OpenRuby.com

13 Jan '14, 3am

Here's the method that hands over an authenticity token in a Rails controller

Controller actions are protected from Cross-Site Request Forgery (CSRF) attacks by including a token in the rendered html for your application. This token is stored as a random string in the session, to which an attacker does not have access. When a request reaches your application, Rails verifies the received token with the token in the session. Only HTML and JavaScript requests are checked, so this will not protect your XML API (presumably you'll have a different authentication scheme there anyway). Also, GET requests are not protected as these should be idempotent.

Full article: http://api.rubyonrails.org/classes/ActionController/Reque...

Tweets

Understanding yield - #RoR #Rails #Layout #Rend...

guides.rubyonrails.org 09 Jan '14, 3pm

To find the current layout, Rails first looks for a file in app/views/layouts with the same base name as the controller. F...

Reading Rails - How Validation Are Configured

rubyflow.com 13 Jan '14, 3pm

Reading Rails - How Validation Are Configured Posted by netghost on January 13, 2014 — 0 comments You use them every day, ...

Explaining RubyMotion views to Rails developers

rubyflow.com 13 Jan '14, 1pm

Yesterday I put out an article explaining Apple's MVC pattern in a way Rails developers could understand, and it got a cra...

Ruby on Rails Guides: Active Record Validations...

guides.rubyonrails.org 09 Jan '14, 4pm

Database constraints and/or stored procedures make the validation mechanisms database-dependent and can make testing and m...

Explaining Apple’s MVC pattern to Rails Developers

rubyflow.com 12 Jan '14, 2pm

Explaining Apple’s MVC pattern to Rails Developers Posted by FluffyJack on January 12, 2014 — 0 comments An explanation of...

Explaining Apple’s MVC pattern to Rails Developers

rubyflow.com 12 Jan '14, 2pm

Explaining Apple’s MVC pattern to Rails Developers Posted by FluffyJack on January 12, 2014 — 0 comments An explanation of...

Rails Layout Gem

rubyflow.com 10 Jan '14, 1am

generates application layout files using Bootstrap or Foundation. My blog post on the Rails Layout Gem v1.0.1 release give...

How to keep your hands moisturized during winter

treehugger.com 08 Jan '14, 1pm

If you live in a cold region of the world, as I do, then you’ll know how keeping your hands moisturized is an endless batt...

Jenkins CI with Rails projects

rubyflow.com 09 Jan '14, 5pm

Jenkins CI with Rails projects Posted by vitobotta on January 08, 2014 — 0 comments I wrote a post on how to set up a Jenk...

Thanks @rubyfive for the Episode #428 talking a...

ruby5.envylabs.com 09 Jan '14, 9pm

January 7th, 2014 Test Driving a JSON API in Rails, Jubilee for Vert.x, Exception#cause, Hulse, Caching an API January 3rd...

Reading Rails - Concerns

rubyflow.com 07 Jan '14, 3pm

Posted by netghost on January 07, 2014 — 2 comments You probably include ActiveSupport's Concerns in your Rails code, but ...

Running in Winter: How to Keep Hands and Feet W...

runblogger.com 08 Jan '14, 11pm

Useful post for these arctic days Pete! As someone who has run and nordic skied for many years with winter my favorite sea...

Rendering Collections in Rails

rubyflow.com 07 Jan '14, 4am

Rendering Collections in Rails Posted by croaky on January 07, 2014 — 0 comments Partials are a great way to break down co...

TDD and ActiveRecord in Rails

rubyflow.com 06 Jan '14, 4pm

TDD and ActiveRecord in Rails Posted by solnic on January 06, 2014 — 0 comments Check out my thoughts on TDDing ActiveReco...

UDRP Panel Hands Over To TM Holder of KnowHow

thedomains.com 10 Jan '14, 5pm

A one member UDRP panel just handed over the domain name KnowHowInsurance.com, to the trademark holder of “Know How” The C...