gem install rails --pre EDITOR="code --wait" bin/rails credentials:edit rails c 2.4.2 :001 > Rails.application.credentials.test => "value"





# Define an application-wide content security policy # For further information see the following documentation # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy Rails.application.config.content_security_policy do |p| p.default_src :self, :https, 'http://localhost:9200' p.font_src :self, :https, :data p.img_src :self, :https, :data p.object_src :none p.script_src :self, :https p.style_src :self, :https, :unsafe_inline # Specify URI for violation reports # p.report_uri "/csp-violation-report-endpoint" end # Report CSP violations to a specified URI # For further information see the following documentation: # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only # Rails.application.config.content_security_policy_report_only = true





# Override policy inline class PostsController < ApplicationController content_security_policy do |p| p.upgrade_insecure_requests true end end # Using literal values class PostsController < ApplicationController content_security_policy do |p| p.base_uri "https://www.example.com" end end # Using mixed static and dynamic values class PostsController < ApplicationController content_security_policy do |p| p.base_uri :self, -> { "https://#{current_user.domain}.example.com" } end end <%= form_with model, id: 'model' do |f| %> <% end %> config.action_view.form_with_generates_ids = false 2.4.2 :001 > Time.new.next_year => 2019-01-07 20:51:11 -0500 2.4.2 :002 > Time.new.next_year(4) => 2022-01-07 20:51:15 -0500 2.4.2 :003 > Time.new.next_month(4) => 2018-05-07 20:51:29 -0400 2.4.2 :004 > Time.new.prev_month(4) => 2017-09-07 20:51:42 -0400 2.4.2 :005 > Time.new.prev_day(4) => 2018-01-03 20:51:59 -0500 2.4.2 :006 >



