Preventing page redirects to data:, in Safari
Safari has a built in XSS auditor that tries to prevent reflective XSS attacks – where the attacker submits content through a POST request and it is immediately displayed back in the response. To do this it looks for tags, including <script> and <iframe>, in the POST params. If it finds any, it looks Read More »
Limit the size of your Rails test and development logs
I just ran out of disk space and went looking for things to delete, I was amazed to find nearly 10Gb of test.log and development.log files kicking around. “Surely there must be a way to limit the size” I thought. There is! And it’s easy. And you should definitely do this now. In your config/environments/test.rb Read More »
How to get More Bang for your Heroku Buck While Making Your Rails Site Super Snappy [Redux]
I first wrote about how to get the most bang for your Heroku buck a year ago. Since then a few things have changed and we’ve learnt even more about how to deliver great performance from our Heroku hosted sites. Some of the advice remains the same, but there are some important changes. There is Read More »
Using Pow with RVM 1.19’s .ruby-version and .ruby-gemset files
With the upgrade to RVM 1.19 you are asked to convert your old .rvmrc file into .ruby-version and .ruby-gemset files. You are using ‘.rvmrc’, it requires trusting, it is slower and it is not compatible with other ruby managers, you can switch to ‘.ruby-version’ using ‘rvm rvmrc to [.]ruby-version’ or ignore this warnings with ‘rvm Read More »
oAuth Twitter for PHP and WordPress developers: Version 2!
Yesterday, I released version 2.0 of our oAuth Twitter PHP class and WordPress plugin. It’s a simple way of handling all of the oAuth requirements in Twitter’s API v1.1 that become mandatory on 5th March 2013. For more information about the plugin itself, you can read my original post on the first release. Version 2.0 is Read More »
How to save the uploaded file name with carrierwave_direct and S3
So you’ve setup carrierwave_direct and you’re happily uploading files to Amazon S3. In this example I’ve mounted CarrierWave on a field called csv_file, but that can be whatever is appropriate to your app. You’ve probably got two controller methods def upload @model = Model.new @model.save @uploader = @model.csv_file @uploader.success_action_callback = upload_successful_model_url(@model) end def upload_successful @model Read More »
How to show comments on a separate page in WordPress
Struggling to give WordPress comments their own page without messing up your URL structure? I know the feeling. Displaying a post’s comments separately from the main content can be useful in many circumstances. Although less common nowadays, traditionally many blogs chose to feature comments in a pop-up window or lightbox. It can also be desirable Read More »
6 Ways to get More Bang for your Heroku Buck While Making Your Rails Site Super Snappy
We love Heroku. It makes deployment so easy and quick. However, it can start to get pricey when you add additional dynos at $35 each a month. With a small amount of work, you can get a lot more out of your Heroku hosting whilst drastically improving the performance of your site. You might need Read More »
Using tomdoc to document a scope in a Rails model
I’m playing around with Tomdoc for documenting my latest Rails project. The documentation is (ironically) a bit thin on the ground. It’s taking a bit of trial and error to get some things working. The most recent brainteaser was how to get tomdoc (or even rdoc) to document a scope declared on a Rails model.
Is Google indexing pages from Twitter and messing with your analytics?
I just Googled for “WordPress RC” to find the release notes for the 3.5 Release Candidate. I clicked on the result for wordpress.org and was taken to the correct page, nothing out of the ordinary. I then copied the URL to share in team chat and noticed that the URL was quite long; there were Read More »