Skip to content

Instantly share code, notes, and snippets.

Anson Hoyt ansonhoyt

Block or report user

Report or block ansonhoyt

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View glyphicons.rake
task :glyphs => :environment do
glyphs = []
glyphs_hash = {}
longest_name = 0
Dir.glob(Rails.root.join("app", "assets", "images", "glyphicons", "*.png")) do |path|
width, height = `identify -format "%wx%h" #{path}`.strip.split(/x/)
# glyphicons_083_random.png
# glyphicons_083_random@2x.png
# glyphicons_halflings_047_bold.png
View security.md

Proposal for Improving Mass Assignment

For a while, I have felt that the following is the correct way to improve the mass assignment problem without increasing the burden on new users. Now that the problem with the Rails default has been brought up again, it's a good time to revisit it.

Sign Allowed Fields

When creating a form with form_for, include a signed token including all of the fields that were created at form creation time. Only these fields are allowed.

To allow new known fields to be added via JS, we could add:

View gist:1975644
class PostsController < ActionController::Base
def create
Post.create(post_params)
end
def update
Post.find(params[:id]).update_attributes!(post_params)
end
private
@vijaydev
vijaydev / gist:1472145
Created Dec 13, 2011
Rails 3.2.0 Changelogs
View gist:1472145

The latest release notes is available at http://edgeguides.rubyonrails.org/3_2_release_notes.html

Railties 3.2.0 (unreleased)

  • Speed up development by only reloading classes if dependencies files changed. This can be turned off by setting config.reload_classes_only_on_change to false. José Valim

  • New applications get a flag config.active_record.auto_explain_threshold_in_seconds in the environments configuration files. With a value of 0.5 in development.rb, and commented out in production.rb. No mention in test.rb. fxn

  • Add DebugExceptions middleware which contains features extracted from ShowExceptions middleware José Valim

@turadg
turadg / application.rb
Last active May 14, 2019
Handle only 404s dynamically. It uses a normal controller and route for 404s, letting everything else go to the Rails default /public error pages. In my case it was to use the subdomain logic in my ApplicationController.
View application.rb
module MyApp
class Application < Rails::Application
require Rails.root + 'lib/custom_public_exceptions'
config.exceptions_app = CustomPublicExceptions.new Rails.public_path
end
end
View essential-javascript-links.md
You can’t perform that action at this time.