1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
rails--rails/railties/lib/rails/application_controller.rb
Ryuta Kamizono c81af6ae72 Enable Layout/EmptyLinesAroundAccessModifier cop
We sometimes say "✂️ newline after `private`" in a code review (e.g.
https://github.com/rails/rails/pull/18546#discussion_r23188776,
https://github.com/rails/rails/pull/34832#discussion_r244847195).

Now `Layout/EmptyLinesAroundAccessModifier` cop have new enforced style
`EnforcedStyle: only_before` (https://github.com/rubocop-hq/rubocop/pull/7059).

That cop and enforced style will reduce the our code review cost.
2019-06-13 12:00:45 +09:00

28 lines
804 B
Ruby

# frozen_string_literal: true
class Rails::ApplicationController < ActionController::Base # :nodoc:
self.view_paths = File.expand_path("templates", __dir__)
layout "application"
before_action :disable_content_security_policy_nonce!
content_security_policy do |policy|
policy.script_src :unsafe_inline
policy.style_src :unsafe_inline
end
private
def require_local!
unless local_request?
render html: "<p>For security purposes, this information is only available to local requests.</p>".html_safe, status: :forbidden
end
end
def local_request?
Rails.application.config.consider_all_requests_local || request.local?
end
def disable_content_security_policy_nonce!
request.content_security_policy_nonce_generator = nil
end
end