    # +public/+ directory (see Static#call).
+    #
+    # Checks for +path+, +path+.html, and +path+/index.html files,
+    # in that order, including .br and .gzip compressed extensions.
+    #
+    # If a matching file is found, the path and necessary response headers
+    # (Content-Type, Content-Encoding) are returned.
+    def find_file(path_info, accept_encoding:)
+      each_candidate_filepath(path_info) do |filepath, content_type|
+        if (response = try_files(filepath, content_type, accept_encoding: accept_encoding))
+          return response
+        end
+      end
+    end
+
+    private
+
+    def try_files(filepath, content_type, accept_encoding:)
+      headers = {"Content-Type" => content_type}
+
+      if compressible? content_type
+        try_precompressed_files filepath, headers, accept_encoding: accept_encoding
+      elsif file_readable? filepath
+        [filepath, headers]
+      end
+    end
+
+    def try_precompressed_files(filepath, headers, accept_encoding:)
+      each_precompressed_filepath(filepath) do |content_encoding, precompressed_filepath|
+        if file_readable? precompressed_filepath
+          # Identity encoding is default, so we skip Accept-Encoding
+          # negotiation and needn't set Content-Encoding.
+          #
+          # Vary header is expected when we've found other available
+          # encodings that Accept-Encoding ruled out.
+          if content_encoding == "identity"
+            return precompressed_filepath, headers
+          else
+            headers["Vary"] = "Accept-Encoding"
+
+            if accept_encoding.any? { |enc, _| /\b#{content_encoding}\b/i.match?(enc) }
+              headers["Content-Encoding"] = content_encoding
+              return precompressed_filepath, headers
+            end
+          end
+        end
+      end
+    end
+
+    def file_readable?(path)
+      file_stat = File.stat(File.join(@root, path.b))
+    rescue SystemCallError
+      false
+    else
+      file_stat.file? && file_stat.readable?
+    end
+
+    def compressible?(content_type)
+      @compressible_content_types.match?(content_type)
+    end
+
+    def each_precompressed_filepath(filepath)
+      @precompressed.each do |content_encoding|
+        precompressed_ext = PRECOMPRESSED.fetch(content_encoding)
+        yield content_encoding, "#{filepath}#{precompressed_ext}"
+      end
+
+      nil
+    end
+
+    def each_candidate_filepath(path_info)
+      return unless (path = clean_path(path_info))
+
+      ext = ::File.extname(path)
+      content_type = ::Rack::Mime.mime_type(ext, nil)
+      yield path, content_type || "text/plain"
+
+      # Tack on .html and /index.html only for paths that don't have
+      # an explicit, resolvable file extension. No need to check
+      # for foo.js.html and foo.js/index.html.
+      unless content_type
+        default_ext = ::ActionController::Base.default_static_extension
+        if ext != default_ext
+          default_content_type = ::Rack::Mime.mime_type(default_ext, "text/plain")
+
+          yield "#{path}#{default_ext}", default_content_type
+          yield "#{path}/#{@index}#{default_ext}", default_content_type
+        end
+      end
+
+      nil
+    end
+
+    def clean_path(path_info)
+      path = ::Rack::Utils.unescape_path path_info.chomp("/")
+      if ::Rack::Utils.valid_path? path
+        ::Rack::Utils.clean_path_info path
+      end
+    end
+  end
+end

data/lib/static-rails/gets_csrf_token.rb

@@ -10,16 +10,18 @@ module StaticRails
 
     private
 
-    def csrf_token_hmac(session, identifier)
-      ActionController::RequestForgeryProtection.instance_method(:csrf_token_hmac).bind(self).call(session, identifier)
-    end
-
-    def mask_token(raw_token)
-      ActionController::RequestForgeryProtection.instance_method(:mask_token).bind(self).call(raw_token)
+    [
+      :csrf_token_hmac,
+      :mask_token,
+      :xor_byte_strings
+    ].each do |method|
+      define_method method do |*args, **kwargs, &blk|
+        ActionController::RequestForgeryProtection.instance_method(method).bind(self).call(*args, **kwargs, &blk)
+      end
     end
 
     def masked_authenticity_token(session, form_options: {})
-      ActionController::RequestForgeryProtection.instance_method(:masked_authenticity_token).bind(self).call(session, form_options)
+      ActionController::RequestForgeryProtection.instance_method(:masked_authenticity_token).bind(self).call(session, form_options: form_options)
     end
 
     def global_csrf_token(session)
@@ -30,12 +32,12 @@ module StaticRails
       ActionController::RequestForgeryProtection.instance_method(:real_csrf_token).bind(self).call(session)
     end
 
