tl;dr Don't forget require 'English' if you use a named global such as $LAST_MATCH_INFO. Otherwise this...

makandra dev
developers.google.com

Chrome has a built-in utility to check performance and accessibility (and more) of your web app: Lighthouse.

In the following example the method update_offices_people_count won't be called when office_id changes, because it...

ruby-doc.org

...other methods within the Method class are useful for advanced metaprogramming, though this is beyond the scope of this card. Also see Ruby: Finding where a method is defined

When using virtual attributes, the attached trait can be useful to automatically copy errors from one attribute to another.

Simplecov is a code coverage tool. This helps you to find out which parts of your application are not tested...

Ruby lets you re-use existing RegExp objects by interpolating it into new patterns: locales_pattern = /de|en|fr|es/i...

When testing Ollama vision requests with VCR, the recorded cassettes will contain the full base64-encoded image payloads. A single...

github.com

...a convenience method on Strings (you may need to require 'whatlanguage/string'). >> 'Wir entwickeln und betreiben anspruchsvolle Webanwendungen'.language => :german Depending on your users' input, consider using less languages for better...

...you will sign out your current user whenever you switch to another app. A better way is to use our own daho.im service. All daho.im subdomains resolve to your local...

developer.chrome.com

The File System Access API is a new capability of modern browsers that allows us to iterate over selected folders...

There's a method Integer() defined on Kernel, that typecasts everything into an Integer. Integer("2") # 2 Integer("foo") # Invalid...

Given you have a strict CSP that only allows elements from your own domain: Content-Security-Policy: script-src 'self' This will block JavaScript handlers inlined as attribute into your HTML elements. Clicking on the following link will only log an error with a strict CSP: click me click me Solution 1: Move the handler into your JavaScript The recommended solution is to move the handler from the HTML to the allowed JavaScript file that we loaded via . In the example above we could invent a new [data-alert] attribute with the alert message: click me Then our JavaScript intercepts clicks on elements with that attribute: document.addEventListener('click', function(event) { let link = event.target.closest('[data-alert]') if (link) { let message = link.dataset.alert alert(message) event.preventDefault() } }) Solution 2: Allow that one handler in your CSP Some browsers allow the CSP directive script-src-attr. This lets you allow the hashes of actual JavaScript code. The SHA256 hash of alert('hello') is vIsp2avtxDy0157AryO+jEJVpLdmka7PI7o7C4q5ABE= (in Base64). We can allow this one event handlers like this: Content-Security-Policy: script-src 'self'; script-src-attr 'unsafe-hashes' 'sha256-vIsp2avtxDy0157AryO+jEJVpLdmka7PI7o7C4q5ABE=' Note the sha256- prefix. This event handler now works when clicked: click me But any other script will still be blocked: click me Dealing with legacy browsers Currently (November 2023) about 75% of browsers support script-src-attr. Here is a forward-looking compromise that many users use with new CSP features: Have a liberal CSP with old directives supported by all browsers Make your CSP stricter with new, more specific directives for browsers that support it The CSP spec supports that approach in that using newer, more specific directives disable older, more general features. In our case this means: For old browsers, allow all inline scripts For new browsers, disallow inline scripts but allow inline handlers with given hashes Here is a CSP directive that works like this: Content-Security-Policy: script-src 'self' 'unsafe-inline'; script-src-elem 'self'; script-src-attr 'unsafe-hashes' 'sha256-vIsp2avtxDy0157AryO+jEJVpLdmka7PI7o7C4q5ABE=' Old browsers will only use script-src. New browsers will use script-src-elem (for tags) and script-src-attr (for inline event handlers), which override the more liberal rules from script-src.

makandra dev

We structure our CSS using the BEM pattern. Our naming convention for blocks, elements and modifiers has evolved over the years. This card shows our current style and various alternative...

...not mix styles and be consistent within a given project. Current convention Our current BEM naming convention looks like this:

Note how the modifier just starts with a dash (-pro...

=> #<Capybara::Node::Element tag="div" path=... If you rely on this behavior in Capybara 3, affected features will fail. The gem no longer normalizes whitespace when finding...

...visible css ".haystack" with text "Hi! Try to match me." Re-enabling Cabyara 2 behavior in Capybara 3 After digging in the documentation, you might figure out that you can...

...Powerless but nothing was raised No power to ['creatable_cards'] The reason for this behavior is that the Capybara test server is running in another thread, and the RSpec thread...

Ubuntu 18.04 uses systemd to manage services. There are basically two commands for listing all services and manipulating the state...

I had to modify the time for an application that I launch through Docker. Here is an approach that worked...

We use the whenever gem to automatically update the crontab of the servers we deploy to. By default, whenever will...

morris-photographics.com

Some browsers render PNG images with color profiles and other shenanigans, some do not. The cleanest way to have consistent...

Sometimes you might need to nest a git-project inside another git-project. The right strategy is to use submodules...

You can use git worktree to manage multiple working trees attached to the same repository. But why should I use...

This talk shows simple and advanced usages of the ruby/debug debugger. It goes through a step by step debugging workflow...

makandra dev
iamvdo.me

...line-height is font-size relative, but the problem is that font-size: 100px behaves differently across font-families, so is line-height always the same or different? Is it...