StandardRB fixes

2026-01-01 13:29:44 +11:00
parent 7d3af2bcec
commit 93a0edb0a2
79 changed files with 779 additions and 786 deletions
--- a/app/controllers/api/csp_controller.rb
+++ b/app/controllers/api/csp_controller.rb
@@ -8,7 +8,7 @@ module Api
    def violation_report
      # Parse CSP violation report
      report_data = JSON.parse(request.body.read)
-      csp_report = report_data['csp-report']
+      csp_report = report_data["csp-report"]

      # Validate that we have a proper CSP report
      unless csp_report.is_a?(Hash) && csp_report.present?
@@ -19,28 +19,28 @@ module Api

      # Log the violation for security monitoring
      Rails.logger.warn "CSP Violation Report:"
-      Rails.logger.warn "  Blocked URI: #{csp_report['blocked-uri']}"
-      Rails.logger.warn "  Document URI: #{csp_report['document-uri']}"
-      Rails.logger.warn "  Referrer: #{csp_report['referrer']}"
-      Rails.logger.warn "  Violated Directive: #{csp_report['violated-directive']}"
-      Rails.logger.warn "  Original Policy: #{csp_report['original-policy']}"
+      Rails.logger.warn "  Blocked URI: #{csp_report["blocked-uri"]}"
+      Rails.logger.warn "  Document URI: #{csp_report["document-uri"]}"
+      Rails.logger.warn "  Referrer: #{csp_report["referrer"]}"
+      Rails.logger.warn "  Violated Directive: #{csp_report["violated-directive"]}"
+      Rails.logger.warn "  Original Policy: #{csp_report["original-policy"]}"
      Rails.logger.warn "  User Agent: #{request.user_agent}"
      Rails.logger.warn "  IP Address: #{request.remote_ip}"

      # Emit structured event for CSP violation
      # This allows multiple subscribers to process the event (Sentry, local logging, etc.)
      Rails.event.notify("csp.violation", {
-        blocked_uri: csp_report['blocked-uri'],
-        document_uri: csp_report['document-uri'],
-        referrer: csp_report['referrer'],
-        violated_directive: csp_report['violated-directive'],
-        original_policy: csp_report['original-policy'],
-        disposition: csp_report['disposition'],
-        effective_directive: csp_report['effective-directive'],
-        source_file: csp_report['source-file'],
-        line_number: csp_report['line-number'],
-        column_number: csp_report['column-number'],
-        status_code: csp_report['status-code'],
+        blocked_uri: csp_report["blocked-uri"],
+        document_uri: csp_report["document-uri"],
+        referrer: csp_report["referrer"],
+        violated_directive: csp_report["violated-directive"],
+        original_policy: csp_report["original-policy"],
+        disposition: csp_report["disposition"],
+        effective_directive: csp_report["effective-directive"],
+        source_file: csp_report["source-file"],
+        line_number: csp_report["line-number"],
+        column_number: csp_report["column-number"],
+        status_code: csp_report["status-code"],
        user_agent: request.user_agent,
        ip_address: request.remote_ip,
        current_user_id: Current.user&.id,
@@ -54,4 +54,4 @@ module Api
      head :bad_request
    end
  end
-end
+end