Skip to content

Instantly share code, notes, and snippets.

View dannluciano's full-sized avatar
🏠
Working from home

Dann Luciano dannluciano

🏠
Working from home
134 followers · 144 following
View GitHub Profile
@rafaelp
rafaelp / gist:1976687
Created March 5, 2012 04:55
A solution to a more obscure problem related to the "vulnerability" of mass assignment:
# account.rb
class Account < ActiveRecord::Base
has_many :users
has_many :services
end
# user.rb
class User < ActiveRecord::Base
belongs_to :account
end
@wycats
wycats / security.md
Created March 4, 2012 18:06

Proposal for Improving Mass Assignment

For a while, I have felt that the following is the correct way to improve the mass assignment problem without increasing the burden on new users. Now that the problem with the Rails default has been brought up again, it's a good time to revisit it.

Sign Allowed Fields

When creating a form with form_for, include a signed token including all of the fields that were created at form creation time. Only these fields are allowed.

To allow new known fields to be added via JS, we could add:

@rafaelp
rafaelp / gist:1925879
Created February 27, 2012 18:01
Is Ruby Javascript like?
ruby-1.9.2-p290 :001 > 0/0
ZeroDivisionError: divided by 0
from (irb):1:in `/'
from (irb):1
from /Users/rafael/.rvm/rubies/ruby-1.9.2-p290/bin/irb:16:in `<main>'
ruby-1.9.2-p290 :002 > 1.0/0
=> Infinity
ruby-1.9.2-p290 :003 > 0.0/0
=> NaN
ruby-1.9.2-p290 :004 >
@Gozala
Gozala / example.js
Created January 29, 2012 03:46
Workaround for lack of "tail call optimization" in JS
// Lack of tail call optimization in JS
var sum = function(x, y) {
return y > 0 ? sum(x + 1, y - 1) :
y < 0 ? sum(x - 1, y + 1) :
x
}
sum(20, 100000) // => RangeError: Maximum call stack size exceeded
// Using workaround
@burke
burke / 0-readme.md
Created January 27, 2012 13:44 — forked from funny-falcon/cumulative_performance.patch
ruby-1.9.3-p327 cumulative performance patch for rbenv

ruby-1.9.3-p327 cumulative performance patch for rbenv

This installs a patched ruby 1.9.3-p327 with various performance improvements and a backported COW-friendly GC, all courtesy of funny-falcon.

Requirements

You will also need a C Compiler. If you're on Linux, you probably already have one or know how to install one. On OS X, you should install XCode, and brew install autoconf using homebrew.

@joshuaclayton
joshuaclayton / cream_and_sugar.rb
Created December 27, 2011 06:01
require "money"
class Decorator < BasicObject
undef_method :==
def initialize(component)
@component = component
end
def method_missing(name, *args, &block)
@wisq
wisq / gist:1507733
Created December 21, 2011 21:14
Why I love zsh (and hate being forced to use bash)

Why I love zsh (and hate being forced to use bash)

  • Smarter completion. A few examples:
  • context sensitive -- if you have file "name1" and directory "name2", "cd nam<TAB>" completes to "name2/"
  • "tar xf <TAB>" completes to tarballs only. "unrar x <TAB>" completes to RARs only. etc.
  • rsync / scp completion: "rsync host:anything/<TAB>" shows you files on host under anything/
  • also works with rsync:// URLs
  • SSH host completion from ~/.ssh/config & ~/.ssh/known_hosts
  • lots of other smart completions: Rake tasks, git commands & SHAs, dpkg packages, dash-options for most commands, etc etc.
@peterc
peterc / dnsd.rb
Created December 2, 2011 23:47
Simple, scrappy UDP DNS server in Ruby (with protocol annotations)
# Simple, scrappy UDP DNS server in Ruby (with protocol annotations)
# By Peter Cooper
#
# MIT license
#
# * Not advised to use in your production environment! ;-)
# * Requires Ruby 1.9
# * Supports A and CNAME records
# * See http://www.ietf.org/rfc/rfc1035.txt for protocol guidance
# * All records get the same TTL
@nicholasjhenry
nicholasjhenry / your_application.rb
Created October 22, 2011 04:56
PayRoll application, embedded in Rails, borrowing from Use Case Driven Architecture and DCI
## PayRoll gem
# lib/pay_roll.rb
module PayRoll
class << self
attr_accessor :employee_directory
def config
yield self
end
end
@wtaysom
wtaysom / where_is.rb
Created September 23, 2011 08:57
A little Ruby module for finding the source location where class and methods are defined.
module Where
class <<self
attr_accessor :editor
def is_proc(proc)
source_location(proc)
end
def is_method(klass, method_name)
source_location(klass.method(method_name))