🔖 Bookmarks

What is Server-Side Request Forgery (SSRF), and why is it a concern for web security?

Once we include ActiveStorage::Streaming in a controller, we get access to the #send_blob_stream method which takes care of everything, from writing the headers to streaming the downloaded data chunks to the client to closing the stream after it is completed.

Mailers are used in literally every Rails application, but often an after thought where we throw out the rules of software design. Revisiting the tools provided by Action Mailer can help us improve how we write mailers.

I've always hated maintaining database servers. Litestream offers a simple alternative without sacrificing reliability or security.

Have you heard about the ActiveRecord becomes method from Rails? Maybe it’ll come handy one day.

The instrumentation API in ActiveSupport serves a dual purpose. You can use it to implement the publish-subscribe pattern, as well as benchmark how long it took to execute some action.

Originally posted on ahmednadar.com Recently, the inline editing capabilities demand has...

Check out our downloadable Ruby on Rails Interview Questions Template, and learn how can you get the most honest responses from candidates.

Build and parse a programming language to extend your Rails application's functionality.

Understanding the need behind a change is important to build better software. Here’s why.

Capybara is an acceptance test framework for web applications. Learn how to use it with Minitest for integration testing of your Ruby on Rails applications.

Rails developers can add versioning to their APIs with relatively little effort. This article explains why you need to add versions to your API and how.

There are several motivations for running your local web application over SSL; making use of service workers being a prime example. In this blog post we consider a number of different approaches for achieving this with a Rails application. We outline the key configuration changes required in each case, and discuss some of the drawbacks and benefits of each approach.

With Heroku's free tier gone, this is my work-in-progress configuration for a new ruby on rails apps...

Rails 7 series | Ruby 7.0 adds disable_joins for associations

A description of a curios core class design decision made for happier coding

Metaprogramming in Ruby: Beginner Level This post is the first in a series focused on the application of Ruby metaprogramming. If you’re just starting to learn about metaprogramming, this is a great place to get started. For those who already know the basics, stay tuned for future installments that will cover intermediate and advanced topics. …

You must have used a ~/.bashrc or ~/.zshrc file to configure your environment. Did you know Ruby on Rails has a ~/.railsrc file that configures your Rails applications?

How, Why and When I TDD

Reading through Sandi Metz’s book Practical Object-Oritented Design in Ruby (POODR), I found myself yet again hit with several epiphanies…

Reacting to events with JavaScript is the foundation of a dynamic experiences on the web. Whether it's a click event or another typical action, responding

As makers, software engineers should adopt these 7 essential habits.

Sometimes want to skip certain validations on your database models. Maybe you have a multi-step wizard or want admins to have more freedom in changing data.

Learn how to integrate the FilePond upload library with Ruby on Rails' Active Storage framework.

From Rails 7.1 has_secure_password now includes a password_challenge accessor to validate it against the currently persisted password.