From b192b48fc7a04ed6849a81c40c513922c4fabcef Mon Sep 17 00:00:00 2001
From: Pierre de La Morinerie <kemenaran@gmail.com>
Date: Mon, 20 Jul 2020 15:54:42 +0200
Subject: [PATCH] config: use Rails 5.0 options

Stop overriding Rails 5.0 options, and use the framework defaults.

(Except for `active_record.belongs_to_required_by_default`, which is a
lot of work and will be fixed later.)
---
 config/application.rb | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/config/application.rb b/config/application.rb
index 37098a13e..82f67f903 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -42,11 +42,11 @@ module TPS
     default_allowed_tags = ['strong', 'em', 'b', 'i', 'p', 'code', 'pre', 'tt', 'samp', 'kbd', 'var', 'sub', 'sup', 'dfn', 'cite', 'big', 'small', 'address', 'hr', 'br', 'div', 'span', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'ul', 'ol', 'li', 'dl', 'dt', 'dd', 'abbr', 'acronym', 'a', 'img', 'blockquote', 'del', 'ins']
     config.action_view.sanitized_allowed_tags = default_allowed_tags + ['u']
 
-    config.action_controller.per_form_csrf_tokens = nil
-    config.action_controller.forgery_protection_origin_check = nil
-    ActiveSupport.to_time_preserves_timezone = false
+    # Since Rails 5.0, this option is enabled by default.
+    # However we keep it disabled for now, because many of our specs and fatories
+    # do not build the required associations properly.
+    # TODO: fix the specs, and enable this option.
     config.active_record.belongs_to_required_by_default = false
-    config.ssl_options = {}
 
     # Some mobile browsers have a behaviour where, although they will delete the session
     # cookie when the browser shutdowns, they will still serve a cached version