altadisa

#refactored here, original below
class Vehicle
  def initialize(args)
    @wheels = 4
    @color = args[:color]
  end

  def drive
    @status = :driving
  end

altadisa

Agile Software Development

Agile is a general philosophy describing a set of guiding principles for building software through iterative development. Agile development is about providing a framework that allows developers to build something useful for real world users and deal with the realities of interruptions, timelines, and technical requirements that disrupt an ideal development cycle. In other words, Agile development helps developers deal with reality.

SCRUM is a methodology -- in another words, an implementation -- pertaining specifically to project management. Other "Agile" methodologies inclue extreme programming, kanban.

SCRUM history:

Scrum was a term first used in 1987 to describe hyper-productive product development in Japan. The word Scrum comes from rugby, where scrum refers to the strategy used for getting an out-of-play ball back into play. The name Scrum stuck because of the similarities between the game of rugby and the type of product development prosc

altadisa

Web Security

This post outlines three common web security vulnerabilities with specific examples in Rails. For a more complete list, I highly recommend the OWASP Rails security cheatsheet.

Cross-Site Scripting (XSS)

A cross-site scripting attack is when malicious scripts are injected into a web site in order to compromise it.

For example, let's say we want to allow html tags such as <strong> in our blog comments, so we render raw output using the Rails method #html_safe:

altadisa

=Navigating=
    visit('/projects')
    visit(post_comments_path(post))

=Clicking links and buttons=
    click_link('id-of-link')
    click_link('Link Text')
    click_button('Save')
    click('Link Text') # Click either a link or a button
    click('Button Value')

altadisa

<!-- Insert this script where you want a gist such as this -->
<script src="https://gist.github.com/AirDisa/8124295.js"></script>

altadisa

$ cat etc/environment
=> PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"

$ cat root/.bashrc
streams =>
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples

# If not running interactively, don't do anything

altadisa

# layouts/application.html.erb

<head>
  <title><%= yield_or_default(:title) -%></title>
  <meta name="description" content="<%= yield_or_default(:meta_desc) -%>">
  <meta name="keywords" content="<%= yield_or_default(:meta_keywords) -%>">
  <meta name="robots" content="<%= yield_or_default(:robots) -%>">

  <%= stylesheet_link_tag    "application", media: "all", "data-turbolinks-track" => true %>
  <%= javascript_include_tag "application", "data-turbolinks-track" => true %>

altadisa

#!/usr/bin/env python
# Quick and dirty demonstration of CVE-2014-0160 by
# Jared Stafford (jspenguin@jspenguin.org)
# Modified so that it finds cookies

import sys
import struct
import socket
import time
import select

altadisa

" A minimal vimrc for new vim users to start with.
"
" Referenced here: http://www.benorenstein.com/blog/your-first-vimrc-should-be-nearly-empty/

" Original Author:	 Bram Moolenaar <Bram@vim.org>
" Made more minimal by:  Ben Orenstein
" Last change:	         2012 Jan 20
"
" To use it, copy it to
"     for Unix and OS/2:  ~/.vimrc

altadisa

xcrun swift -sdk /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator.sdk