Fix `Style/StringLiterals` cop (#30005)

main-rebase-security-fix
Matt Jankowski 2024-04-19 16:33:00 -04:00 committed by GitHub
parent 8d47ba893a
commit 933189887b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 8 additions and 20 deletions

View File

@ -241,18 +241,6 @@ Style/StringConcatenation:
Exclude: Exclude:
- 'config/initializers/paperclip.rb' - 'config/initializers/paperclip.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: EnforcedStyle, ConsistentQuotesInMultiline.
# SupportedStyles: single_quotes, double_quotes
Style/StringLiterals:
Exclude:
- 'config/environments/production.rb'
- 'config/initializers/backtrace_silencers.rb'
- 'config/initializers/http_client_proxy.rb'
- 'config/initializers/rack_attack.rb'
- 'config/initializers/webauthn.rb'
- 'config/routes.rb'
# This cop supports safe autocorrection (--autocorrect). # This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: EnforcedStyleForMultiline. # Configuration parameters: EnforcedStyleForMultiline.
# SupportedStylesForMultiline: comma, consistent_comma, no_comma # SupportedStylesForMultiline: comma, consistent_comma, no_comma

View File

@ -1,6 +1,6 @@
# frozen_string_literal: true # frozen_string_literal: true
require "active_support/core_ext/integer/time" require 'active_support/core_ext/integer/time'
Rails.application.configure do Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb. # Settings specified here will take precedence over those in config/application.rb.
@ -44,7 +44,7 @@ Rails.application.configure do
config.force_ssl = true config.force_ssl = true
config.ssl_options = { config.ssl_options = {
redirect: { redirect: {
exclude: ->(request) { request.path.start_with?('/health') || request.headers["Host"].end_with?('.onion') || request.headers["Host"].end_with?('.i2p') } exclude: ->(request) { request.path.start_with?('/health') || request.headers['Host'].end_with?('.onion') || request.headers['Host'].end_with?('.i2p') }
} }
} }

View File

@ -7,4 +7,4 @@
# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code
# by setting BACKTRACE=1 before calling your invocation, like "BACKTRACE=1 ./bin/rails runner 'MyClass.perform'". # by setting BACKTRACE=1 before calling your invocation, like "BACKTRACE=1 ./bin/rails runner 'MyClass.perform'".
Rails.backtrace_cleaner.remove_silencers! if ENV["BACKTRACE"] Rails.backtrace_cleaner.remove_silencers! if ENV['BACKTRACE']

View File

@ -7,7 +7,7 @@ Rails.application.configure do
proxy = URI.parse(ENV['http_proxy']) proxy = URI.parse(ENV['http_proxy'])
raise "Unsupported proxy type: #{proxy.scheme}" unless %w(http https).include? proxy.scheme raise "Unsupported proxy type: #{proxy.scheme}" unless %w(http https).include? proxy.scheme
raise "No proxy host" unless proxy.host raise 'No proxy host' unless proxy.host
host = proxy.host host = proxy.host
host = host[1...-1] if host[0] == '[' # for IPv6 address host = host[1...-1] if host[0] == '[' # for IPv6 address
@ -24,7 +24,7 @@ Rails.application.configure do
proxy = URI.parse(ENV['http_hidden_proxy']) proxy = URI.parse(ENV['http_hidden_proxy'])
raise "Unsupported proxy type: #{proxy.scheme}" unless %w(http https).include? proxy.scheme raise "Unsupported proxy type: #{proxy.scheme}" unless %w(http https).include? proxy.scheme
raise "No proxy host" unless proxy.host raise 'No proxy host' unless proxy.host
host = proxy.host host = proxy.host
host = host[1...-1] if host[0] == '[' # for IPv6 address host = host[1...-1] if host[0] == '[' # for IPv6 address

View File

@ -14,7 +14,7 @@ class Rack::Attack
end end
def remote_ip def remote_ip
@remote_ip ||= (@env["action_dispatch.remote_ip"] || ip).to_s @remote_ip ||= (@env['action_dispatch.remote_ip'] || ip).to_s
end end
def throttleable_remote_ip def throttleable_remote_ip

View File

@ -6,7 +6,7 @@ WebAuthn.configure do |config|
config.origin = "#{Rails.configuration.x.use_https ? 'https' : 'http'}://#{Rails.configuration.x.web_domain}" config.origin = "#{Rails.configuration.x.use_https ? 'https' : 'http'}://#{Rails.configuration.x.web_domain}"
# Relying Party name for display purposes # Relying Party name for display purposes
config.rp_name = "Mastodon" config.rp_name = 'Mastodon'
# Optionally configure a client timeout hint, in milliseconds. # Optionally configure a client timeout hint, in milliseconds.
# This hint specifies how long the browser should wait for an # This hint specifies how long the browser should wait for an

View File

@ -139,7 +139,7 @@ Rails.application.routes.draw do
resource :inbox, only: [:create], module: :activitypub resource :inbox, only: [:create], module: :activitypub
get '/:encoded_at(*path)', to: redirect("/@%{path}"), constraints: { encoded_at: /%40/ } get '/:encoded_at(*path)', to: redirect('/@%{path}'), constraints: { encoded_at: /%40/ }
constraints(username: %r{[^@/.]+}) do constraints(username: %r{[^@/.]+}) do
with_options to: 'accounts#show' do with_options to: 'accounts#show' do