In #34709 we updated the guide, but `actioncable/README.md` is still
outdated. Instead of fixing content in the file. I suggest
not duplicate the info that is already in the guide and instead remove
the info from the file and just add a message:
"You can read more about Action Cable in the
[Action Cable Overview](https://edgeguides.rubyonrails.org/action_cable_overview.html) guide."

The same approach is being used for Action Mailbox and Action Text,
see #34812 and #34878.

Fixes #33083

- Use valid `fragment identifier` in the URL
- Use `https`

In some examples and guides we are recommending to use code like:

```ruby
verified_user = User.find_by(id: cookies.signed[:user_id])
```

My suggestion is to use instead:

```ruby
verified_user = User.find_by(id: cookies.encrypted[:user_id])
```

which invites users to prefer the "newer" encrypted cookies over the
"legacy" signed cookies.

".. with __dir__ we can restore order in the Universe." - by @fxn

Related to 5b8738c2

Assigning local variable named `current_user` in the condition is
confusing.

This reverts commit 296d024b, reversing
changes made to e341d835.

We aren't trying to compare to current_user, we're assigning that variable.

WebSocket always defers the decision to the server, because it didn't
have to deal with legacy compatibility... but the same-origin policy is
still a reasonable default.

Origin checks do not protect against a directly connecting attacker --
they can lie about their host, but can also lie about their origin.
Origin checks protect against a connection from 3rd-party controlled
script in a context where a victim browser's cookies will be passed
along. And if an attacker has breached that protection, they've already
compromised the HTTP session, so treating the WebSocket connection in
the same way seems reasonable.

In case this logic proves incorrect (or anyone just wants to be more
paranoid), we retain a config option to disable it.

When the `allow_same_origin_as_host` is set to `true`, the request
forgery protection permits `HTTP_ORIGIN` values starting with the
corresponding `proto://` prefix followed by `HTTP_HOST`. This way
it is not required to specify the list of allowed URLs.

All other Rails components feature this section, Action Cable should
have it as well.

[ci skip]

- Only Action Cable README did not have this section, all of the other
  READMEs have this section.

- Remove "Configuration", "Running the server", "Dependencies" and "Deployment"
  sections from the Action Cable README as they are already duplicated in the
  Action Cable overview guide.

Added 'sh' for markdown formatting as bash.

Sorry, forgot to include in my main PR :(

[ci skip]

[Jon Moss, Zach Schneider]

In #23935, cable file was to be provided by the javascript instead of coffeescript,
doc was also been modified to use javascript.

[ci skip]

default worker pool size was changed from 100 to 4 at #24376

Follow up to 8b69f1ee

Suggest that the configuration of the action cable Allowed Request Origins values by done in the appropriate config/environments file.

* Fix typos/grammar errors
* Make capitalization/naming consistent

This PR checks all active Action Cable documentation for typos and other
fixes. It aims to make sure that when Rails 5 is released, that the
Action Cable docs are up to snuff with the other documentation included
with Rails.

[ci skip]