Configuring Rails Applications — Ruby on Rails Guides (original) (raw)

1. Locations for Initialization Code

Rails offers four standard spots to place initialization code:

2. Running Code Before Rails

In the rare event that your application needs to run some code before Rails itself is loaded, put it above the call to require "rails/all" in config/application.rb.

3. Configuring Rails Components

In general, the work of configuring Rails means configuring the components of Rails, as well as configuring Rails itself. The configuration file config/application.rb and environment-specific configuration files (such as config/environments/production.rb) allow you to specify the various settings that you want to pass down to all of the components.

For example, you could add this setting to config/application.rb file:

config.time_zone = "Central Time (US & Canada)"

This is a setting for Rails itself. If you want to pass settings to individual Rails components, you can do so via the same config object in config/application.rb:

config.active_record.schema_format = :ruby

Rails will use that particular setting to configure Active Record.

Use the public configuration methods over calling directly to the associated class. e.g. Rails.application.config.action_mailer.options instead of ActionMailer::Base.options.

If you need to apply configuration directly to a class, use a lazy load hook in an initializer to avoid autoloading the class before initialization has completed. This will break because autoloading during initialization cannot be safely repeated when the app reloads.

3.1. Versioned Default Values

config.load_defaults loads default configuration values for a target version and all versions prior. For example, config.load_defaults 6.1 will load defaults for all versions up to and including version 6.1.

Below are the default values associated with each target version. In cases of conflicting values, newer versions take precedence over older versions.

3.1.1. Default Values for Target Version 8.1

3.1.2. Default Values for Target Version 8.0

3.1.3. Default Values for Target Version 7.2

3.1.4. Default Values for Target Version 7.1

3.1.5. Default Values for Target Version 7.0

3.1.6. Default Values for Target Version 6.1

3.1.7. Default Values for Target Version 6.0

3.1.8. Default Values for Target Version 5.2

3.1.9. Default Values for Target Version 5.1

3.1.10. Default Values for Target Version 5.0

3.2. Rails General Configuration

The following configuration methods are to be called on a Rails::Railtie object, such as a subclass of Rails::Engine or Rails::Application.

3.2.1. config.add_autoload_paths_to_load_path

Says whether autoload paths have to be added to $LOAD_PATH. It is recommended to be set to false in :zeitwerk mode early, in config/application.rb. Zeitwerk uses absolute paths internally, and applications running in :zeitwerk mode do not need require_dependency, so models, controllers, jobs, etc. do not need to be in $LOAD_PATH. Setting this to false saves Ruby from checking these directories when resolving require calls with relative paths, and saves Bootsnap work and RAM, since it does not need to build an index for them.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) true
7.1 false

The lib directory is not affected by this flag, it is added to $LOAD_PATH always.

3.2.2. config.after_initialize

Takes a block which will be run after Rails has finished initializing the application. That includes the initialization of the framework itself, engines, and all the application's initializers in config/initializers. Note that this block will be run for rake tasks. Useful for configuring values set up by other initializers:

config.after_initialize do
  ActionView::Base.sanitized_allowed_tags.delete "div"
end

3.2.3. config.after_routes_loaded

Takes a block which will be run after Rails has finished loading the application routes. This block will also be run whenever routes are reloaded.

config.after_routes_loaded do
  # Code that does something with Rails.application.routes
end

3.2.4. config.allow_concurrency

Controls whether requests should be handled concurrently. This should only be set to false if application code is not thread safe. Defaults to true.

3.2.5. config.asset_host

Sets the host for the assets. Useful when CDNs are used for hosting assets, or when you want to work around the concurrency constraints built-in in browsers using different domain aliases. Shorter version of config.action_controller.asset_host.

3.2.6. config.assume_ssl

Makes application believe that all requests are arriving over SSL. This is useful when proxying through a load balancer that terminates SSL, the forwarded request will appear as though it's HTTP instead of HTTPS to the application. This makes redirects and cookie security target HTTP instead of HTTPS. This middleware makes the server assume that the proxy already terminated SSL, and that the request really is HTTPS.

3.2.7. config.autoflush_log

Enables writing log file output immediately instead of buffering. Defaults totrue.

3.2.8. config.autoload_lib(ignore:)

This method adds lib to config.autoload_paths and config.eager_load_paths.

Normally, the lib directory has subdirectories that should not be autoloaded or eager loaded. Please, pass their name relative to lib in the required ignore keyword argument. For example,

config.autoload_lib(ignore: %w(assets tasks generators))

Please, see more details in the autoloading guide.

3.2.9. config.autoload_lib_once(ignore:)

The method config.autoload_lib_once is similar to config.autoload_lib, except that it adds lib to config.autoload_once_paths instead.

By calling config.autoload_lib_once, classes and modules in lib can be autoloaded, even from application initializers, but won't be reloaded.

3.2.10. config.autoload_once_paths

Accepts an array of paths from which Rails will autoload constants that won't be wiped per request. Relevant if reloading is enabled, which it is by default in the development environment. Otherwise, all autoloading happens only once. All elements of this array must also be in autoload_paths. Default is an empty array.

3.2.11. config.autoload_paths

Accepts an array of paths from which Rails will autoload constants. Default is an empty array. Since Rails 6, it is not recommended to adjust this. See Autoloading and Reloading Constants.

3.2.12. config.beginning_of_week

Sets the default beginning of week for the application. Accepts a valid day of week as a symbol (e.g. :monday).

3.2.13. config.cache_classes

Old setting equivalent to !config.enable_reloading. Supported for backwards compatibility.

3.2.14. config.cache_store

Configures which cache store to use for Rails caching. Options include one of the symbols :memory_store, :file_store, :mem_cache_store, :null_store, :redis_cache_store, or an object that implements the cache API. Defaults to :file_store. See Cache Stores for per-store configuration options.

3.2.15. config.colorize_logging

Specifies whether or not to use ANSI color codes when logging information. Defaults to true.

3.2.16. config.consider_all_requests_local

Is a flag. If true then any error will cause detailed debugging information to be dumped in the HTTP response, and the Rails::Info controller will show the application runtime context in /rails/info/properties. true by default in the development and test environments, and false in production. For finer-grained control, set this to false and implement show_detailed_exceptions? in controllers to specify which requests should provide debugging information on errors.

3.2.17. config.console

Allows you to set the class that will be used as console when you run bin/rails console. It's best to run it in the console block:

console do
  # this block is called only when running console,
  # so we can safely require pry here
  require "pry"
  config.console = Pry
end

3.2.18. config.content_security_policy_nonce_auto

See Adding a Nonce in the Security Guide

3.2.19. config.content_security_policy_nonce_directives

See Adding a Nonce in the Security Guide

3.2.20. config.content_security_policy_nonce_generator

See Adding a Nonce in the Security Guide

3.2.21. config.content_security_policy_report_only

See Reporting Violations in the Security Guide

3.2.22. config.credentials.content_path

The path of the encrypted credentials file.

