workflow:
$ rails g model NameOfModel
invoke active_record
create db/migrate/YYYYMMDDHHMMSS_create_name_of_models.rb
" A minimal vimrc for new vim users to start with. | |
" | |
" Referenced here: http://www.benorenstein.com/blog/your-first-vimrc-should-be-nearly-empty/ | |
" Original Author: Bram Moolenaar <Bram@vim.org> | |
" Made more minimal by: Ben Orenstein | |
" Last change: 2012 Jan 20 | |
" | |
" To use it, copy it to | |
" for Unix and OS/2: ~/.vimrc |
#!/usr/bin/env python | |
# Quick and dirty demonstration of CVE-2014-0160 by | |
# Jared Stafford (jspenguin@jspenguin.org) | |
# Modified so that it finds cookies | |
import sys | |
import struct | |
import socket | |
import time | |
import select |
# layouts/application.html.erb | |
<head> | |
<title><%= yield_or_default(:title) -%></title> | |
<meta name="description" content="<%= yield_or_default(:meta_desc) -%>"> | |
<meta name="keywords" content="<%= yield_or_default(:meta_keywords) -%>"> | |
<meta name="robots" content="<%= yield_or_default(:robots) -%>"> | |
<%= stylesheet_link_tag "application", media: "all", "data-turbolinks-track" => true %> | |
<%= javascript_include_tag "application", "data-turbolinks-track" => true %> |
=Navigating= | |
visit('/projects') | |
visit(post_comments_path(post)) | |
=Clicking links and buttons= | |
click_link('id-of-link') | |
click_link('Link Text') | |
click_button('Save') | |
click('Link Text') # Click either a link or a button | |
click('Button Value') |
This post outlines three common web security vulnerabilities with specific examples in Rails. For a more complete list, I highly recommend the OWASP Rails security cheatsheet.
A cross-site scripting attack is when malicious scripts are injected into a web site in order to compromise it.
For example, let's say we want to allow html tags such as <strong>
in our blog comments, so we render raw output using the Rails method #html_safe:
Agile is a general philosophy describing a set of guiding principles for building software through iterative development. Agile development is about providing a framework that allows developers to build something useful for real world users and deal with the realities of interruptions, timelines, and technical requirements that disrupt an ideal development cycle. In other words, Agile development helps developers deal with reality.
SCRUM is a methodology -- in another words, an implementation -- pertaining specifically to project management. Other "Agile" methodologies inclue extreme programming, kanban.
Scrum was a term first used in 1987 to describe hyper-productive product development in Japan. The word Scrum comes from rugby, where scrum refers to the strategy used for getting an out-of-play ball back into play. The name Scrum stuck because of the similarities between the game of rugby and the type of product development prosc
#refactored here, original below | |
class Vehicle | |
def initialize(args) | |
@wheels = 4 | |
@color = args[:color] | |
end | |
def drive | |
@status = :driving | |
end |