This Week in Rails

August 26, 2022

Finer-grained error pages and extended routes grepping

Hi, this is Petrik with more Rails updates.

Use the error_highlight gem to locate the columns where an error was raised
Ruby 3.1 added the error_highlight  gem to display the fine-grained location of where an error occurred. Rails will now use error_highlight on error pages to show the column range of where an error occurred.

Extend bin/rails routes --grep to also filter routes by matching against a path
When looking at a path like /users/orhantoy/settings it's not always obvious which controller action corresponds to this route. bin/rails routes --grep will now also match on a path.
$ bin/rails routes --grep /cats/1
Prefix Verb   URI Pattern         Controller#Action
   cat GET    /cats/:id(.:format) cats#show
       PATCH  /cats/:id(.:format) cats#update
       PUT    /cats/:id(.:format) cats#update
       DELETE /cats/:id(.:format) cats#destroy
After the fix for CVE-2022-22577, Rails sends CSP headers for every response, even if the response contains no HTML. However, when we return a 304 Not Modified without any HTML, browsers will update the CSP header, but otherwise reuse the cached HTML. If that HTML contains a script tag with a nonce, this nonce may no longer match a new nonce from the CSP header. This has been fixed by not returning the CSP headers for 304s.

When source and target classes have different attributes, becomes will now adapt attributes such that the extra attributes from the target class are added.

We had 24 contributors since last week. 

That's it for this week!