-    def xor_byte_strings(s1, s2)
-      ActionController::RequestForgeryProtection.instance_method(:xor_byte_strings).bind(self).call(s1, s2)
-    end
-
     def per_form_csrf_tokens
       false
     end
+
+    def urlsafe_csrf_tokens
+      Rails.application.config.action_controller.urlsafe_csrf_tokens
+    end
   end
 end

data/lib/static-rails/railtie.rb

@@ -10,7 +10,7 @@ module StaticRails
     end
 
     initializer "static_rails.middleware" do
-      config.app_middleware.insert_before 0, SiteMiddleware
+      config.app_middleware.insert_after Rack::Sendfile, SiteMiddleware
       config.app_middleware.use SitePlusCsrfMiddleware
     end
 

data/lib/static-rails/site_middleware.rb

@@ -40,7 +40,7 @@ module StaticRails
         #
         # (By the way, this was all Matthew Draper's bright idea. You can
         # compliment him here: https://github.com/matthewd )
-        @app.call(env.merge("PATH_INFO" => PATH_INFO_OBFUSCATION + env["PATH_INFO"]))
+        @app.call(env.merge("PATH_INFO" => "/" + PATH_INFO_OBFUSCATION + env["PATH_INFO"]))
       elsif StaticRails.config.proxy_requests
         @proxy_middleware.call(env)
       elsif StaticRails.config.serve_compiled_assets

data/lib/static-rails/site_plus_csrf_middleware.rb

@@ -13,10 +13,10 @@ module StaticRails
     end
 
     def call(env)
-      return @app.call(env) unless env["PATH_INFO"]&.start_with?(PATH_INFO_OBFUSCATION) || @determines_whether_to_handle_request.call(env)
+      return @app.call(env) unless env["PATH_INFO"]&.start_with?(/\/?#{PATH_INFO_OBFUSCATION}/o) || @determines_whether_to_handle_request.call(env)
 
       env = env.merge(
-        "PATH_INFO" => env["PATH_INFO"].gsub(/^#{PATH_INFO_OBFUSCATION}/, "")
+        "PATH_INFO" => env["PATH_INFO"].gsub(/^\/?#{PATH_INFO_OBFUSCATION}/o, "")
       )
       status, headers, body = super(env)
 

data/lib/static-rails/static_middleware.rb

@@ -1,6 +1,6 @@
 require "rack-proxy"
-require "action_dispatch/middleware/static"
 
+require_relative "file_handler"
 require_relative "matches_request_to_static_site"
 
 module StaticRails
@@ -18,9 +18,8 @@ module StaticRails
       if (req.get? || req.head?) && (site = @matches_request_to_static_site.call(req))
         file_handler = file_handler_for(site)
         path = req.path_info.gsub(/^#{site.url_root_path}/, "").chomp("/")
-        if (match = matching_file_for(file_handler, site, path))
-          req.path_info = match
-          return file_handler.serve(req)
+        if (result = serve_file_for(file_handler, site, path, req))
+          return result
         end
       end
 
@@ -32,19 +31,39 @@ module StaticRails
     # The same file handler used by Rails when serving up files from /public
     #   See: actionpack/lib/action_dispatch/middleware/static.rb
     def file_handler_for(site)
-      @file_handlers[site] ||= ActionDispatch::FileHandler.new(
+      @file_handlers[site] ||= FileHandler.new(
         StaticRails.config.app.root.join(site.compile_dir).to_s,
         headers: {
           "cache-control" => "public; max-age=31536000"
-        }
+        },
+        compressible_content_types: /^text\/|[\/+](javascript|json|text|xml|css|yaml)$/i
       )
     end
 
