...like invoices/generated?number=123. This could be your (very careless) controller method: def generated send_file File.join(Rails.root, 'shared', 'invoices', params[:number]) end This allows your users not only to...

...files but also any files your application can read, like this: invoices/generated?number=../../../../../etc/passwd # => send_file '/etc/passwd' You do not want this. In most cases you should prefer a show...

...IDENTIFIED BY 'some_password'; GRANT REPLICATION SLAVE ON *.* TO 'replicator'@'%'; Adjust MySQL configuration : Edit /etc/mysql/my.cnf: server-id = 1 log_bin = /var/log/mysql/mysql-bin.log replicate-do-db = some_project_production replicate-do-db...

...other_project_production replicate-ignore-db = mysql server-id needs to be unique among all connected master and slave servers. When replicate-do-db is provided only the chosen databases...

...your remote database, you might not want it to dump each time you deploy (say, you're experimenting with staging and don't want ten dumps an hour). How to...

...skip dump creation: Capistrano 2 In your Capistrano file: before 'deploy:update_code', 'db:dump' unless fetch(:skip_dump, false) The second parameter of fetch sets a default value if...

# the value from the form field's ngModel (which means it's not sent to the # server, and old values would not be overwritten). # # This directive makes sure that...

...form fields with an invalid value return an # empty string instead of undefined. for elementType in ['input', 'textarea', 'select'] @app.directive elementType, -> priority: 1 restrict: 'E' require: '?ngModel' link: (scope, element...

...unwrap(). Here is how. Consider the following example element. $container = $(' Hello World ') Let's say we want to discard any tags, but keep their contents. Simply find them, then dive...

When using state_machine you sometimes need to know whether an object may execute a certain transition. Let's take an arbitrary object such as a blog article as an...

...example that has those states: A -> B -> C -> D Additionally, you have transitions between the states as shown above. Let's call the transition between 'A' and 'B' transition_ab...

You can use attribute? as shorthanded version of attribute.present?, except for numeric attributes and associations. Technical Details attribute? is generated for all attributes and not only for boolean...

...These methods are using #query_attribute under the hood. For more details you can see ActiveRecord::AttributeMethods::Query. In most circumstances query_attribute is working like attribute.present?. If your attribute...

When using Sidekiq in your application, you must write thread-safe code. This wiki page also lists gems that are known to be unsafe on threaded applications.

...gem that will also be used by a Sidekiq worker, make sure to confirm it's thread-safe...

Note: Making a reverse proxy with nginx is much more straightforward. A reverse proxy is a "man in the middle" server that tunnels requests to another server. You can use...

...makes sure that it can fetch from HTTPS internally. You've basically built your custom SSL-stripping MITM attack server. If your proxy server should be accessible over HTTPS, use...

...re looking for is not present, first try upgrading ruby-build. If it's still missing, open a request on the ruby-build issue tracker: https://github.com/sstephenson/ruby-build/issues

This is how you regain disk space from OpenStack instances if you are using kvm and qcow. If your instance used up all configured disk space once the disk file...

...remains big. You can end up in a situation where for example the instance use only 20GB disk space but the disk file on the server has 100GB (or even...

In RubyMine folders can be excluded from search, navigation etc. by marking it as excluded. You might sometimes wish to exclude single files, too. An example could be .byebug_history...

...which is located in the project root directory. Single files can be excluded by pattern in the Settings: In the Settings/Preferences dialog Ctrl+Alt+S, go to Project structure

...of control”. A function that accepts a callback instead of a return value is saying, “Don’t call me, I’ll call you.”. Promises un-invert the inversion, cleanly separating...

...the input arguments from control flow arguments. This simplifies the use and creation of APIs, particularly variadic, REST and spread arguments. Note that promises are not a drop-in replacement...

Field error steps Spreewald's The...

...field should have an error and The...

...field should have the error...

...steps now have built-in support for Rails and Bootstrap (v3-v5...

...error classes. When using Bootstrap, it is no longer necessary to overwrite the steps in your project. At the same time, support for formtastic has been removed as there were...

On application servers, gems are usually bundled into the project directory, at a location shared across deployments. This is usually shared/bundle inside your project's root directory, e.g. /var/www/your-project/shared/bundle/.

When you are changing the version of RubyGems or Bundler on a system where gems are installed this way, you must wipe that bundle directory in addition to...

When using threads, you must make your code thread-safe. This can be done by either locking (mutexes) all data shared between threads, or by only using immutable data structures...

...Ruby core classes like String or Array are not immutable. There are several gems providing thread-safe collection classes in Ruby. concurrent-ruby The concurrent-ruby gem provides thread-safe...

Haml 3.1.2 displays single quotes in FormBuilder#text_ field html escaped. You may see something like that: David's Chapter Looking at the page's HTML, your field's...

...inputs, where one contains the name of the other (eg. Name and Name with special treatment), Capybara's fill_in method will fail with the following message: Ambiguous match, found...

...value = 'Bettertest Cucumberbatch' fill_in(field, with: value, match: :prefer_exact) Furthermore, we recommend setting Capybara's matching strategy globally to :prefer_exact. This will positively affect all you steps...

So I had the issue that User input (coming from many different sources and users) often contains the same long word. Maybe that's a super german thing...

...compiler that crawls the document and replaces all occurencies of certain word and puts a soft-hyphen (­, or \xAD) where i want the word to break. This is only...

...all the world to admire. For private gems this is very bad. To make sure this cannot happen, rubygems 2.2+ allows you to restrict eligible push hosts: Gem::Specification.new 'my...

...gem', '1.0' do |s| # ... s.metadata['allowed_push_host'] = 'https://gems.my-company.example' end In case you already messed up, follow these instructions to get your gem removed. Of course, it's not...

RSpec's let allows you to super into "outside" definitions, in parent contexts. Example: describe '#save' do subject { described_class.new(attributes) } let(:attributes) { title: 'Example', user: create(:user) } it 'saves' do...

...expect(subject.save).to eq(true) end context 'when trying to set a disallowed title' do let(:attributes) { super().merge(title: 'Hello') } # <== it 'will not save' do expect(subject.save).to eq...

...Linux and MacOS, they look horrible on Windows, a problem that gets worse with smaller font sizes. The culprit is something called font hinting: ... hinting is about... programming instructions that...

...hinting, causing horrible rendering for most fonts. Embedding autohinting information into font files A solution is to autohint fonts and replace the existing (bad) hinting with the autohinting information.

You may want this for things where Rationals are being used, like when subtracting Date objects from one another. What's happening? Converting a Rational to a String usually...

...does something like this: 1.8.7 > Rational(2, 3).to_s => "2/3" 1.9.3 > Rational(2, 3).to_s => "2/3" 2.0.0 > Rational(2, 3).to_s => "2/3" However, when you have a...