Defaults to config/credentials/#{Rails.env}.yml.enc if it exists, orconfig/credentials.yml.enc otherwise.

In order for the bin/rails credentials commands to recognize this value, it must be set in config/application.rb or config/environments/#{Rails.env}.rb.

3.2.23. config.credentials.key_path

The path of the encrypted credentials key file.

Defaults to config/credentials/#{Rails.env}.key if it exists, orconfig/master.key otherwise.

In order for the bin/rails credentials commands to recognize this value, it must be set in config/application.rb or config/environments/#{Rails.env}.rb.

3.2.24. config.debug_exception_response_format

Sets the format used in responses when errors occur in the development environment. Defaults to :api for API only apps and :default for normal apps.

3.2.25. config.disable_sandbox

Controls whether or not someone can start a console in sandbox mode. This is helpful to avoid a long running session of sandbox console, that could lead a database server to run out of memory. Defaults to false.

3.2.26. config.dom_testing_default_html_version

Controls whether an HTML4 parser or an HTML5 parser is used by default by the test helpers in Action View, Action Dispatch, and rails-dom-testing.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) :html4
7.1 :html5 (see NOTE)

Nokogiri's HTML5 parser is not supported on JRuby, so on JRuby platforms Rails will fall back to :html4.

3.2.27. config.eager_load

When true, eager loads all registered config.eager_load_namespaces. This includes your application, engines, Rails frameworks, and any other registered namespace.

3.2.28. config.eager_load_namespaces

Registers namespaces that are eager loaded when config.eager_load is set to true. All namespaces in the list must respond to the eager_load! method.

3.2.29. config.eager_load_paths

Accepts an array of paths from which Rails will eager load on boot if config.eager_load is true. Defaults to every folder in the app directory of the application.

3.2.30. config.enable_reloading

If config.enable_reloading is true, application classes and modules are reloaded in between web requests if they change. Defaults to true in the development environment, and false in the production environment.

The predicate config.reloading_enabled? is also defined.

3.2.31. config.encoding

Sets up the application-wide encoding. Defaults to UTF-8.

3.2.32. config.exceptions_app

Sets the exceptions application invoked by the ShowException middleware when an exception happens. Defaults to ActionDispatch::PublicExceptions.new(Rails.public_path).

3.2.33. config.file_watcher

Is the class used to detect file updates in the file system when config.reload_classes_only_on_change is true. Rails ships with ActiveSupport::FileUpdateChecker, the default, and ActiveSupport::EventedFileUpdateChecker. Custom classes must conform to the ActiveSupport::FileUpdateChecker API.

Using ActiveSupport::EventedFileUpdateChecker depends on the listen gem:

group :development do
  gem "listen", "~> 3.5"
end

On Linux and macOS no additional gems are needed, but some are requiredfor *BSD andfor Windows.

Note that some setups are unsupported.

3.2.34. config.filter_parameters

Used for filtering out the parameters that you don't want shown in the logs, such as passwords or credit card numbers. It also filters out sensitive values of database columns when calling #inspect on an Active Record object. By default, Rails filters out passwords by adding the following filters inconfig/initializers/filter_parameter_logging.rb.

Rails.application.config.filter_parameters += [
  :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn, :cvv, :cvc
]

Parameters filter works by partial matching regular expression.

3.2.35. config.filter_redirect

Used for filtering out redirect urls from application logs.

Rails.application.config.filter_redirect += ["s3.amazonaws.com", /private-match/]

The redirect filter works by testing that urls include strings or match regular expressions.

3.2.36. config.force_ssl

Forces all requests to be served over HTTPS, and sets "https://" as the default protocol when generating URLs. Enforcement of HTTPS is handled by the ActionDispatch::SSL middleware, which can be configured via config.ssl_options.

3.2.37. config.helpers_paths

Defines an array of additional paths to load view helpers.

Accepts a hash of options to configure the HostAuthorization middleware

3.2.39. config.hosts

An array of strings, regular expressions, or IPAddr used to validate theHost header. Used by the HostAuthorization middleware to help prevent DNS rebinding attacks.

3.2.40. config.javascript_path

Sets the path where your app's JavaScript lives relative to the app directory and the default value is javascript. An app's configured javascript_path will be excluded from autoload_paths.

3.2.41. config.log_file_size

Defines the maximum size of the Rails log file in bytes. Defaults to 104_857_600 (100 MiB) in development and test, and unlimited in all other environments.

3.2.42. config.log_formatter

Defines the formatter of the Rails logger. This option defaults to an instance of ActiveSupport::Logger::SimpleFormatter for all environments. If you are setting a value for config.logger you must manually pass the value of your formatter to your logger before it is wrapped in an ActiveSupport::TaggedLogging instance, Rails will not do it for you.

3.2.43. config.log_level

Defines the verbosity of the Rails logger. This option defaults to :debug for all environments except production, where it defaults to :info. The available log levels are: :debug, :info, :warn, :error, :fatal, and :unknown.

3.2.44. config.log_tags

Accepts a list of methods that the request object responds to, a Proc that accepts the request object, or something that responds to to_s. This makes it easy to tag log lines with debug information like subdomain and request id - both very helpful in debugging multi-user production applications.

3.2.45. config.logger

Is the logger that will be used for Rails.logger and any related Rails logging such as ActiveRecord::Base.logger. It defaults to an instance of ActiveSupport::TaggedLogging that wraps an instance of ActiveSupport::Logger which outputs a log to the log/ directory. You can supply a custom logger, to get full compatibility you must follow these guidelines:

class MyLogger < ::Logger
  include ActiveSupport::LoggerSilence
end

mylogger           = MyLogger.new(STDOUT)
mylogger.formatter = config.log_formatter
config.logger      = ActiveSupport::TaggedLogging.new(mylogger)

3.2.46. config.middleware

Allows you to configure the application's middleware. This is covered in depth in the Configuring Middleware section below.

3.2.47. config.precompile_filter_parameters

When true, will precompile config.filter_parametersusing ActiveSupport::ParameterFilter.precompile_filters.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
7.1 true

3.2.48. config.public_file_server.enabled

Configures whether Rails should serve static files from the public directory. Defaults to true.

If the server software (e.g. NGINX or Apache) should serve static files instead, set this value to false.

3.2.49. config.railties_order

Allows manually specifying the order that Railties/Engines are loaded. The default value is [:all].

config.railties_order = [Blog::Engine, :main_app, :all]

3.2.50. config.rake_eager_load

When true, eager load the application when running Rake tasks. Defaults to false.

3.2.51. config.relative_url_root

Can be used to tell Rails that you are deploying to a subdirectory. The default is ENV['RAILS_RELATIVE_URL_ROOT'].

3.2.52. config.reload_classes_only_on_change

Enables or disables reloading of classes only when tracked files change. By default tracks everything on autoload paths and is set to true. If config.enable_reloading is false, this option is ignored.

