X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/b86390d303030ae5faca278445ca8b404c1937a4..b755db57a6854d11519d8f7d6d16007f802608ac:/config/initializers/new_framework_defaults_7_0.rb diff --git a/config/initializers/new_framework_defaults_7_0.rb b/config/initializers/new_framework_defaults_7_0.rb index 2c1e76822..79a3a2cf0 100644 --- a/config/initializers/new_framework_defaults_7_0.rb +++ b/config/initializers/new_framework_defaults_7_0.rb @@ -62,7 +62,7 @@ Rails.application.config.active_storage.video_preview_arguments = "-vf 'select=eq(n\\,0)+eq(key\\,1)+gt(scene\\,0.015),loop=loop=-1:size=2,trim=start_frame=1' -frames:v 1 -f image2" # Automatically infer `inverse_of` for associations with a scope. -# Rails.application.config.active_record.automatic_scope_inversing = true +Rails.application.config.active_record.automatic_scope_inversing = true # Raise when running tests if fixtures contained foreign key violations Rails.application.config.active_record.verify_foreign_keys_for_fixtures = true @@ -70,17 +70,17 @@ Rails.application.config.active_record.verify_foreign_keys_for_fixtures = true # Disable partial inserts. # This default means that all columns will be referenced in INSERT queries # regardless of whether they have a default or not. -# Rails.application.config.active_record.partial_inserts = false -# +Rails.application.config.active_record.partial_inserts = false + # Protect from open redirect attacks in `redirect_back_or_to` and `redirect_to`. -# Rails.application.config.action_controller.raise_on_open_redirects = true +Rails.application.config.action_controller.raise_on_open_redirects = true # Change the variant processor for Active Storage. # Changing this default means updating all places in your code that # generate variants to use image processing macros and ruby-vips # operations. See the upgrading guide for detail on the changes required. # The `:mini_magick` option is not deprecated; it's fine to keep using it. -# Rails.application.config.active_storage.variant_processor = :vips +Rails.application.config.active_storage.variant_processor = :vips # If you're upgrading and haven't set `cookies_serializer` previously, your cookie serializer # was `:marshal`. Convert all cookies to JSON, using the `:hybrid` formatter. @@ -107,11 +107,11 @@ Rails.application.config.action_controller.wrap_parameters_by_default = true Rails.application.config.active_support.use_rfc4122_namespaced_uuids = true # Change the default headers to disable browsers' flawed legacy XSS protection. -# Rails.application.config.action_dispatch.default_headers = { -# "X-Frame-Options" => "SAMEORIGIN", -# "X-XSS-Protection" => "0", -# "X-Content-Type-Options" => "nosniff", -# "X-Download-Options" => "noopen", -# "X-Permitted-Cross-Domain-Policies" => "none", -# "Referrer-Policy" => "strict-origin-when-cross-origin" -# } +Rails.application.config.action_dispatch.default_headers = { + "X-Frame-Options" => "SAMEORIGIN", + "X-XSS-Protection" => "0", + "X-Content-Type-Options" => "nosniff", + "X-Download-Options" => "noopen", + "X-Permitted-Cross-Domain-Policies" => "none", + "Referrer-Policy" => "strict-origin-when-cross-origin" +}