...can specify your preferred version like so: bundle _2.1.2_ update --bundler Older Ruby and Rails cannot use the latest bundler 2 version, so you need to stay on bundler...
...ein User ungefiltertes HTML in die Webseite einfügen kann. Danke für den interessanten Beitrag! alert('you have been hacked') Rails löst das Problem weitgehend, aber Programmierfehler weiter möglich manchmal Sicherheitslücken in Gems oder Rails
background-color: blue; } = javascript_tag nonce: true do :plain window.addEventListener('load', () => { ... }); CSP mit Rails Demo Konfiguration via config/initializer/content_security_policy.rb Überschreiben in einzelnen Controllern Nonce-Support für javascript_tag
...command line flag when opening an IRB: irb --nomultiline This also works on modern Rails when using rails console like so: rails console -- --nomultiline Option 2: Disable by default
...into a database console, run SET GLOBAL query_cache_type=OFF; and restart your rails server. You can also disable the cache on a per query basis by saying
...SQL_NO_CACHE * FROM ... You also probably want to disable Rails internal (per-request) cache. For this, wrap your code with a call to ActiveRecord::Base.uncached. For example, as an...
expect(time1).to eq(time2) end Note for users of #end_of_day Rails extends Time with a method #end_of_day which returns the latest possible Time on...
From Exploring ES6: Module imports are hoisted (internally moved to the beginning of the current scope). Therefore, it doesn’t...
...MySQL or PostgreSQL. Implementation examples are for the ActiveRecord ORM used with Ruby on Rails, but the techniques can be implemented in any language or framework. We will be using...
YOUR QUERY\G; \x on Further reading How to setup Ruby on Rails with PostgreSQL Connect to a Rails database with bin/rails dbconsole -p...
...If you trigger a COUNT query for an association of an an unsaved record, Rails will try to load all children where the foreign key IS NULL. This is not...
RSpec Rails can automatically mix in different behaviors to your tests based on their type tag, for example enabling you to call get and post in specs with the tag...
...consume GBs of memory bringing down our servers. The solution Just use .preload instead. Rails will use separate queries to preload the data. This cannot lead to a cross product...
Rails' Strong Parameters enable you to allow only specific values from request params to e.g. avoid mass assignment. Usually, you say something like params.permit(:email, :password) and any extra parameters...
There are multiple ways to redirect URLs to a different URL in Rails, and they differ in small but important nuances. Imagine you want to redirect the following url...
When deploying Rails applications you might have noticed that JS and CSS are not cached by all browsers. In order to force Apache to add expiry dates to its response...
...when I change a file? Changed stylesheets and javascripts will always be reloaded because Rails appends a screen.css?1234567 timestamp to the paths. Background images referred to from the CSS...
end But how to solve the uniqueness problem? Another day, another undocumented Rails feature! This time, it’s that ActiveRecord::Base.connection.add_index supports an undocumented option to pass...
(excerpt from: Fancy Postgres indexes with ActiveRecord) So regarding to the cited site Rails 5+ allows me to use an SQL statement in my index: t.index 'shop_id, lower...
In Ruby on Rails ActiveRecord::Relation#merge overwrites existing conditions on the same column. This may cause the relation to select more records than expected: authorized_users = User.where(id...
...collectiveidea.com/blog/archives/2012/01/27/testing-file-downloads-with-capybara-and-chromedriver module DownloadHelpers TIMEOUT = 10 module_function def download_path download_path = Rails.root.join("tmp/test_downloads#{ENV['TEST_ENV_NUMBER']}") FileUtils.mkdir_p(download_path) download_path end def clear_downloads FileUtils.rm...
When your JavaScript bundle is so massive that you cannot load it all up front, I would recommend to load...
...when your application uses time zones. Background A time-zoned Time attribute on a Rails record is converted to UTC using to_s(:db) to be stored, and converted back...
...without changing the return value: def save_user user.save.tap do |saved| next unless saved Rails.log("User was created, we have #{user.count} users now!") end end save_user # User was created...
...This could be your (very careless) controller method: def generated send_file File.join(Rails.root, 'shared', 'invoices', params[:number]) end This allows your users not only to access those files but...
...directory of the files as the first parameter, like so: send_file_inside File.join(Rails.root, 'shared', 'invoices'), params[:number] Do not use only Rails.root -- this would allow access to config/environment.rb...
...several gems that help to you do that, like Sidekiq or Resque. With newer Rails you can also use ActiveJob as interface for a background processing library. See here for...
end and a features/support/active_job.rb with: # Jobs should be worked off immediately in tests Rails.application.config.active_job.queue_adapter = :inline
...ids on an ActiveRecord scope to pluck all the ids of the relation: # Modern Rails User.where("users.name LIKE 'Foo Bar'").ids # Rails 3.2+ equivalent User.where("users.name LIKE 'Foo Bar'").pluck...
# Edge rider equivalent for Rails 2+ User.where("users.name LIKE 'Foo Bar'").collect_ids
When I sign in as "carcar79" Patch to make it work for Rails 2 For Rails 2, the last line of find_by_anything needs to be changed...