3.2.53. config.require_master_key

Causes the app to not boot if a master key hasn't been made available through ENV["RAILS_MASTER_KEY"] or the config/master.key file.

3.2.54. config.sandbox_by_default

When true, rails console starts in sandbox mode. To start rails console in non-sandbox mode, --no-sandbox must be specified. This is helpful to avoid accidental writing to the production database. Defaults to false.

3.2.55. config.secret_key_base

The fallback for specifying the input secret for an application's key generator. It is recommended to leave this unset, and instead to specify a secret_key_basein config/credentials.yml.enc. See the secret_key_base API documentationfor more information and alternative configuration methods.

3.2.56. config.server_timing

When true, adds the ServerTiming middlewareto the middleware stack. Defaults to false, but is set to true in the default generated config/environments/development.rb file.

3.2.57. config.session_options

Additional options passed to config.session_store. You should useconfig.session_store to set this instead of modifying it yourself.

config.session_store :cookie_store, key: "_your_app_session"
config.session_options # => {key: "_your_app_session"}

3.2.58. config.session_store

Specifies what class to use to store the session. Possible values are :cache_store, :cookie_store, :mem_cache_store, a custom store, or :disabled. :disabled tells Rails not to deal with sessions.

This setting is configured via a regular method call, rather than a setter. This allows additional options to be passed:

config.session_store :cookie_store, key: "_your_app_session"

If a custom store is specified as a symbol, it will be resolved to the ActionDispatch::Session namespace:

# use ActionDispatch::Session::MyCustomStore as the session store
config.session_store :my_custom_store

The default store is a cookie store with the application name as the session key.

3.2.59. config.silence_healthcheck_path

Specifies the path of the health check that should be silenced in the logs. Uses Rails::Rack::SilenceRequest to implement the silencing. All in service of keeping health checks from clogging the production logs, especially for early-stage applications.

config.silence_healthcheck_path = "/up"

3.2.60. config.ssl_options

Configuration options for the ActionDispatch::SSL middleware.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) {}
5.0 { hsts: { subdomains: true } }

3.2.61. config.time_zone

Sets the default time zone for the application and enables time zone awareness for Active Record.

3.2.62. config.x

Used to easily add nested custom configuration to the application config object

  config.x.payment_processing.schedule = :daily
  Rails.configuration.x.payment_processing.schedule # => :daily

See Custom Configuration

3.2.63. config.yjit

Enables YJIT as of Ruby 3.3, to bring sizeable performance improvements. If you are deploying to a memory constrained environment you may want to set this to false. Additionally, you can pass a hash to configure YJIT options such as { stats: true }.

Starting with version The default value is
(original) false
7.2 true
8.1 !Rails.env.local?

3.3. Configuring Assets

3.3.1. config.assets.css_compressor

Defines the CSS compressor to use. It is set by default by sass-rails. The unique alternative value at the moment is :yui, which uses the yui-compressor gem.

3.3.2. config.assets.js_compressor

Defines the JavaScript compressor to use. Possible values are :terser, :closure, :uglifier, and :yui, which require the use of the terser, closure-compiler, uglifier, or yui-compressor gems respectively.

3.3.3. config.assets.gzip

A flag that enables the creation of gzipped version of compiled assets, along with non-gzipped assets. Set to true by default.

3.3.4. config.assets.paths

Contains the paths which are used to look for assets. Appending paths to this configuration option will cause those paths to be used in the search for assets.

3.3.5. config.assets.precompile

Allows you to specify additional assets (other than application.css and application.js) which are to be precompiled when bin/rails assets:precompile is run.

3.3.6. config.assets.unknown_asset_fallback

Allows you to modify the behavior of the asset pipeline when an asset is not in the pipeline, if you use sprockets-rails 3.2.0 or newer.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) true
5.1 false

3.3.7. config.assets.prefix

Defines the prefix where assets are served from. Defaults to /assets.

3.3.8. config.assets.manifest

Defines the full path to be used for the asset precompiler's manifest file. Defaults to a file named manifest-<random>.json in the config.assets.prefix directory within the public folder.

3.3.9. config.assets.digest

Enables the use of SHA256 fingerprints in asset names. Set to true by default.

3.3.10. config.assets.debug

Disables the concatenation and compression of assets.

3.3.11. config.assets.version

Is an option string that is used in SHA256 hash generation. This can be changed to force all files to be recompiled.

3.3.12. config.assets.compile

Is a boolean that can be used to turn on live Sprockets compilation in production.

3.3.13. config.assets.logger

Accepts a logger conforming to the interface of Log4r or the default Ruby Logger class. Defaults to the same configured at config.logger. Setting config.assets.logger to false will turn off served assets logging.

3.3.14. config.assets.quiet

Disables logging of assets requests. Set to true by default in config/environments/development.rb.

3.4. Configuring Generators

Rails allows you to alter what generators are used with the config.generators method. This method takes a block:

config.generators do |g|
  g.orm :active_record
  g.test_framework :test_unit
end

The full set of methods that can be used in this block are as follows:

3.5. Configuring Middleware

Every Rails application comes with a standard set of middleware which it uses in this order in the development environment:

3.5.1. ActionDispatch::HostAuthorization

Prevents against DNS rebinding and other Host header attacks. It is included in the development environment by default with the following configuration:

Rails.application.config.hosts = [
  IPAddr.new("0.0.0.0/0"),        # All IPv4 addresses.
  IPAddr.new("::/0"),             # All IPv6 addresses.
  "localhost",                    # The localhost reserved domain.
  ENV["RAILS_DEVELOPMENT_HOSTS"]  # Additional comma-separated hosts for development.
]

In other environments Rails.application.config.hosts is empty and noHost header checks will be done. If you want to guard against header attacks on production, you have to manually permit the allowed hosts with:

Rails.application.config.hosts << "product.com"

The host of a request is checked against the hosts entries with the case operator (#===), which lets hosts support entries of type Regexp,Proc and IPAddr to name a few. Here is an example with a regexp.

# Allow requests from subdomains like `www.product.com` and
# `beta1.product.com`.
Rails.application.config.hosts << /.*\.product\.com/

The provided regexp will be wrapped with both anchors (\A and \z) so it must match the entire hostname. /product.com/, for example, once anchored, would fail to match www.product.com.

A special case is supported that allows you to permit all sub-domains:

# Allow requests from subdomains like `www.product.com` and
# `beta1.product.com`.
Rails.application.config.hosts << ".product.com"

You can exclude certain requests from Host Authorization checks by settingconfig.host_authorization.exclude:

# Exclude requests for the /healthcheck/ path from host checking
Rails.application.config.host_authorization = {
  exclude: ->(request) { request.path.include?("healthcheck") }
}

When a request comes to an unauthorized host, a default Rack application will run and respond with 403 Forbidden. This can be customized by settingconfig.host_authorization.response_app. For example:

Rails.application.config.host_authorization = {
  response_app: -> env do
    [400, { "Content-Type" => "text/plain" }, ["Bad Request"]]
  end
}

3.5.2. ActionDispatch::ServerTiming

Adds the Server-Timing header to the response, which includes performance metrics from the server. This data can be viewed by inspecting the response in the Network panel of the browser's Developer Tools. Most browsers provide a Timing tab that visualizes the data.

