Resources

Summary

gem install rails --pre
EDITOR="code --wait" bin/rails credentials:edit
rails c
2.4.2 :001 > Rails.application.credentials.test
 => "value"

# Define an application-wide content security policy
# For further information see the following documentation
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
Rails.application.config.content_security_policy do |p|
  p.default_src :self, :https, 'http://localhost:9200'
  p.font_src    :self, :https, :data
  p.img_src     :self, :https, :data
  p.object_src  :none
  p.script_src  :self, :https
  p.style_src   :self, :https, :unsafe_inline
  # Specify URI for violation reports
  # p.report_uri "/csp-violation-report-endpoint"
end
# Report CSP violations to a specified URI
# For further information see the following documentation:
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
# Rails.application.config.content_security_policy_report_only = true

# Override policy inline
class PostsController < ApplicationController
  content_security_policy do |p|
    p.upgrade_insecure_requests true
  end
end

# Using literal values
class PostsController < ApplicationController
  content_security_policy do |p|
    p.base_uri "https://www.example.com"
  end
end

# Using mixed static and dynamic values
class PostsController < ApplicationController
  content_security_policy do |p|
    p.base_uri :self, -> { "https://#{current_user.domain}.example.com" }
  end
end

<%= form_with model, id: 'model' do |f| %>
<% end %>
config.action_view.form_with_generates_ids = false

2.4.2 :001 > Time.new.next_year
 => 2019-01-07 20:51:11 -0500
2.4.2 :002 > Time.new.next_year(4)
 => 2022-01-07 20:51:15 -0500
2.4.2 :003 > Time.new.next_month(4)
 => 2018-05-07 20:51:29 -0400
2.4.2 :004 > Time.new.prev_month(4)
 => 2017-09-07 20:51:42 -0400
2.4.2 :005 > Time.new.prev_day(4)
 => 2018-01-03 20:51:59 -0500
2.4.2 :006 >