CSP limits our site from making requests to other sites, controls what resources the page is allowed to load. It limits the damage even if malicious code is running in a user's browser within our site's context.
Content-Security-Policy: default-src ‘self’
Prevents loading resources from other domains. Prevents inline scripts, such as <script>alert('hello')</script>.
Content-Security-Policy: default-src ‘self’ *.trusted.com
Cheat Sheets are greate but they are not a substitute for learning the framework and reading the documentation as we most certainly have not covered every potential example here. Please refer to the Rails Command Line Docs for more information.
You can get all of this information on the command line.
rails generate with no generator name will output a list of all available generators and some information about global options.
rails generate GENERATOR --help will list the options that can be passed to the specified generator.
| http://stackoverflow.com/questions/22667401/postgres-json-data-type-rails-query | |
| http://stackoverflow.com/questions/40702813/query-on-postgres-json-array-field-in-rails | |
| #payload: [{"kind"=>"person"}] | |
| Segment.where("payload @> ?", [{kind: "person"}].to_json) | |
| #data: {"interest"=>["music", "movies", "programming"]} | |
| Segment.where("data @> ?", {"interest": ["music", "movies", "programming"]}.to_json) | |
| Segment.where("data #>> '{interest, 1}' = 'movies' ") | |
| Segment.where("jsonb_array_length(data->'interest') > 1") |
| mail_address = '' | |
| password = '' | |
| from selenium import webdriver | |
| UA = 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0' | |
| PHANTOMJS_ARG = {'phantomjs.page.settings.userAgent': UA} | |
| driver = webdriver.PhantomJS(desired_capabilities=PHANTOMJS_ARG) | |
| url = 'https://www.google.com/accounts/Login?hl=ja&continue=http://www.google.co.jp/' |
| #!/usr/bin/env python | |
| # Quick and dirty demonstration of CVE-2014-0160 by | |
| # Jared Stafford (jspenguin@jspenguin.org) | |
| # Modified so that it finds cookies | |
| import sys | |
| import struct | |
| import socket | |
| import time | |
| import select |
Devise can be a daunting beast even if you've used it frequently. For new users, it can be especially baffling as the documentation often assumes a familiarity with its inner workings. To help bridge the gap, here are some frequent scenarios and possible solutions.
###Oh my God, it's complaining about unknown methods! What?!
This most commonly occurs because you have enabled features in your Devise model (e.g. user.rb) but didn't create the associated fields with a migration.
Devise's tendrils are manifold; each feature has an associated symbol in your model's devise block, field(s) in your database, and configuration options in your Devise initializer.
| <!doctype html> | |
| <html> | |
| <head> | |
| <meta charset=utf-8> | |
| <title>horse</title> | |
| <link href='http://fonts.googleapis.com/css?family=Spirax' rel='stylesheet' type='text/css'> | |
| </head> | |
| <body> | |
| <h1>Sallie Gardner at a Gallop</h1> | |
| </body> |
| def add_1_to_n(n) | |
| return n <= 0 ? 0 : n + add_1_to_n( n - 1 ) | |
| end | |
| puts add_1_to_n(10) #=> 55 |
| # Mac OSX Mountain Lion | |
| # Ruby on Rails Development Environment | |
| # RVM | |
| curl -L https://get.rvm.io | bash -s stable && rvm install 1.9.3 && rvm install 1.8.7 | |
| echo '[[ -s "$HOME/.rvm/scripts/rvm" ]] && . "$HOME/.rvm/scripts/rvm" # Load RVM function' >> ~/.bash_profile | |
| source ~/.bash_profile | |
| # Disable rarely used RDOC |
| app = node[:rails][:app] | |
| rails_base app[:name] do | |
| ruby_ver app[:ruby_ver] | |
| gemset app[:gemset] | |
| end | |
| %w{config log pids cached-copy bundle system}.each do |dir| | |
| directory "#{app[:app_root]}/shared/#{dir}" do | |
| owner app[:deploy_user] |