3.5.3. ActionDispatch::SSL

Forces every request to be served using HTTPS. Enabled if config.force_ssl is set to true. Options passed to this can be configured by setting config.ssl_options.

3.5.4. ActionDispatch::Static

Is used to serve static assets. Disabled if config.public_file_server.enabled is false. Set config.public_file_server.index_name if you need to serve a static directory index file that is not named index. For example, to serve main.html instead of index.html for directory requests, set config.public_file_server.index_name to "main".

3.5.5. ActionDispatch::Executor

Allows thread safe code reloading. Disabled if config.allow_concurrency is false, which causes Rack::Lock to be loaded. Rack::Lock wraps the app in mutex so it can only be called by a single thread at a time.

3.5.6. ActiveSupport::Cache::Strategy::LocalCache

Serves as a basic memory backed cache. This cache is not thread safe and is intended only for serving as a temporary memory cache for a single thread.

3.5.7. Rack::Runtime

Sets an X-Runtime header, containing the time (in seconds) taken to execute the request.

3.5.8. Rails::Rack::Logger

Notifies the logs that the request has begun. After request is complete, flushes all the logs.

3.5.9. ActionDispatch::ShowExceptions

Rescues any exception returned by the application and renders nice exception pages if the request is local or if config.consider_all_requests_local is set to true. If config.action_dispatch.show_exceptions is set to :none, exceptions will be raised regardless.

3.5.10. ActionDispatch::RequestId

Makes a unique X-Request-Id header available to the response and enables the ActionDispatch::Request#uuid method. Configurable with config.action_dispatch.request_id_header.

3.5.11. ActionDispatch::RemoteIp

Checks for IP spoofing attacks and gets valid client_ip from request headers. Configurable with the config.action_dispatch.ip_spoofing_check, and config.action_dispatch.trusted_proxies options.

3.5.12. Rack::Sendfile

Intercepts responses whose body is being served from a file and replaces it with a server specific X-Sendfile header. Configurable with config.action_dispatch.x_sendfile_header.

3.5.13. ActionDispatch::Callbacks

Runs the prepare callbacks before serving the request.

3.5.14. ActionDispatch::Cookies

Sets cookies for the request.

3.5.15. ActionDispatch::Session::CookieStore

Is responsible for storing the session in cookies. An alternate middleware can be used for this by changing config.session_store.

3.5.16. ActionDispatch::Flash

Sets up the flash keys. Only available if config.session_store is set to a value.

3.5.17. Rack::MethodOverride

Allows the method to be overridden if params[:_method] is set. This is the middleware which supports the PATCH, PUT, and DELETE HTTP method types.

3.5.18. Rack::Head

Returns an empty body for all HEAD requests. It leaves all other requests unchanged.

3.5.19. Adding Custom Middleware

Besides these usual middleware, you can add your own by using the config.middleware.use method:

config.middleware.use Magical::Unicorns

This will put the Magical::Unicorns middleware on the end of the stack. You can use insert_before if you wish to add a middleware before another.

config.middleware.insert_before Rack::Head, Magical::Unicorns

Or you can insert a middleware to exact position by using indexes. For example, if you want to insert Magical::Unicorns middleware on top of the stack, you can do it, like so:

config.middleware.insert_before 0, Magical::Unicorns

There's also insert_after which will insert a middleware after another:

config.middleware.insert_after Rack::Head, Magical::Unicorns

Middlewares can also be completely swapped out and replaced with others:

config.middleware.swap ActionController::Failsafe, Lifo::Failsafe

Middlewares can be moved from one place to another:

config.middleware.move_before ActionDispatch::Flash, Magical::Unicorns

This will move the Magical::Unicorns middleware beforeActionDispatch::Flash. You can also move it after:

config.middleware.move_after ActionDispatch::Flash, Magical::Unicorns

They can also be removed from the stack completely:

config.middleware.delete Rack::MethodOverride

3.6. Configuring i18n

All these configuration options are delegated to the I18n library.

3.6.1. config.i18n.available_locales

Defines the permitted available locales for the app. Defaults to all locale keys found in locale files, usually only :en on a new application.

3.6.2. config.i18n.default_locale

Sets the default locale of an application used for i18n. Defaults to :en.

3.6.3. config.i18n.enforce_available_locales

Ensures that all locales passed through i18n must be declared in the available_locales list, raising an I18n::InvalidLocale exception when setting an unavailable locale. Defaults to true. It is recommended not to disable this option unless strongly required, since this works as a security measure against setting any invalid locale from user input.

3.6.4. config.i18n.load_path

Sets the path Rails uses to look for locale files. Defaults to config/locales/**/*.{yml,rb}.

3.6.5. config.i18n.raise_on_missing_translations

Determines whether an error should be raised for missing translations. If true, views and controllers raise I18n::MissingTranslationData. If :strict, models also raise the error. This defaults to false.

3.6.6. config.i18n.fallbacks

Sets fallback behavior for missing translations. Here are 3 usage examples for this option:

config.i18n.fallbacks = true  
config.i18n.fallbacks = [:tr, :en]  
config.i18n.fallbacks = { az: :tr, da: [:de, :en] }  
#or  
config.i18n.fallbacks.map = { az: :tr, da: [:de, :en] }

3.7. Configuring Active Model

3.7.1. config.active_model.i18n_customize_full_message

Controls whether the Error#full_message format can be overridden in an i18n locale file. Defaults to false.

When set to true, full_message will look for a format at the attribute and model level of the locale files. The default format is "%{attribute} %{message}", where attribute is the name of the attribute, and message is the validation-specific message. The following example overrides the format for all Person attributes, as well as the format for a specific Person attribute (age).

class Person
  include ActiveModel::Validations

  attr_accessor :name, :age

  validates :name, :age, presence: true
end

en:
  activemodel: # or activerecord:
    errors:
      models:
        person:
          # Override the format for all Person attributes:
          format: "Invalid %{attribute} (%{message})"
          attributes:
            age:
              # Override the format for the age attribute:
              format: "%{message}"
              blank: "Please fill in your %{attribute}"

irb> person = Person.new.tap(&:valid?)

irb> person.errors.full_messages
=> [
  "Invalid Name (can't be blank)",
  "Please fill in your Age"
]

irb> person.errors.messages
=> {
  :name => ["can't be blank"],
  :age  => ["Please fill in your Age"]
}

3.8. Configuring Active Record

config.active_record includes a variety of configuration options:

3.8.1. config.active_record.logger

Accepts a logger conforming to the interface of Log4r or the default Ruby Logger class, which is then passed on to any new database connections made. You can retrieve this logger by calling logger on either an Active Record model class or an Active Record model instance. Set to nil to disable logging.

