Posted by Michael Hendrickx
on October 05, 2011
Javascript,
rails /
1 Comment
For a new web project, I’ve been looking at Rails 3.1, the latest update of the popular Ruby on Rails web application framework.
Although I just started on it, and haven’t seen all the goodness, one thing that raised my eyebrows is how static content a la CSS and JavaScript is handled, through an asset pipeline.
In a nutshell, since I’m doing the JQuery bit of the site now, wouldn’t it make much more sense to fetch the libraries from CDN’s, cache the remaining recurring libraries in Nginx (or Apache), and leaving the page specific bits in one big <script> tag, instead of pushing all in a bloated application.js page?
Then again, although I think Rails was what the web community needed, I always had my ideas about frameworks.
Thanks,
Michael
Posted by Michael Hendrickx
on December 07, 2010
code,
rails /
2 Comments
In Ruby on Rails, authenticity tokens are generated to prevent CSRF (Cross Site Request Forgery) attacks. These tokens generate a unique “identifier” to prevent other website from making requests on your behalf, or so-called “session riding”.
In Ruby on Rails, to have this identifier available for you, you need to put <%= csrf_meta_tag %> in your view, usually in app/views/layouts/application.html.erb. This tag creates something like:
<meta name=”csrf-param” content=”authenticity_token”/>
<meta name=”csrf-token” content=”uDDuQj14CCJ…”>
If you create your own AJAX functions, say with JQuery, you would need these values in order to have rails handle your request. This can be done using the following:
var param = $(‘meta[name=csrf-token]‘).attr(‘content’);
Which you can use then in your AJAX requests
$.post(‘/post’, { body: $(‘#post_body’).val(), authenticity_token: param }, function(data){
var ret = jQuery.parseJSON(data);
if(ret.status==”ok”) {
…
Tags: jquery, rails, ruby on rails
Posted by Michael Hendrickx
on November 07, 2010
rails /
No Comments
In Rails,
j = points.size -1
is not equal to
j = points.size - 1
Wouldn’t it be easier if Parentheses were mandatory, so that we could see the difference between:
j = points.size -1
and
j = points.size(-1)
Tags: rails, ruby on rails
Posted by Michael Hendrickx
on September 29, 2010
code,
misc,
rails /
1 Comment
On places.ae, we got notified of some issues with Facebook signups and logins. All of the sudden, when the Facebook OAuth service pushed us back to our redirect-page, the HyperGraph Gem threw the following error:
FacebookError: OAuthException – Invalid OAuth access token
This is often thrown because the Access Token could contain a | (pipe) character, which gets encoded to %7C, and this makes HyperGraph choke a bit. So a simple gsub(‘%7C’,'|’) will solve it, such as the code below:
at = HyperGraph.get_access_token(FB_ID, FB_SECRET, FB_RET, code)
at = at.gsub(‘%7C’,'|’)
g = HyperGraph.new(at)
me = g.get(‘me’)
Thanks,
Michael
