This link has been bookmarked by 71 people . It was first bookmarked on 07 Dec 2007, by A. D..
-
27 Dec 10
-
25 Nov 09
-
29 Apr 09
-
10 Nov 08
-
27 Oct 08
-
04 Sep 08
-
08 Aug 08
-
10 Jul 08
-
04 Jun 08
-
20 May 08
-
15 Apr 08
-
02 Apr 08
-
29 Mar 08
-
26 Mar 08
-
22 Feb 08
-
06 Feb 08
-
17 Jan 08
-
14 Jan 08
Stefano CrostaRails 2.0 vs Rails 1.2.x - what's new in Ruby 2.0
rubyonrails rails2.0 programming framework development documentation
-
01 Jan 08
-
20 Dec 07
-
14 Dec 07
-
13 Dec 07
-
sessions are no longer stored on the file system or in the database, but kept by the client in a hashed form that can’t be forged.
-
-
12 Dec 07
-
11 Dec 07
-
10 Dec 07
Luis OopshRails 2.0 is finally finished after about a year in the making. This is a fantastic release that’s absolutely stuffed with great new features, loads of fixes, and an incredible amount of polish. We’ve even taken a fair bit of cruft out to make the who
ruby david programacion basic szena+ comentar web2.0 opensource
-
09 Dec 07
-
08 Dec 07
-
07 Dec 07
-
-
map.namespace(:admin) do |admin| admin.resources :products, :collection => { :inventory => :get }, :member => { :duplicate => :post }, :has_many => [ :tags, :images, :variants ] end
-
rake routes
-
Speaking of the iPhone, we’ve made it easier to declare “fake” types that are only used for internal routing. Like when you want a special HTML interface just for an iPhone. All it takes is something like this:
# should go in config/initializers/mime_types.rb Mime.register_alias "text/html", :iphone class ApplicationController < ActionController::Base before_filter :adjust_format_for_iphone private def adjust_format_for_iphone if request.env["HTTP_USER_AGENT"] && request.env["HTTP_USER_AGENT"][/(iPhone|iPod)/] request.format = :iphone end end end class PostsController < ApplicationController def index respond_to do |format| format.html # renders index.html.erb format.iphone # renders index.iphone.erb end end end -
# person is a Person object, which by convention will # be mapped to person_url for lookup redirect_to(person) link_to(person.name, person) form_for(person)
-
class PostsController < ApplicationController USER_NAME, PASSWORD = "dhh", "secret" before_filter :authenticate, :except => [ :index ] def index render :text => "Everyone can see me!" end def edit render :text => "I'm only accessible if you know the password" end private def authenticate authenticate_or_request_with_http_basic do |user_name, password| user_name == USER_NAME && password == PASSWORD end end end
-
If you set ActionController::Base.asset_host = “assets%d.example.com”, we’ll automatically distribute your asset calls (like image_tag) to asset1 through asset4. That allows the browser to open many more connections at a time and increases the perceived speed of your application.
-
Making it even easier to create secure applications out of the box is always a pleasure and with Rails 2.0 we’re doing it from a number of fronts. Most importantly, we now ship we a built-in mechanism for dealing with CRSF attacks. By including a special token in all forms and Ajax requests, you can guard from having requests made from outside of your application. All this is turned on by default in new Rails 2.0 applications and you can very easily turn it on in your existing applications using ActionController::Base.protect_from_forgery (see ActionController::RequestForgeryProtection for more).
-
We’ve also made it easier to deal with XSS attacks while still allowing users to embed HTML in your pages. The old TextHelper#sanitize method has gone from a black list (very hard to keep secure) approach to a white list approach. If you’re already using sanitize, you’ll automatically be granted better protection. You can tweak the tags that are allowed by default with sanitize as well. See TextHelper#sanitize for details.
-
Action Pack: Exception handling
Lots of common exceptions would do better to be rescued at a shared level rather than per action. This has always been possible by overwriting rescue_action_in_public, but then you had to roll out your own case statement and call super. Bah. So now we have a class level macro called rescue_from, which you can use to declaratively point certain exceptions to a given action. Example:
class PostsController < ApplicationController rescue_from User::NotAuthorized, :with => :deny_access protected def deny_access ... end end -
Action Pack: Cookie store sessions
-
Action Pack: New request profiler
-
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.