3.8.2. config.active_record.primary_key_prefix_type

Lets you adjust the naming for primary key columns. By default, Rails assumes that primary key columns are named id (and this configuration option doesn't need to be set). There are two other choices:

3.8.3. config.active_record.table_name_prefix

Lets you set a global string to be prepended to table names. If you set this to northwest_, then the Customer class will look for northwest_customers as its table. The default is an empty string.

3.8.4. config.active_record.table_name_suffix

Lets you set a global string to be appended to table names. If you set this to _northwest, then the Customer class will look for customers_northwest as its table. The default is an empty string.

3.8.5. config.active_record.schema_migrations_table_name

Lets you set a string to be used as the name of the schema migrations table.

3.8.6. config.active_record.internal_metadata_table_name

Lets you set a string to be used as the name of the internal metadata table.

3.8.7. config.active_record.protected_environments

Lets you set an array of names of environments where destructive actions should be prohibited.

3.8.8. config.active_record.pluralize_table_names

Specifies whether Rails will look for singular or plural table names in the database. If set to true (the default), then the Customer class will use the customers table. If set to false, then the Customer class will use the customer table.

Some Rails generators and installers (notably active_storage:installand action_text:install) create tables with plural names regardless of this setting. If you set pluralize_table_names to false, you will need to manually rename those tables after installation to maintain consistency. This limitation exists because these installers use fixed table names in their migrations for compatibility reasons.

3.8.9. config.active_record.default_timezone

Determines whether to use Time.local (if set to :local) or Time.utc (if set to :utc) when pulling dates and times from the database. The default is :utc.

3.8.10. config.active_record.schema_format

Controls the format for dumping the database schema to a file. The options are :ruby (the default) for a database-independent version that depends on migrations, or :sql for a set of (potentially database-dependent) SQL statements. This can be overridden per-database by setting schema_format in your database configuration.

3.8.11. config.active_record.error_on_ignored_order

Specifies if an error should be raised if the order of a query is ignored during a batch query. The options are true (raise error) or false (warn). Default is false.

3.8.12. config.active_record.timestamped_migrations

Controls whether migrations are numbered with serial integers or with timestamps. The default is true, to use timestamps, which are preferred if there are multiple developers working on the same application.

3.8.13. config.active_record.automatically_invert_plural_associations

Controls whether Active Record will automatically look for inverse relations with a pluralized name.

Example:

class Post < ApplicationRecord
  has_many :comments
end

class Comment < ApplicationRecord
  belongs_to :post
end

In the above case Active Record used to only look for a :comment (singular) association in Post, and won't find it.

With this option enabled, it will also look for a :comments association. In the vast majority of cases having the inverse association discovered is beneficial as it can prevent some useless queries, but it may cause backward compatibility issues with legacy code that doesn't expect it.

This behavior can be disabled on a per-model basis:

class Comment < ApplicationRecord
  self.automatically_invert_plural_associations = false

  belongs_to :post
end

And on a per-association basis:

class Comment < ApplicationRecord
  self.automatically_invert_plural_associations = true

  belongs_to :post, inverse_of: nil
end
Starting with version The default value is
(original) false

3.8.14. config.active_record.validate_migration_timestamps

Controls whether to validate migration timestamps. When set, an error will be raised if the timestamp prefix for a migration is more than a day ahead of the timestamp associated with the current time. This is done to prevent forward-dating of migration files, which can impact migration generation and other migration commands. config.active_record.timestamped_migrations must be set to true.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
7.2 true

3.8.15. config.active_record.db_warnings_action

Controls the action to be taken when an SQL query produces a warning. The following options are available:

config.active_record.db_warnings_action = ->(warning) do  
  # Report to custom exception reporting service  
  Bugsnag.notify(warning.message) do |notification|  
    notification.add_metadata(:warning_code, warning.code)  
    notification.add_metadata(:warning_level, warning.level)  
  end  
end

3.8.16. config.active_record.db_warnings_ignore

Specifies an allowlist of warning codes and messages that will be ignored, regardless of the configured db_warnings_action. The default behavior is to report all warnings. Warnings to ignore can be specified as Strings or Regexps. For example:

  config.active_record.db_warnings_action = :raise
  # The following warnings will not be raised
  config.active_record.db_warnings_ignore = [
    /Invalid utf8mb4 character string/,
    "An exact warning message",
    "1062", # MySQL Error 1062: Duplicate entry
  ]

3.8.17. config.active_record.migration_strategy

Controls the strategy class used to perform schema statement methods in a migration. The default class delegates to the connection adapter. Custom strategies should inherit from ActiveRecord::Migration::ExecutionStrategy, or may inherit from DefaultStrategy, which will preserve the default behaviour for methods that aren't implemented:

class CustomMigrationStrategy < ActiveRecord::Migration::DefaultStrategy
  def drop_table(*)
    raise "Dropping tables is not supported!"
  end
end

config.active_record.migration_strategy = CustomMigrationStrategy

3.8.18. config.active_record.schema_versions_formatter

Controls the formatter class used by schema dumper to format versions information. Custom class can be provided to change the default behavior:

class CustomSchemaVersionsFormatter
  def initialize(connection)
    @connection = connection
  end

  def format(versions)
    # Special sorting of versions to reduce the likelihood of conflicts.
    sorted_versions = versions.sort { |a, b| b.to_s.reverse <=> a.to_s.reverse }

    sql = +"INSERT INTO schema_migrations (version) VALUES\n"
    sql << sorted_versions.map { |v| "(#{@connection.quote(v)})" }.join(",\n")
    sql << ";"
    sql
  end
end

config.active_record.schema_versions_formatter = CustomSchemaVersionsFormatter

3.8.19. config.active_record.lock_optimistically

Controls whether Active Record will use optimistic locking and is true by default.

3.8.20. config.active_record.cache_timestamp_format

Controls the format of the timestamp value in the cache key. Default is :usec.

3.8.21. config.active_record.record_timestamps

Is a boolean value which controls whether or not timestamping of create and update operations on a model occur. The default value is true.

3.8.22. config.active_record.partial_inserts

Is a boolean value and controls whether or not partial writes are used when creating new records (i.e. whether inserts only set attributes that are different from the default).

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) true
7.0 false

3.8.23. config.active_record.partial_updates

Is a boolean value and controls whether or not partial writes are used when updating existing records (i.e. whether updates only set attributes that are dirty). Note that when using partial updates, you should also use optimistic locking config.active_record.lock_optimistically since concurrent updates may write attributes based on a possibly stale read state. The default value is true.

3.8.24. config.active_record.maintain_test_schema

Is a boolean value which controls whether Active Record should try to keep your test database schema up-to-date with db/schema.rb (or db/structure.sql) when you run your tests. The default is true.

