new_framework_defaults.rb 1.1 KB

12345678910111213141516171819202122232425
  1. # Be sure to restart your server when you modify this file.
  2. #
  3. # This file contains migration options to ease your Rails 5.0 upgrade.
  4. #
  5. # Read the Rails 5.0 release notes for more info on each option.
  6. # Enable per-form CSRF tokens. Previous versions had false.
  7. Rails.application.config.action_controller.per_form_csrf_tokens = true
  8. # Enable origin-checking CSRF mitigation. Previous versions had false.
  9. Rails.application.config.action_controller.forgery_protection_origin_check = true
  10. # Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`.
  11. # Previous versions had false.
  12. ActiveSupport.to_time_preserves_timezone = true
  13. # Require `belongs_to` associations by default. Previous versions had false.
  14. Rails.application.config.active_record.belongs_to_required_by_default = true
  15. # Do not halt callback chains when a callback returns false. Previous versions had true.
  16. ActiveSupport.halt_callback_chains_on_return_false = false
  17. # Configure SSL options to enable HSTS with subdomains. Previous versions had false.
  18. Rails.application.config.ssl_options = { hsts: { subdomains: true } }