Rails 3 提供了 match 方法供我们自定义 routes,然而我们要小心使用它以避免“跨站脚本攻击”(XSS Attack)。比如像这样的 routes:
注:(r3 代表 Rails 3,r4 代表 Rails 4)
# routes.rb
mtigas
/ nginx.conf
Last active
July 11, 2023 11:14
Nginx configuration for securedrop.propublica.org. (Based on Ubuntu 13.10 / Nginx 1.4.1 default config.)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This configuration file is provided on an "as is" basis, | |
| # with no warranties or representations, and any use of it | |
| # is at the user's own risk. | |
| # | |
| # You will need to edit domain name information, IP addresses for | |
| # redirection (at the bottom), SSL certificate and key paths, and | |
| # the "Public-Key-Pins" header. Search for any instance of "TODO". | |
| user www-data; | |
| worker_processes 4; |
plentz
/ nginx.conf
Last active
November 16, 2024 14:10
Best nginx configuration for improved security(and performance)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Basically the nginx configuration I use at konklone.com. | |
| # I check it using https://www.ssllabs.com/ssltest/analyze.html?d=konklone.com | |
| # | |
| # To provide feedback, please tweet at @konklone or email [email protected]. | |
| # Comments on gists don't notify the author. | |
| # | |
| # Thanks to WubTheCaptain (https://wubthecaptain.eu) for his help and ciphersuites. | |
| # Thanks to Ilya Grigorik (https://www.igvita.com) for constant inspiration. | |
| server { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Simple move this file into your Rails `script` folder. Also make sure you `chmod +x puma.sh`. | |
| # Please modify the CONSTANT variables to fit your configurations. | |
| # The script will start with config set by $PUMA_CONFIG_FILE by default | |
| PUMA_CONFIG_FILE=config/puma.rb | |
| PUMA_PID_FILE=tmp/pids/puma.pid | |
| PUMA_SOCKET=tmp/sockets/puma.sock |
Sjors
/ bitcoin-pay.rb
Last active
April 9, 2024 16:50
This script demonstrates how a bitcoin transaction is created and signed. Just pass in your own address and private key and it will prepare a transaction for you. You can then copy & paste that transaction into a webservice like Blockchain to send it. I wrote this mostly to understand better how it works. I sometimes had to "cheat" and look at t…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| require 'open-uri' | |
| require 'JSON' | |
| require 'digest/sha2' | |
| require 'pry' | |
| require 'bigdecimal' | |
| require 'bitcoin' # Because I need to cheat every now and then | |
| # Usage: | |
| # gem install pry json ffi ruby-bitcoin |
jaymcgavren
/ javascript_objects.md
Last active
September 12, 2018 09:23
In this screencast, Jay McGavren gives you a clear, no-nonsense look at Javascript objects. You'll learn how properties and functions are woven together to make a complete object. You'll learn what's special about constructor functions (not that much), and how prototypes form the basis for creating new objects. If you're ready to take the next s…
sashazykov
/ bitcoin_address_validator.rb
Created
January 9, 2013 09:04
Rails 3 bitcoin address validator. Validator syntaxis: validates :address, :bitcoin_address => true, :presence => true
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'digest' | |
| class BitcoinAddressValidator < ActiveModel::EachValidator | |
| def validate_each(record, field, value) | |
| unless value.blank? || valid_bitcoin_address?(value) | |
| record.errors[field] << "Bitcoin address is invalid" | |
| end | |
| end | |
| private |
coffeencoke
/ README.md
Last active
May 19, 2017 08:02
Use a sub directory as a rails application's url root rails 3, nginx, unicorn
Among applying the changes in the other files in this gist, you need to symlink the directory you are serving the app with in the root app's public directory so that NGINX can serve the static files in the sub-app.
For example, if you have an app at /home/coffeencoke/apps/app.coffeencoke.com/current/public as your root app, and you have the sub app served at http://app.coffeencoke.com/admin, then you need to symlink /home/coffeencoke/apps/admin-app.coffeencoke.com/current/public to /home/coffeencoke/apps/app.coffeencoke.com/current/public/admin like so:
ln -s /home/coffeencoke/apps/admin-app.coffeencoke.com/current/public /home/coffeencoke/apps/app.coffeencoke.com/current/public/admin
##Refs
NewerOlder