Rails' url_for is useful for generating routes from a Hash, but can lead to an open redirect vulnerability.
Rails' Strong Parameters enable you to allow only specific values from request params to e.g. avoid mass assignment.
Newest versions of Chromedriver breaks the user agent for device emulation via device name. In previous versions the user agent...
An introduction to mangling When you minify ("compress", "optimize") your JavaScript for production, the names of your functions and variables...
In CI test runs I noticed that string sorting order changed after switching from a debian-based PostgreSQL docker image...
You can tell npm to install a package globally with npm -g install @puppeteer/browsers. However, it seems that its not...
Rails offers several methods to manage three types of different cookies along with a session storage for cookies. These...
If you want to collapse/expand elements with dynamic content (and thus unknown height), you can not transition between height: 0...
Note: You won't need this for single lines of text. In this case it is better to just use...
Sometimes you'll find yourself with a set of tasks that require similar code for different models. For example, if...
When you write your next CarrierWave uploader, consider processing your images with libvips instead of ImageMagick. Reasons for libvips
Using querySelector or querySelectorAll in JavaScript, you can easily find descendants of a node that match a given selector.
So you have a heading that is just barely wider than the container it should fit into, and it wraps...
We have a long-standing checklist for merge requests. However, it hardly matches the intricate requirements for design. This checklist...
It most cases it's not necessary to add a version constraint next to your packages in the package.json. Since...
It most cases it's not necessary to add a version constraint next to your gems in the Gemfile. Since...
We often do some HTTP requests to fetch the data we want to check for certain criteria. Testing this in...
Code splitting is a feature of esbuild that can keep huge libraries out of the main bundle. How code splitting...
When you are using the default MIME-Type configuration and your application allows uploading files, it can be a security...
As we are slowly switching from Cucumber scenarios to RSpec feature specs, you might be tempted to write assertions like...
Context and further resources Even though you can get 90% of debugging done with up to 5 basic byebug commands...
I recently noticed that better_errors allows you to to open files from within your favorite editor. However it was...
Debugging your integration tests, that run a headless Chrome inside a docker image, is tricky. In many cases you can...
A convenient way to test SNS Subscription Filter Policies is using an email address as the subscription endpoint. However, for...