checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
---
2
2
SHA256:
3
- metadata.gz: b3b37255b188591ca005e9421faf46d08a6906e5d13d7b6d2bc27cc278dde8ea
4
- data.tar.gz: 1d3faec5a30ce6c2cbe41b7c543b9e1b3fd9162320c2a8babf08533b4aebec41
3
+ metadata.gz: 803f622685cadb160b0cf327865bf93587e178a4ffffead1f8605f9934cd6416
4
+ data.tar.gz: 5e41faf3bfb89d88005c3667d916ace976a4800c1b8336d1763e24b554b5dcd6
5
5
SHA512:
6
- metadata.gz: f2dce0a879ba0931ed9ff2544ebabae420780a3f6c25bc9617f36c833758d4408f4c2ef388ed5bf59974a225d6cdfa2a578d217f5c552f9b0abfc0242de381c1
7
- data.tar.gz: b29d086dcf4a9c93f5892ae204ac1f0ad8a51cd24d918fdcecc56f02cc87de8b99cdeccce4eb2111de563d923aa4059ed8f294a2f1c00c71f066d3cb313de15b
6
+ metadata.gz: dd37845719179bf39ec81db748348b6d761a7877d1a0e3ddc20eb74115f45f6c0992c014a3be9087b3cdc432ce91faf87f2fcacc0bcdc2bd4a3c6dacc1da64ef
7
+ data.tar.gz: 5741fd20f61a7bde1f5acd7db3aa440a9613e125edc24b088e52a9ad3e6e1dec3d01c32c754a8120aadad66f2fb1195e58748642b6e4bfae8d1c169ddd7ae128
data/CHANGELOG.md CHANGED
@@ -17,6 +17,17 @@ This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a Ch
17
17
### Breaks
18
18
19
19
20
+ ## 2.1.0 - (2019-09-11)
21
+ ---
22
+
23
+ ### New
24
+ * Automatically add `crossorigin="anonymous"` for SRI resources
25
+ * Separate manifest caching and eager loading
26
+
27
+ ### Changes
28
+ * Remove defunct onboot manifest validation (f3fe8f57)
29
+
30
+
20
31
## 2.0.1 - (2019-08-09)
21
32
---
22
33
@@ -33,7 +44,6 @@ This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a Ch
33
44
34
45
### Breaks
35
46
* Change `manifest` configuration option into `manifests` to support multiple files
36
- * Change configuration option into to support multiple files
37
47
38
48
39
49
## 1.1.0 - (2019-08-08)
data/README.md CHANGED
@@ -17,7 +17,7 @@ This gem does not make any assumption on which tool to use to make your assets n
17
17
}
18
18
```
19
19
20
- This gem does not add new helper methods but extends the existing helpers. SRI is automatically added if available and within a secure context:
20
+ This gem does not add new helper methods but extends the existing helpers. SRI is automatically added if available and within a secure context. A `crossorigin="anonymous"` attribute is automatically added if non is present.
21
21
22
22
```slim
23
23
html
@@ -27,8 +27,8 @@ html
27
27
```
28
28
29
29
```html
30
- <link rel="stylesheet" media="all" href="2b16adf6f756625a0194.css" integrity="sha384-/oreyvcV6U6htGZD0fDWR8/Txezke8KhD0QNgHb660hSaW7M+ZzxxuB4Vo+PuAC9">
31
- <script src="2b16adf6f756625a0194.js" integrity="sha384-iJ55fQQApbQGxWEWSbWStBabi+yNGxZSQy/010+1Dhxl+rymyhGF4NtjUkOsYv7B"></script>
30
+ <link rel="stylesheet" media="all" href="2b16adf6f756625a0194.css" integrity="sha384-/oreyvcV6U6htGZD0fDWR8/Txezke8KhD0QNgHb660hSaW7M+ZzxxuB4Vo+PuAC9" crossorigin="anonymous">
31
+ <script src="2b16adf6f756625a0194.js" integrity="sha384-iJ55fQQApbQGxWEWSbWStBabi+yNGxZSQy/010+1Dhxl+rymyhGF4NtjUkOsYv7B" crossorigin="anonymous"></script>
32
32
```
33
33
34
34
## Installation
@@ -47,7 +47,7 @@ The manifest path can be configured e.g. in an environment:
47
47
config.assets.manifests = %w(public/.asset-manifest.json)
48
48
```
49
49
50
- If `config.cache_classes` is set to `true` the manifest file be loaded once on boot and raise errors if missing or invalid.