3.8.25. config.active_record.dump_schema_after_migration

Is a flag which controls whether or not schema dump should happen (db/schema.rb or db/structure.sql) when you run migrations. This is set tofalse in config/environments/production.rb which is generated by Rails. The default value is true if this configuration is not set.

3.8.26. config.active_record.dump_schemas

Controls which database schemas will be dumped when calling db:schema:dump. The options are :schema_search_path (the default) which dumps any schemas listed in schema_search_path,:all which always dumps all schemas regardless of the schema_search_path, or a string of comma separated schemas.

3.8.27. config.active_record.before_committed_on_all_records

Enable before_committed! callbacks on all enrolled records in a transaction. The previous behavior was to only run the callbacks on the first copy of a record if there were multiple copies of the same record enrolled in the transaction.

Starting with version The default value is
(original) false
7.1 true

3.8.28. config.active_record.belongs_to_required_by_default

Is a boolean value and controls whether a record fails validation ifbelongs_to association is not present.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) nil
5.0 true

3.8.29. config.active_record.belongs_to_required_validates_foreign_key

Enable validating only parent-related columns for presence when the parent is mandatory. The previous behavior was to validate the presence of the parent record, which performed an extra query to get the parent every time the child record was updated, even when parent has not changed.

Starting with version The default value is
(original) true
7.1 false

3.8.30. config.active_record.marshalling_format_version

When set to 7.1, enables a more efficient serialization of Active Record instance with Marshal.dump.

This changes the serialization format, so models serialized this way cannot be read by older (< 7.1) versions of Rails. However, messages that use the old format can still be read, regardless of whether this optimization is enabled.

Starting with version The default value is
(original) 6.1
7.1 7.1

3.8.31. config.active_record.action_on_strict_loading_violation

Enables raising or logging an exception if strict_loading is set on an association. The default value is :raise in all environments. It can be changed to :log to send violations to the logger instead of raising.

3.8.32. config.active_record.strict_loading_by_default

Is a boolean value that either enables or disables strict_loading mode by default. Defaults to false.

3.8.33. config.active_record.strict_loading_mode

Sets the mode in which strict loading is reported. Defaults to :all. It can be changed to :n_plus_one_only to only report when loading associations that will lead to an N + 1 query.

3.8.34. config.active_record.index_nested_attribute_errors

Allows errors for nested has_many relationships to be displayed with an index as well as the error. Defaults to false.

3.8.35. config.active_record.use_schema_cache_dump

Enables users to get schema cache information from db/schema_cache.yml(generated by bin/rails db:schema:cache:dump), instead of having to send a query to the database to get this information. Defaults to true.

3.8.36. config.active_record.cache_versioning

Indicates whether to use a stable #cache_key method that is accompanied by a changing version in the #cache_version method.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
5.2 true

3.8.37. config.active_record.collection_cache_versioning

Enables the same cache key to be reused when the object being cached of typeActiveRecord::Relation changes by moving the volatile information (max updated at and count) of the relation's cache key into the cache version to support recycling cache key.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
6.0 true

3.8.38. config.active_record.has_many_inversing

Enables setting the inverse record when traversing belongs_to to has_manyassociations.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
6.1 true

3.8.39. config.active_record.automatic_scope_inversing

Enables automatically inferring the inverse_of for associations with a scope.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
7.0 true

3.8.40. config.active_record.destroy_association_async_job

Allows specifying the job that will be used to destroy the associated records in background. It defaults to ActiveRecord::DestroyAssociationAsyncJob.

3.8.41. config.active_record.destroy_association_async_batch_size

Allows specifying the maximum number of records that will be destroyed in a background job by the dependent: :destroy_async association option. All else equal, a lower batch size will enqueue more, shorter-running background jobs, while a higher batch size will enqueue fewer, longer-running background jobs. This option defaults to nil, which will cause all dependent records for a given association to be destroyed in the same background job.

3.8.42. config.active_record.queues.destroy

Allows specifying the Active Job queue to use for destroy jobs. When this option is nil, purge jobs are sent to the default Active Job queue (seeconfig.active_job.default_queue_name). It defaults to nil.

3.8.43. config.active_record.enumerate_columns_in_select_statements

When true, will always include column names in SELECT statements, and avoid wildcard SELECT * FROM ... queries. This avoids prepared statement cache errors when adding columns to a PostgreSQL database for example. Defaults to false.

3.8.44. config.active_record.verify_foreign_keys_for_fixtures

Ensures all foreign key constraints are valid after fixtures are loaded in tests. Supported by PostgreSQL and SQLite only.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
7.0 true

3.8.45. config.active_record.raise_on_assign_to_attr_readonly

Enable raising on assignment to attr_readonly attributes. The previous behavior would allow assignment but silently not persist changes to the database.

Starting with version The default value is
(original) false
7.1 true

3.8.46. config.active_record.run_commit_callbacks_on_first_saved_instances_in_transaction

When multiple Active Record instances change the same record within a transaction, Rails runs after_commit or after_rollback callbacks for only one of them. This option specifies how Rails chooses which instance receives the callbacks.

When true, transactional callbacks are run on the first instance to save, even though its instance state may be stale.

When false, transactional callbacks are run on the instances with the freshest instance state. Those instances are chosen as follows:

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) true
7.1 false

3.8.47. config.active_record.default_column_serializer

The serializer implementation to use if none is explicitly specified for a given column.

Historically serialize and store while allowing to use alternative serializer implementations, would use YAML by default, but it's not a very efficient format and can be the source of security vulnerabilities if not carefully employed.

As such it is recommended to prefer stricter, more limited formats for database serialization.

Unfortunately there isn't really any suitable defaults available in Ruby's standard library. JSON could work as a format, but the json gems will cast unsupported types to strings which may lead to bugs.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) YAML
7.1 nil

3.8.48. config.active_record.run_after_transaction_callbacks_in_order_defined

When true, after_commit callbacks are executed in the order they are defined in a model. When false, they are executed in reverse order.

All other callbacks are always executed in the order they are defined in a model (unless you use prepend: true).

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
7.1 true

3.8.49. config.active_record.query_log_tags_enabled

Specifies whether or not to enable adapter-level query comments. Defaults tofalse, but is set to true in the default generated config/environments/development.rb file.

When this is set to true database prepared statements will be automatically disabled.

3.8.50. config.active_record.query_log_tags

Define an Array specifying the key/value tags to be inserted in an SQL comment. Defaults to[ :application, :controller, :action, :job ]. The available tags are: :application, :controller,:namespaced_controller, :action, :job, and :source_location.

Calculating the :source_location of a query can be slow, so you should consider its impact if using it in a production environment.

3.8.51. config.active_record.query_log_tags_format

A Symbol specifying the formatter to use for tags. Valid values are :sqlcommenter and :legacy.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) :legacy
7.1 :sqlcommenter

3.8.52. config.active_record.cache_query_log_tags

Specifies whether or not to enable caching of query log tags. For applications that have a large number of queries, caching query log tags can provide a performance benefit when the context does not change during the lifetime of the request or job execution. Defaults to false.

