web-console 4.0.4 → 4.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.markdown +9 -0
- data/README.markdown +2 -1
- data/lib/web_console/template.rb +1 -1
- data/lib/web_console/templates/console.js.erb +17 -4
- data/lib/web_console/templates/layouts/javascript.erb +1 -1
- data/lib/web_console/templates/style.css.erb +1 -1
- data/lib/web_console/version.rb +1 -1
- data/lib/web_console/view.rb +1 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1e582f6eaaeff0b5fd7bedde53a6101c43eb8b5b86cda5f2a0e5a535b10c7bfc
|
4
|
+
data.tar.gz: 5ed7fe9a6bbb404eb7c1a9d4e594a559ca7e65f5184f342a1882cb33152aac2b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9805b430a93e04d8b1865efbb1c10824cd198f79fe8ba3bb2e4b934de2eed777f09c13200d3f07a4db82cf09285c8ea6e60b505186d86ac0d52e45ab937f3130
|
7
|
+
data.tar.gz: ac73f59d7603a019b5a0c96cb7d2583ee8280198dbd719a071c7b77af71650cfd7333c7bb481f98552ba7ed933ddbc3ee00e235292a4c337e2520d71e10975a9
|
data/CHANGELOG.markdown
CHANGED
@@ -2,6 +2,13 @@
|
|
2
2
|
|
3
3
|
## master (unreleased)
|
4
4
|
|
5
|
+
## 4.1.0
|
6
|
+
|
7
|
+
* [#304](https://github.com/rails/web-console/pull/304) Add support for Rails 6.1 ([@stephannv])
|
8
|
+
* [#298](https://github.com/rails/web-console/pull/298) Prevent deprecation warnings by removing template formats ([@mikelkew])
|
9
|
+
* [#297](https://github.com/rails/web-console/pull/297) Use MutationObserver instead of Mutation Events ([@mikelkew])
|
10
|
+
* [#296](https://github.com/rails/web-console/pull/296) Add CSP nonce to injected scripts and styles ([@mikelkew])
|
11
|
+
|
5
12
|
## 4.0.4
|
6
13
|
|
7
14
|
* [fb483743](https://github.com/rails/web-console/commit/fb483743a6a2a4168cdc0b2e03f48fc393991b73) Fix a crash on webrick with Rack 2.2.3 ([@gsamokovarov])
|
@@ -145,6 +152,8 @@ go to 3.1.0 instead.
|
|
145
152
|
* [#84](https://github.com/rails/web-console/pull/84) Allow Rails 5 as dependency in gemspec ([@jonatack])
|
146
153
|
* [#69](https://github.com/rails/web-console/pull/69) Introduce middleware for request dispatch and console rendering ([@gsamokovarov])
|
147
154
|
|
155
|
+
[@stephannv]: https://github.com/stephannv
|
156
|
+
[@mikelkew]: https://github.com/mikelkew
|
148
157
|
[@jonatack]: https://github.com/jonatack
|
149
158
|
[@ryandao]: https://github.com/ryandao
|
150
159
|
[@jeffnv]: https://github.com/jeffnv
|
data/README.markdown
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
<p align=right>
|
2
|
-
Documentation for:
|
2
|
+
<strong>Current version: 4.1.0</strong> Documentation for:
|
3
3
|
<a href=https://github.com/rails/web-console/tree/v1.0.4>v1.0.4</a>
|
4
4
|
<a href=https://github.com/rails/web-console/tree/v2.2.1>v2.2.1</a>
|
5
|
+
<a href=https://github.com/rails/web-console/tree/v3.7.0>v3.7.0</a>
|
5
6
|
</p>
|
6
7
|
|
7
8
|
# Web Console [![Build Status](https://travis-ci.org/rails/web-console.svg?branch=master)](https://travis-ci.org/rails/web-console)
|
data/lib/web_console/template.rb
CHANGED
@@ -17,7 +17,7 @@ module WebConsole
|
|
17
17
|
|
18
18
|
# Render a template (inferred from +template_paths+) as a plain string.
|
19
19
|
def render(template)
|
20
|
-
view = View.