50
+ If `config.cache_classes` is set to `true` the manifest file be loaded once on boot.
51
51
52
52
Assets included with `integrity: true` will raise an error if the integrity option is missing in the manifest.
53
53
data/lib/rails/assets/manifest.rb CHANGED
@@ -20,8 +20,10 @@ module Rails
20
20
class << self
21
21
delegate :lookup, :lookup!, to: :instance
22
22
23
- def instance
24
- @instance ||= begin
23
+ attr_reader :instance
24
+
25
+ def prepare!
26
+ @instance = begin
25
27
config = Rails.application.config
26
28
27
29
Manifest.new \
@@ -30,6 +32,11 @@ module Rails
30
32
end
31
33
end
32
34
35
+ def eager_load!
36
+ return unless @instance
37
+ @instance.eager_load!
38
+ end
39
+
33
40
def passthrough?
34
41
Rails.application.config.assets.passthrough
35
42
end
data/lib/rails/assets/manifest/helper.rb CHANGED
@@ -17,7 +17,7 @@ module Rails::Assets::Manifest
17
17
end
18
18
19
19
def javascript_include_tag(*sources, integrity: nil, **kwargs)
20
- return super(*sources, **kwargs) unless compute_integrity?(integrity)
20
+ return super(*sources, **kwargs) unless manifest_use_integrity?(integrity)
21
21
22
22
with_integrity(sources, integrity, :javascript, **kwargs) do |source, options|
23
23
super(source, options)
@@ -25,7 +25,7 @@ module Rails::Assets::Manifest
25
25
end
26
26
27
27
def stylesheet_link_tag(*sources, integrity: nil, **kwargs)
28
- return super(*sources, **kwargs) unless compute_integrity?(integrity)
28
+ return super(*sources, **kwargs) unless manifest_use_integrity?(integrity)
29
29
30
30
with_integrity(sources, integrity, :stylesheet, **kwargs) do |source, options|
31
31
super(source, options)
@@ -34,19 +34,24 @@ module Rails::Assets::Manifest
34
34
35
35
private
36
36
37
- def compute_integrity?(option)
38
- return false unless secure_subresource_integrity_context?
37
+ def manifest_use_integrity?(option)
38
+ return false unless secure_request_context?
39
39
40
40
option || option.nil?
41
41
end
42
42
43
+ # http://www.w3.org/TR/SRI/#non-secure-contexts-remain-non-secure
44
+ def secure_request_context?
45
+ respond_to?(:request) && self.request && (self.request.local? || self.request.ssl?)
46
+ end
47
+
43
48
def with_integrity(sources, required, type, **kwargs)
44
49
sources.map do |source|
45
50
path = path_with_extname(source, type: type, **kwargs)
46
51
47
52
# integrity hash passed directly
48
53
if required.is_a?(String)
49
- next yield(source, integrity: required, **kwargs)
54
+ next yield(source, integrity: required, crossorigin: 'anonymous', **kwargs)
50
55
51
56
# Explicit passed `true` option
52
57
elsif required
@@ -56,7 +61,7 @@ module Rails::Assets::Manifest
56
61
raise IntegrityMissing.new "SRI missing for #{path}"
57
62
end
58
63
59
- next yield(source, integrity: integrity, **kwargs)
64
+ next yield(source, integrity: integrity, crossorigin: 'anonymous', **kwargs)
60
65
61
66
# No integrity option passed or `nil` default from above
62
67
elsif required.nil?
