My opinionated ruby on rails template
Improve clarity of CSP console messages based on code review feedback
Co-authored-by: jaspermayone <65788728+jaspermayone@users.noreply.github.com>
+2
-2
+2
-2
modules/csp.rb
+2
-2
modules/csp.rb
···
5
5
gem 'rack-cors'
6
6
# bundler-audit included by Rails 8
7
7
8
-
say ' Skipping strict Content Security Policy (configured as permissive)...', :cyan
8
+
say ' Content Security Policy disabled by default (can be enabled in initializer)...', :cyan
9
9
initializer 'content_security_policy.rb', <<~RUBY
10
10
# frozen_string_literal: true
11
11
···
84
84
}
85
85
RUBY
86
86
87
-
say ' Skipping CSP meta tag (CSP is disabled by default)...', :cyan
87
+
say ' Skipping CSP meta tag...', :cyan
88
88
# CSP meta tag is not added since CSP is disabled by default
89
89
# Uncomment below if you enable CSP in the initializer
90
90
# inject_into_file 'app/views/layouts/application.html.erb', after: "<%= csrf_meta_tags %>\n" do