Specifies whether or not to prepend query log tags comment to the query.

By default comments are appended at the end of the query. Certain databases, such as MySQL will truncate the query text. This is the case for slow query logs and the results of querying some InnoDB internal tables where the length of the query is more than 1024 bytes. In order to not lose the log tags comments from the queries, you can prepend the comments using this option.

Defaults to false.

3.8.54. config.active_record.schema_cache_ignored_tables

Define the list of table that should be ignored when generating the schema cache. It accepts an Array of strings, representing the table names, or regular expressions.

3.8.55. config.active_record.verbose_query_logs

Specifies if source locations of methods that call database queries should be logged below relevant queries. By default, the flag is true in development and false in all other environments.

3.8.56. config.active_record.sqlite3_adapter_strict_strings_by_default

Specifies whether the SQLite3Adapter should be used in a strict strings mode. The use of a strict strings mode disables double-quoted string literals.

SQLite has some quirks around double-quoted string literals. It first tries to consider double-quoted strings as identifier names, but if they don't exist it then considers them as string literals. Because of this, typos can silently go unnoticed. For example, it is possible to create an index for a non existing column. See SQLite documentation for more details.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
7.1 true

3.8.57. config.active_record.postgresql_adapter_decode_dates

Specifies whether the PostgresqlAdapter should decode date columns.

ActiveRecord::Base.connection
     .select_value("select '2024-01-01'::date").class #=> Date

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
7.2 true

3.8.58. config.active_record.async_query_executor

Specifies how asynchronous queries are pooled.

It defaults to nil, which means load_async is disabled and instead directly executes queries in the foreground. For queries to actually be performed asynchronously, it must be set to either :global_thread_pool or :multi_thread_pool.

:global_thread_pool will use a single pool for all databases the application connects to. This is the preferred configuration for applications with only a single database, or applications which only ever query one database shard at a time.

:multi_thread_pool will use one pool per database, and each pool size can be configured individually in database.yml through themax_threads and min_threads properties. This can be useful to applications regularly querying multiple databases at a time, and that need to more precisely define the max concurrency.

3.8.59. config.active_record.global_executor_concurrency

Used in conjunction with config.active_record.async_query_executor = :global_thread_pool, defines how many asynchronous queries can be executed concurrently.

Defaults to 4.

This number must be considered in accordance with the database connection pool size configured in database.yml. The connection pool should be large enough to accommodate both the foreground threads (ie. web server or job worker threads) and background threads.

For each process, Rails will create one global query executor that uses this many threads to process async queries. Thus, the pool size should be at least thread_count + global_executor_concurrency + 1. For example, if your web server has a maximum of 3 threads, and global_executor_concurrency is set to 4, then your pool size should be at least 8.

3.8.60. config.active_record.yaml_column_permitted_classes

Defaults to [Symbol]. Allows applications to include additional permitted classes to safe_load() on the ActiveRecord::Coders::YAMLColumn.

3.8.61. config.active_record.use_yaml_unsafe_load

Defaults to false. Allows applications to opt into using unsafe_load on the ActiveRecord::Coders::YAMLColumn.

3.8.62. config.active_record.raise_int_wider_than_64bit

Defaults to true. Determines whether to raise an exception or not when the PostgreSQL adapter is provided an integer that is wider than signed 64bit representation.

3.8.63. config.active_record.generate_secure_token_on

Controls when to generate a value for has_secure_token declarations. By default, generate the value when the model is initialized:

class User < ApplicationRecord
  has_secure_token
end

record = User.new
record.token # => "fwZcXX6SkJBJRogzMdciS7wf"

With config.active_record.generate_secure_token_on = :create, generate the value when the model is created:

# config/application.rb

config.active_record.generate_secure_token_on = :create

# app/models/user.rb
class User < ApplicationRecord
  has_secure_token on: :create
end

record = User.new
record.token # => nil
record.save!
record.token # => "fwZcXX6SkJBJRogzMdciS7wf"
Starting with version The default value is
(original) :create
7.1 :initialize

3.8.64. config.active_record.permanent_connection_checkout

Controls whether ActiveRecord::Base.connection raises an error, emits a deprecation warning, or neither.

ActiveRecord::Base.connection checkouts a database connection from the pool and keeps it leased until the end of the request or job. This behavior can be undesirable in environments that use many more threads or fibers than there is available connections.

This configuration can be used to track down and eliminate code that calls ActiveRecord::Base.connection and migrate it to use ActiveRecord::Base.with_connection instead.

The value can be set to :disallowed, :deprecated, or true to respectively raise an error, emit a deprecation warning, or neither.

Starting with version The default value is
(original) true

3.8.65. config.active_record.database_cli

Controls which CLI tool will be used for accessing the database when running bin/rails dbconsole. By default the standard tool for the database will be used (e.g. psql for PostgreSQL and mysql for MySQL). The option takes a hash which specifies the tool per-database system, and an array can be used where fallback options are required:

# config/application.rb

config.active_record.database_cli = { postgresql: "pgcli", mysql: %w[ mycli mysql ] }

3.8.66. config.active_record.use_legacy_signed_id_verifier

Controls whether signed IDs are generated and verified using legacy options. Can be set to:

{ digest: "SHA256", serializer: JSON, url_safe: true }

The purpose of this setting is to provide a smooth transition to a unified configuration for all message verifiers. Having a unified configuration makes it more straightforward to rotate secrets and upgrade signing algorithms.

Setting this to false may cause old signed IDs to become unreadable if Rails.application.message_verifiers is not properly configured. Use MessageVerifiers#rotate or MessageVerifiers#prepend to configure Rails.application.message_verifiers with the appropriate options, such as :digest and :url_safe.

3.8.67. ActiveRecord::ConnectionAdapters::Mysql2Adapter.emulate_booleans and ActiveRecord::ConnectionAdapters::TrilogyAdapter.emulate_booleans

Controls whether the Active Record MySQL adapter will consider all tinyint(1) columns as booleans. Defaults to true.

3.8.68. ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.create_unlogged_tables

Controls whether database tables created by PostgreSQL should be "unlogged", which can speed up performance but adds a risk of data loss if the database crashes. It is highly recommended that you do not enable this in a production environment. Defaults to false in all environments.

To enable this for tests:

# config/environments/test.rb

ActiveSupport.on_load(:active_record_postgresqladapter) do
  self.create_unlogged_tables = true
end

3.8.69. ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.datetime_type

Controls what native type the Active Record PostgreSQL adapter should use when you call datetime in a migration or schema. It takes a symbol which must correspond to one of the configured NATIVE_DATABASE_TYPES. The default is :timestamp, meaningt.datetime in a migration will create a "timestamp without time zone" column.

