Disable some unused Rails features

I noticed when running `rails routes` that there's a lot of routes for
major unused Rails features, like storage. I didn't look deeply enough
into ActiveStorage to know if I was risking accepting arbitrary file
uploads, I just figured, if I disable it (which simplifies the app
footprint anyway), then I can be certain! So, goodbye!
This commit is contained in:
Emi Matchu 2023-11-11 15:12:41 -08:00
parent 8f226cd129
commit e22809deb3
3 changed files with 26 additions and 3 deletions

View file

@ -1,6 +1,29 @@
require_relative "boot" require_relative "boot"
require "rails/all" require "rails"
# We disable some components we don't use, to: omit their routes, be confident
# that there's not e.g. surprise storage happening on the machine, and keep the
# app footprint smaller.
#
# Disabled:
# - active_storage/engine
# - active_job/railtie
# - action_cable/engine
# - action_mailbox/engine
# - action_text/engine
%w(
active_record/railtie
action_controller/railtie
action_view/railtie
action_mailer/railtie
rails/test_unit/railtie
).each do |railtie|
begin
require railtie
rescue LoadError
end
end
# Require the gems listed in Gemfile, including any gems # Require the gems listed in Gemfile, including any gems
# you've limited to :test, :development, or :production. # you've limited to :test, :development, or :production.

View file

@ -34,7 +34,7 @@ Rails.application.configure do
end end
# Store uploaded files on the local file system (see config/storage.yml for options). # Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = :local # config.active_storage.service = :local
# Don't care if the mailer can't send. # Don't care if the mailer can't send.
config.action_mailer.raise_delivery_errors = false config.action_mailer.raise_delivery_errors = false

View file

@ -40,7 +40,7 @@ Rails.application.configure do
# config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
# Store uploaded files on the local file system (see config/storage.yml for options). # Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = :local # config.active_storage.service = :local
# Mount Action Cable outside main process or domain. # Mount Action Cable outside main process or domain.
# config.action_cable.mount_path = nil # config.action_cable.mount_path = nil