coveralls
commented
3 years ago Pull Request Test Coverage Report for Build 416094686
- 21 of 23 (91.3%) changed or added relevant lines in 3 files are covered.
- No unchanged relevant lines lost coverage.
- Overall coverage increased (+0.06%) to 96.899%
| Changes Missing Coverage | Covered Lines | Changed/Added Lines | % | ||
|---|---|---|---|---|---|
| lib/better_errors/error_page.rb | 15 | 17 | 88.24% | ||
| <!-- | Total: | 21 | 23 | 91.3% | --> |
| Totals | |
|---|---|
| Change from base Build 396793693: | 0.06% |
| Covered Lines: | 500 |
| Relevant Lines: | 516 |
Add our own Content Security Policy headers when Better Errors responds, which heavily restricts the resources that can be used/referenced, but allows our scripts and styles. It uses a nonce for the script blocks, but currently we rely on inline style because of the way syntax highlighting works (which will change someday, for example in #423).
Turbolinks (of course)
When Turbolinks is in use, our headers are not evaluated by the browser when loading the console page. If the CSP headers sent by the application restrict inline CSS and JS, the console will not function or be presented correctly.
So we also provide fallback modes, where the user is informed of the reason and given a link to open Better Errors in a new tab. This fallback includes the topmost frame infomation, so essentially the same information as the "text" version is available on the page, even if not well-formatted.
When inline style is available but inline script is not:
When inline style is not available but script is:
When both are not available: