There is a weakness in the code Ruby on Rails uses to verify message digests in the cookie store. Because it uses a non-constant time algorithm to verify the signatures...
There is a vulnerability in the escaping code for the form helpers in Ruby on Rails. Attackers who can inject deliberately malformed unicode strings into the form helpers can defeat...
Lots of great content coming out of the community in the past month. Below you’ll find some of the most useful tutorials and libraries I’ve found over the past few...
Understand Ruby’s Load Path <p>When you call <code>load</code> or <code>require</code> a new file, Ruby searches through the files in its load path. This allows you to require files relative to...
A couple weeks ago, I wrote about the newly added ActionController::Responder which summarizes your application behavior for a specified format in just one place. For example, the default html behavior...
Last Friday, Apple released their new OS version: Snow Leopard. Upgrading to SL is very easy and even gives you back quite a lot of HD space. However a few...
This week’s post will be rather short and sweet. The notable commits of the week seemed to revolve mainly around refactoring and even slightly altering the way some of the...
Another week, another update on Edge Rails. And man, you aren’t making this easy on me, are ya? This weekend, in case you hadn’t already heard, was the first Rails...
As Rubyists migrate from Ruby 1.8 to Ruby 1.9, new Ruby implementations are gaining in maturity. Recently, IBM's Antonio Cangiano wrote an interesting article comparing the performance between Ruby 1.8,...