DGNum/demarches-normaliennes
13
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Remove rack_mini_profiler from prod as it could show env var and force us to allow unsafe_eval and script in csp

Browse source
This commit is contained in:
simon lehericey 2020-10-30 17:07:06 +01:00
parent da371be9e2
commit d82d1132c2
3 changed files with 4 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

7
app/controllers/application_controller.rb
View file

@ -12,7 +12,6 @@ class ApplicationController < ActionController::Base
before_action :load_navbar_left_pannel_partial_url
before_action :set_raven_context
before_action :redirect_if_untrusted
before_action :authorize_request_for_profiler
before_action :reject, if: -> { feature_enabled?(:maintenance_mode) }
before_action :staging_authenticate
@ -30,12 +29,6 @@ class ApplicationController < ActionController::Base
end
end
def authorize_request_for_profiler
if feature_enabled?(:mini_profiler)
Rack::MiniProfiler.authorize_request
end
end
def load_navbar_left_pannel_partial_url
controller = request.controller_class
method = params[:action]