A great and enjoyable introduction into the concept of the web and about what HTTP was designed for. The original...

1. Saving files to a directory that is not shared between deploys or servers If you save your uploads to...

This card shows how to upgrade a Rails 2 application from Rails 2.3.8 through every single patch level up to...

ActionMailer per default uses http as protocol, which enables SSL-stripping. When a logged-in user follows an http link...

Merge requests are often rejected for similar reasons. To avoid this, before you send a merge request, please confirm that...

The Ruby on Rails security list archive can be found here: http://groups.google.com/group/rubyonrails-security You can subscribe to this mailing...

In order to clone a git repository including all branches and tags you need to use two parameters when cloning...

When you need to find out in which kind of spec you are during run-time, it's definitely possible...

When your site is on HTTPS and you are linking or redirecting to a HTTP site, the browser will not...

Option 1: Creating a self-signed certificate with the openssl binary As igalic commented on this gist. openssl req -new...

When HTTP clients make an request they can define which response formats they can process. They do it by adding...

Authentication is hard: there are many edge cases, and most users (including yourself) usually only go the "happy path" once...

Create a directory mkdir ~/.aws Initialise git repository cd ~/.aws && git init Create a git branch with a name you...

We ran into trouble when adding additional compute units to our railscomplete Hosting environment lately. VM-instances on the new...

This only works when you actually have a session ID (not the case for Rails' CookieStore, for example): request.session_options...

In specs, the session never persists but is always a new object for each request. Data put into the session...

Note: This technique is confusing and slows down your test suite. Copy the attached code to features/support. This gets you...

When you use ab to do some performance benchmarking, you might run into output like this: Complete requests: 200

Rails’ reputation as a relatively secure Web framework is well deserved. Out-of-the-box, there is protection against many...

The User-Agent HTTP header identifies the client and is sent by "regular" browsers, search engine crawlers, or other web...

When a controller action redirects to an external URL (like http://somehost.com/some/path) you will find that this is hard...

Unfortunately, Capybara does not offer a switch to disable cookies in your test browser. However, you can work around that...

To set a cookie in your test browser for cucumber tests, you need to know which driver you are using...