-    def matching_file_for(file_handler, site, path)
-      if (match = file_handler.match?(path))
-        match
+    def serve_file_for(file_handler, site, path, req)
+      if (found = file_handler.find_file(path, accept_encoding: req.accept_encoding))
+        serve_file(file_handler, found, req)
       elsif site.compile_404_file_path.present?
-        file_handler.match?(site.compile_404_file_path)
+        found = file_handler.find_file(site.compile_404_file_path, accept_encoding: req.accept_encoding)
+        serve_file(file_handler, found, req, 404)
+      end
+    end
+
+    def serve_file(file_handler, file, req, status_override = nil)
+      return unless file
+      file_handler.serve(req, *file).tap do |result|
+        result[0] = status_override unless status_override.nil?
+        override_cache_control_if_we_probably_shouldnt_cache!(file, result[1])
+      end
+    end
+
+    PROBABLY_SHOULDNT_CACHE_MIME_TYPES = [
+      "text/html", "application/xml", "application/rss+xml"
+    ]
+    def override_cache_control_if_we_probably_shouldnt_cache!(file, headers = {})
+      mime_type = file[1]["Content-Type"]
+      if PROBABLY_SHOULDNT_CACHE_MIME_TYPES.include?(mime_type)
+        headers["cache-control"] = "no-cache, no-store"
       end
     end
   end

data/lib/static-rails/validates_csrf_token.rb

@@ -29,5 +29,9 @@ module StaticRails
     def per_form_csrf_tokens
       false
     end
+
+    def urlsafe_csrf_tokens
+      Rails.application.config.action_controller.urlsafe_csrf_tokens
+    end
   end
 end

data/lib/static-rails/version.rb

@@ -1,3 +1,3 @@
 module StaticRails
-  VERSION = "0.0.10"
+  VERSION = "0.1.0"
 end

data/script/setup

@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+set -e
+
+echo "--> Installing static-rails' Ruby deps"
+bundle install --path vendor/bundle
+
+echo "--> Installing example app's Ruby deps"
+cd example
+bundle install --path vendor/bundle
+cd ..
+
+echo "--> Installing example app's JS deps"
+cd example
+yarn install
+cd ..
+
+echo "--> Installing example app's Jekyll site's Ruby deps"
+cd example/static/docs
+bundle install --path vendor/bundle
+cd ../../..
+
+echo "--> Installing example app's Eleventy site's JS deps"
+cd example/static/blog-docs
+npm install
+cd ../../..
+
+

data/script/test

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+set -e
+
+echo "--> Running example app's tests"
+cd example
+./script/test
+cd ..
+
+echo "--> Running standard:fix"
+bundle exec rake standard:fix
+

data/static-rails.gemspec

@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
   spec.summary = "Build & serve static sites (e.g. Jekyll, Hugo) from your Rails app"
   spec.homepage = "https://github.com/testdouble/static-rails"
   spec.license = "MIT"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.3.0")
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.5.0")
 
   spec.metadata["homepage_uri"] = spec.homepage
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: static-rails
 version: !ruby/object:Gem::Version
-  version: 0.0.10
+  version: 0.1.0
 platform: ruby
 authors:
 - Justin Searls
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-06-11 00:00:00.000000000 Z
+date: 2021-05-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -64,6 +64,7 @@ files:
 - lib/static-rails/configuration.rb
 - lib/static-rails/determines_whether_to_handle_request.rb
 - lib/static-rails/error.rb
+- lib/static-rails/file_handler.rb
 - lib/static-rails/gets_csrf_token.rb
 - lib/static-rails/matches_request_to_static_site.rb
 - lib/static-rails/proxy_middleware.rb
@@ -80,6 +81,8 @@ files:
 - lib/static-rails/version.rb
 - lib/static-rails/waits_for_connection.rb
 - lib/tasks/static-rails.rake
+- script/setup
+- script/test
 - static-rails.gemspec
 homepage: https://github.com/testdouble/static-rails
 licenses:
@@ -94,14 +97,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.0
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.4
 signing_key: 
 specification_version: 4
 summary: Build & serve static sites (e.g. Jekyll, Hugo) from your Rails app