To use "timestamp with time zone":

# config/application.rb

ActiveSupport.on_load(:active_record_postgresqladapter) do
  self.datetime_type = :timestamptz
end

You should run bin/rails db:migrate to rebuild your schema.rb if you change this.

3.8.70. ActiveRecord::SchemaDumper.ignore_tables

Accepts an array of tables that should not be included in any generated schema file.

3.8.71. ActiveRecord::SchemaDumper.fk_ignore_pattern

Allows setting a different regular expression that will be used to decide whether a foreign key's name should be dumped to db/schema.rb or not. By default, foreign key names starting with fk_rails_ are not exported to the database schema dump. Defaults to /^fk_rails_[0-9a-f]{10}$/.

3.8.72. config.active_record.encryption.add_to_filter_parameters

Enables automatic filtering of encrypted attributes on inspect.

The default value is true.

3.8.73. config.active_record.encryption.hash_digest_class

Sets the digest algorithm used by Active Record Encryption.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) OpenSSL::Digest::SHA1
7.1 OpenSSL::Digest::SHA256

3.8.74. config.active_record.encryption.support_sha1_for_non_deterministic_encryption

Enables support for decrypting existing data encrypted using a SHA-1 digest class. When false, it will only support the digest configured in config.active_record.encryption.hash_digest_class.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) true
7.1 false

3.8.75. config.active_record.encryption.compressor

Sets the compressor used by Active Record Encryption. The default value is Zlib.

You can use your own compressor by setting this to a class that responds to deflate and inflate.

3.8.76. config.active_record.protocol_adapters

When using a URL to configure the database connection, this option provides a mapping from the protocol to the underlying database adapter. For example, this means the environment can specify DATABASE_URL=mysql://localhost/database and Rails will mapmysql to the mysql2 adapter, but the application can also override these mappings:

config.active_record.protocol_adapters.mysql = "trilogy"

If no mapping is found, the protocol is used as the adapter name.

3.9. Configuring Action Controller

config.action_controller includes a number of configuration settings:

3.9.1. config.action_controller.asset_host

Sets the host for the assets. Useful when CDNs are used for hosting assets rather than the application server itself. You should only use this if you have a different configuration for Action Mailer, otherwise use config.asset_host.

3.9.2. config.action_controller.perform_caching

Configures whether the application should perform the caching features provided by the Action Controller component. Set to false in the development environment, true in production. If it's not specified, the default will be true.

3.9.3. config.action_controller.default_static_extension

Configures the extension used for cached pages. Defaults to .html.

3.9.4. config.action_controller.include_all_helpers

Configures whether all view helpers are available everywhere or are scoped to the corresponding controller. If set to false, UsersHelper methods are only available for views rendered as part of UsersController. If true, UsersHelper methods are available everywhere. The default configuration behavior (when this option is not explicitly set to true or false) is that all view helpers are available to each controller.

3.9.5. config.action_controller.logger

Accepts a logger conforming to the interface of Log4r or the default Ruby Logger class, which is then used to log information from Action Controller. Set to nil to disable logging.

3.9.6. config.action_controller.request_forgery_protection_token

Sets the token parameter name for RequestForgery. Calling protect_from_forgery sets it to :authenticity_token by default.

3.9.7. config.action_controller.allow_forgery_protection

Enables or disables CSRF protection. By default this is false in the test environment and true in all other environments.

3.9.8. config.action_controller.forgery_protection_origin_check

Configures whether the HTTP Origin header should be checked against the site's origin as an additional CSRF defense.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
5.0 true

3.9.9. config.action_controller.per_form_csrf_tokens

Configures whether CSRF tokens are only valid for the method/action they were generated for.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
5.0 true

3.9.10. config.action_controller.default_protect_from_forgery

Determines whether forgery protection is added on ActionController::Base.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
5.2 true

3.9.11. config.action_controller.relative_url_root

Can be used to tell Rails that you are deploying to a subdirectory. The default isconfig.relative_url_root.

3.9.12. config.action_controller.permit_all_parameters

Sets all the parameters for mass assignment to be permitted by default. The default value is false.

3.9.13. config.action_controller.action_on_unpermitted_parameters

Controls behavior when parameters that are not explicitly permitted are found. The default value is :log in test and development environments, false otherwise. The values can be:

3.9.14. config.action_controller.always_permitted_parameters

Sets a list of permitted parameters that are permitted by default. The default values are ['controller', 'action'].

3.9.15. config.action_controller.enable_fragment_cache_logging

Determines whether to log fragment cache reads and writes in verbose format as follows:

Read fragment views/v1/2914079/v1/2914079/recordings/70182313-20160225015037000000/d0bdf2974e1ef6d31685c3b392ad0b74 (0.6ms)
Rendered messages/_message.html.erb in 1.2 ms [cache hit]
Write fragment views/v1/2914079/v1/2914079/recordings/70182313-20160225015037000000/3b4e249ac9d168c617e32e84b99218b5 (1.1ms)
Rendered recordings/threads/_thread.html.erb in 1.5 ms [cache miss]

By default it is set to false which results in following output:

Rendered messages/_message.html.erb in 1.2 ms [cache hit]
Rendered recordings/threads/_thread.html.erb in 1.5 ms [cache miss]

3.9.16. config.action_controller.raise_on_missing_callback_actions

Raises an AbstractController::ActionNotFound when the action specified in callback's :only or :except options is missing in the controller.

Starting with version The default value is
(original) false
7.1 true (development and test), false (other envs)

3.9.17. config.action_controller.raise_on_open_redirects

Protect an application from unintentionally redirecting to an external host (also known as an "open redirect") by making external redirects opt-in.

When this configuration is set to true, anActionController::Redirecting::UnsafeRedirectError will be raised when a URL with an external host is passed to redirect_to. If an open redirect should be allowed, then allow_other_host: true can be added to the call toredirect_to.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
7.0 true

3.9.18. config.action_controller.log_query_tags_around_actions

Determines whether controller context for query tags will be automatically updated via an around_filter. The default value is true.

3.9.19. config.action_controller.wrap_parameters_by_default

Before Rails 7.0, new applications were generated with an initializer namedwrap_parameters.rb that enabled parameter wrapping in ActionController::Basefor JSON requests.

Setting this configuration value to true has the same behavior as the initializer, allowing applications to remove the initializer if they do not wish to customize parameter wrapping behavior.

Regardless of this value, applications can continue to customize the parameter wrapping behavior as before in an initializer or per controller.

See ParamsWrapper for more information on parameter wrapping.

The default value depends on the config.load_defaults target version:

Starting with version The default value is
(original) false
7.0 true

3.9.20. ActionController::Base.wrap_parameters

Configures the ParamsWrapper. This can be called at the top level, or on individual controllers.

3.9.21. config.action_controller.escape_json_responses

Configures the JSON renderer to escape HTML entities and Unicode characters that are invalid in JavaScript.

This is useful if you relied on the JSON response having those characters escaped to embed the JSON document in