Remove Content-Security-Policy initializer in API-only Applications

Since `ContentSecurityPolicy::Middleware` is not loaded in API-only Applications, initializer is unnecessary. Ref: https://github.com/rails/rails/blob/9c10fec4c06da38f8975dfb851f4d899aa85f8b7/railties/lib/rails/application/default_middleware_stack.rb#L66..L68

Remove Content-Security-Policy initializer in API-only Applications
Since `ContentSecurityPolicy::Middleware` is not loaded in API-only Applications, initializer is unnecessary. Ref: https://github.com/rails/rails/blob/9c10fec4c06da38f8975dfb851f4d899aa85f8b7/railties/lib/rails/application/default_middleware_stack.rb#L66..L68
a64be3ea · yuuji.yaginuma · 9c10fec4 · a64be3ea · a64be3ea
2 changed file
--- a/railties/lib/rails/generators/rails/app/app_generator.rb
+++ b/railties/lib/rails/generators/rails/app/app_generator.rb
@@ -128,6 +128,7 @@ def config_when_updating
      active_storage_config_exist    = File.exist?("config/storage.yml")
      rack_cors_config_exist         = File.exist?("config/initializers/cors.rb")
      assets_config_exist            = File.exist?("config/initializers/assets.rb")
+      csp_config_exist               = File.exist?("config/initializers/content_security_policy.rb")

      config

@@ -155,6 +156,10 @@ def config_when_updating
        unless assets_config_exist
          remove_file "config/initializers/assets.rb"
        end
+
+        unless csp_config_exist
+          remove_file "config/initializers/content_security_policy.rb"
+        end
      end
    end

@@ -432,6 +437,7 @@ def delete_action_cable_files_skipping_action_cable
      def delete_non_api_initializers_if_api_option
        if options[:api]
          remove_file "config/initializers/cookies_serializer.rb"
+          remove_file "config/initializers/content_security_policy.rb"
        end
      end


--- a/railties/test/generators/api_app_generator_test.rb
+++ b/railties/test/generators/api_app_generator_test.rb
@@ -72,6 +72,7 @@ def test_app_update_does_not_generate_unnecessary_config_files

    assert_no_file "config/initializers/cookies_serializer.rb"
    assert_no_file "config/initializers/assets.rb"
+    assert_no_file "config/initializers/content_security_policy.rb"
  end

  def test_app_update_does_not_generate_unnecessary_bin_files
@@ -149,6 +150,7 @@ def skipped_files
         bin/yarn
         config/initializers/assets.rb
         config/initializers/cookies_serializer.rb
+         config/initializers/content_security_policy.rb
         lib/assets
         test/helpers
         tmp/cache/assets