|
20
|
+
view = View.with_empty_template_cache.with_view_paths(template_paths, instance_values)
|
21
21
|
view.render(template: template, layout: false)
|
22
22
|
end
|
23
23
|
end
|
@@ -251,12 +251,14 @@ Autocomplete.prototype.removeView = function() {
|
|
251
251
|
}
|
252
252
|
|
253
253
|
// HTML strings for dynamic elements.
|
254
|
-
var consoleInnerHtml = <%= render_inlined_string '_inner_console_markup
|
255
|
-
var promptBoxHtml = <%= render_inlined_string '_prompt_box_markup
|
254
|
+
var consoleInnerHtml = <%= render_inlined_string '_inner_console_markup' %>;
|
255
|
+
var promptBoxHtml = <%= render_inlined_string '_prompt_box_markup' %>;
|
256
256
|
// CSS
|
257
|
-
var consoleStyleCss = <%= render_inlined_string 'style
|
257
|
+
var consoleStyleCss = <%= render_inlined_string 'style' %>;
|
258
258
|
// Insert a style element with the unique ID
|
259
259
|
var styleElementId = 'sr02459pvbvrmhco';
|
260
|
+
// Nonce to use for CSP
|
261
|
+
var styleElementNonce = '<%= @nonce %>';
|
260
262
|
|
261
263
|
// REPLConsole Constructor
|
262
264
|
function REPLConsole(config) {
|
@@ -416,6 +418,14 @@ REPLConsole.prototype.install = function(container) {
|
|
416
418
|
}
|
417
419
|
}
|
418
420
|
|
421
|
+
var observer = new MutationObserver(function(mutationsList) {
|
422
|
+
for (let mutation of mutationsList) {
|
423
|
+
if (mutation.type === 'childList' && mutation.addedNodes.length > 0) {
|
424
|
+
shiftConsoleActions();
|
425
|
+
}
|
426
|
+
}
|
427
|
+
});
|
428
|
+
|
419
429
|
// Initialize
|
420
430
|
this.container = container;
|
421
431
|
this.outer = consoleOuter;
|
@@ -427,7 +437,7 @@ REPLConsole.prototype.install = function(container) {
|
|
427
437
|
|
428
438
|
findChild(container, 'resizer').addEventListener('mousedown', resizeContainer);
|
429
439
|
findChild(consoleActions, 'close-button').addEventListener('click', closeContainer);
|
430
|
-
|
440
|
+
observer.observe(consoleOuter, { childList: true, subtree: true });
|
431
441
|
|
432
442
|
REPLConsole.currentSession = this;
|
433
443
|
};
|
@@ -441,6 +451,9 @@ REPLConsole.prototype.insertCss = function() {
|
|
441
451
|
style.type = 'text/css';
|
442
452
|
style.innerHTML = consoleStyleCss;
|
443
453
|
style.id = styleElementId;
|
454
|
+
if (styleElementNonce.length > 0) {
|
455
|
+
style.nonce = styleElementNonce;
|
456
|
+
}
|
444
457
|
document.getElementsByTagName('head')[0].appendChild(style);
|
445
458
|
};
|
446
459
|
|
data/lib/web_console/version.rb
CHANGED
data/lib/web_console/view.rb
CHANGED
@@ -22,6 +22,7 @@ module WebConsole
|
|
22
22
|
# leaking globals, unless you explicitly want to.
|
23
23
|
def render_javascript(template)
|
24
24
|
assign(template: template)
|
25
|
+
assign(nonce: @env["action_dispatch.content_security_policy_nonce"])
|
25
26
|
render(template: template, layout: "layouts/javascript")
|
26
27
|
end
|
27
28
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: web-console
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.0
|
4
|
+
version: 4.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Charlie Somerville
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date: 2020-
|
14
|
+
date: 2020-11-05 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: railties
|