Comments (2)
I think we should make this change, but I'm not sure what the impact is on existing JS libraries. We're going to have to coordinate fixing Rails along with the corresponding JS libraries. If someone wants to handle that work, I'd really appreciate it!
from rails.
On the rails side, I wonder if it would make sense to add a depreciation warning for csp_meta_tag
and introduce a csp_nonce_meta_tag
with the new behaviour. This would allow for a more graceful upgrade path.
I can take a shot at some PRs, I think the JS libraries can be made backwards compatible by looking for both nonce
& content
prior to the rails change.
Question: How are the JS files updated which are included in the Rails source? IE should I make PRs against both Trix & Rails for the change, or would just against the Trix repo be enough & the changes will be applied to the rails Trix asset at some point?
from rails.
Related Issues (20)
- database.yml gets evaluated before initializers run since Rails 7.1.0 HOT 7
- [ActiveRecord] PostgreSQL Adapter skips update on CIDR column when only netmask is changed
- ActionView's typecast method raises an TypeError on Resolver-object instance, but it shouldn't HOT 1
- Is there already a built-in method from the Rails API for finding all NESTED belongs_to associations? HOT 1
- Update getting started guide to include ImportMap and Turbo initalization.
- [7.1] MIME parsing raising errors on valid parameters HOT 1
- Rails Query Issue with Null Value Comparison HOT 1
- [Bug][ActionCable/Zeitwerk] Code reloading doesn't close connections
- find_by called with no paramaters HOT 3
- Should select show a prompt when its attribute is false? HOT 8
- collection_check_boxes hidden field ignores :form option
- Action Cable as Stand Alone server leads to Devise::MissingWarden: error HOT 2
- Postgres prepared statements and array queries with certain syntax result in `PG::InvalidTextRepresentation` HOT 5
- Rubocop binstubs issue causes failures on Windows
- [ActiveRecord] Enum defined methods does not follow naming convention HOT 5
- `ActiveRecord::ConnectionAdapters::SQLite3Adapter#initialize` does not correctly create missing parent directories HOT 6
- `Object.as_json` is too optimistic and causes errors in 3rd party code. HOT 4
- `ActiveSupport::Inflector` isolation/conflicts: recommended approach HOT 4
- ActiveRecord/Postgresql composite primary keys breaks count query on includes+references HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rails.