@@ -65,7 +70,7 @@ module Rails::Assets::Manifest
65
70
# Only if it is an asset from our manifest and there is an integrity
66
71
# we default to adding one
67
72
if(entry && entry.integrity)
68
- next yield(source, integrity: entry.integrity, **kwargs)
73
+ next yield(source, integrity: entry.integrity, crossorigin: 'anonymous', **kwargs)
69
74
end
70
75
end
71
76
@@ -73,10 +78,6 @@ module Rails::Assets::Manifest
73
78
end.join.html_safe
74
79
end
75
80
76
- def secure_subresource_integrity_context?
77
- respond_to?(:request) && (request&.local? || request&.ssl?)
78
- end
79
-
80
81
def path_with_extname(path, options)
81
82
path = path.to_s
82
83
"#{path}#{compute_asset_extname(path, options)}"
data/lib/rails/assets/manifest/manifest.rb CHANGED
@@ -7,8 +7,6 @@ module Rails::Assets::Manifest
7
7
def initialize(files:, cache: true)
8
8
@files = Array(files).flatten.each(&:freeze).freeze
9
9
@cache = cache
10
-
11
- data if cache?
12
10
end
13
11
14
12
def cache?
@@ -32,6 +30,10 @@ module Rails::Assets::Manifest
32
30
data.key?(name.to_s)
33
31
end
34
32
33
+ def eager_load!
34
+ data
35
+ end
36
+
35
37
private
36
38
37
39
Entry = Struct.new(:src, :integrity) do
data/lib/rails/assets/manifest/railtie.rb CHANGED
@@ -26,26 +26,12 @@ module Rails
26
26
end
27
27
end
28
28
29
- initializer 'rails-assets-manifest' do |app|
30
- ::Rails::Assets::Manifest.instance if server?
29
+ config.to_prepare do
30
+ ::Rails::Assets::Manifest.prepare!
31
31
end
32
32
33
- private
34
-
33
+ config.before_eager_load do
34
+ ::Rails::Assets::Manifest.eager_load!
35
- def server?
36
- !(console? || generator? || rake?)
37
- end
38
-
39
- def console?
40
- defined?(Rails::Console)
41
- end
42
-
43
- def generator?
44
- defined?(Rails::Generators)
45
- end
46
-
47
- def rake?
48
- File.basename($0) == "rake"
49
35
end
50
36
end
51
37
end
data/lib/rails/assets/manifest/version.rb CHANGED
@@ -5,8 +5,8 @@ module Rails
5
5
module Manifest
6
6
module VERSION
7
7
MAJOR = 2
8
- MINOR = 0
9
- PATCH = 1
8
+ MINOR = 1
9
+ PATCH = 0
10
10
STAGE = nil
11
11
12
12
STRING = [MAJOR, MINOR, PATCH, STAGE].reject(&:nil?).join('.')
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
--- !ruby/object:Gem::Specification
2
2
name: rails-assets-manifest
3
3
version: !ruby/object:Gem::Version
4
- version: 2.0.1
4
+ version: 2.1.0
5
5
platform: ruby
6
6
authors:
7
7
- Jan Graichen
8
8
autorequire:
9
9
bindir: exe
10
10
cert_chain: []
11
- date: 2019-08-09 00:00:00.000000000 Z
11
+ date: 2019-09-11 00:00:00.000000000 Z
12
12
dependencies:
13
13
- !ruby/object:Gem::Dependency
14
14
name: activesupport
@@ -103,7 +103,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
103
103
- !ruby/object:Gem::Version
104
104
version: '0'
105
105
requirements: []
106
- rubygems_version: 3.0.3
106
+ rubygems_version: 3.0.6
107
107
signing_key:
108
108
specification_version: 4
109
109
summary: Load all rails assets from an external manifest.