CSP hat zum Ziel einen Browser-seitigen Mechanismus zu schaffen um einige Angriffe auf Webseiten zu verhindern, hauptsächlich XSS...
"Open-source software (OSS) is great. Anyone can use virtually any open-source code in their projects." Well, it depends...
If you have a :string or :text field, you should pair it with a model validation that restricts its length...
# Basic HTML example # Javascript API (notable methods and properties) video = document.querySelector('video') video.play() video.pause() video.load() // Reset to the beginning and...
RubyMine has a HTTP Client that can be useful to test web APIs. Just create a .http scratch file an...
Select2 comes with AJAX support built in, using jQuery's AJAX methods. ... For remote data sources only, Select2 does not...
If you render markdown from user input, an attacker might be able to use this to inject javascript code into...
We use CarrierWave in many of our projects to store and serve files of various formats - mostly images. A common...
The linked GitHub repository is a bit like our "dev" cards deck, but groomed from a single person (Josh Branchaud...
Test-Driven Development (TDD) in its most dogmatic form (red-green-refactor in micro-iterations) can be tedious. It does...
A recent patch level Ruby update caused troubles to some of us as applications started to complain about incompatible gem...
Embedding videos on a website is very easy, add a tag to your source code and it just works...
By default, Devise redirects to a sign-in form when accessing a route that requires authentication. If for some reason...
Code comments allow for adding human readable text right next to the code: notes for other developers, and for your...
Sometimes it's nice to have some coloring in your logs for better readability. You can output your logs via...
You can use the CSS property mask-image to define an "alpha channel" for an element. E.g. to let an...
This is a personal post-mortem analysis of a project that was mainly build to provide a REST API to...
PostgreSQL and ActiveRecord have a good support for storing dynamic attributes (hashes) in columns of type JSONB. But sometimes you...
Root Insurance runs their application as a monolithic Rails application – but they've modularized it inside its repository. Here is...
This checklist should help you to check edge cases that are not part of the default Carrierwave configuration.
Debugging image color profiles is hard. You can't trust your eyes in this matter, as the image rendering depends...
Bundler 2 introduced various incompatibilites und confusing behavior. To add to the confusion, Bundler's behavior changed after the release...
A primer on vector graphics For rastered image formats like JPG or PNG, each pixel is basically drawn on a...
So I had the issue that User input (coming from many different sources and users) often contains the...