Tag Archives: rubyonrails
Getting jQuery, Rails, and Authenticity Tokens to play nice
For anyone that uses the jQuery AJAX library to send POST requests to their Rails application, you have probably found that the built in Rails CSRF protection does not play nice with your jQuery POST requests. By the way, if you don’t know what CSRF is, check out my Ruby on Rails security presentation. [...]
Ruby on Rails – Skipping validations based on where object is created
I ran into an issue today where I wanted to skip validations based on where an object was created. To be more specific, I wanted to validate strictly if a “venue” was created through my web interface but I want to skip validations when importing venues. The reasoning is pretty simple, I want [...]
Posted in Software Also tagged active-record, Ruby On Rails, skipping-validations, validations 4 Comments
Back links for your Ruby on Rails application
Here is a nice little helper I wrote to display back links:
def back_link
link_to "« Go Back", request.env["HTTP_REFERER"].blank? ? "/" : request.env["HTTP_REFERER"]
end
If you just use the HTTP_REFERER without checking if it’s blank, weird things can happen if someone lands on your page from an email, for example.
If you enjoyed this post, make [...]
Interning empty string error in Ruby on Rails
I don’t like writing short posts about fixing code errors but I think this one deserves a quick shout out. If you get an error in your Rails application that says “interning empty string”, there could be something wrong with an error message in your validations. For example, I had something like:
def geocoding_works_when_geotarget_is_true
[...]
Logging your Rails model (the easy way)
In one of my Rails applications, I have some pretty heavy tasks in my models. I decided to log to different files for two of my models so that I can easily make sure these tasks are performed correctly without going through my application log. I also call some of my model methods [...]
Configuring Phusion Passenger on a 256MB Ubuntu Slice @Slicehost
I installed Phusion Passenger a few weeks ago to get a production environment up and running for my Rails app. It was super easy to install and felt like magic. I checked off the item on my TODO and moved on. After all it didn’t say “YOUR APP WILL BE SLOW AS [...]
How to quickly set up a test for Twitter OAuth authentication from your local machine
Working with API’s such as Twitter from your local machine can be a pain. A problem that comes up is Twitter does not let you set your callback URL to hit your localhost. If you are working with OAuth on your local machine and want to test the user authorization flow, you are screwed. [...]
Defending Against Attacks With Rails
A couple weeks ago I presented on Rails security at a local Ruby On Rails meetup. I finally got around to posting the slides online.
The presentation covers topics including authentication, hashing, salting, key stretching, white listing, session hijacking, replay attacks, session fixation, cross-site request forgery, cross site scripting, sql injections, other injections, and some [...]
Simple Time Select for Ruby On Rails Just Got Simpler
I added a start_hour and end_hour feature to my simple time select. Here are the details from the README:
Simple time select also takes a start_hour and end_hour option to be specified in military format (between 0-23).
<%= time_select "event", "time", { :default => Time.now.change(:hour => 21), :simple_time_select => true,
:minute_interval => 20, :time_separator => "", [...]
Converting Table Data to YAML for Testing in Ruby on Rails