##How Homakov hacked GitHub and the line of code that could have prevented it
Please note: THIS ARTICLE IS NOT WRITTEN BY THE GITHUB TEAM or in any way associated with them. It's simply hosted as a Gist because the markdown formatting is excellent and far clearer than anything I could manage on my personal Tumblr at peternixey.com.
If you'd like to follow me on twitter my handle is @peternixey
| var parser = document.createElement('a'); | |
| parser.href = "http://example.com:3000/pathname/?search=test#hash"; | |
| parser.protocol; // => "http:" | |
| parser.hostname; // => "example.com" | |
| parser.port; // => "3000" | |
| parser.pathname; // => "/pathname/" | |
| parser.search; // => "?search=test" | |
| parser.hash; // => "#hash" | |
| parser.host; // => "example.com:3000" |
| class ActionDispatch::Routing::Mapper | |
| def draw(routes_name) | |
| instance_eval(File.read(Rails.root.join("config/routes/#{routes_name}.rb"))) | |
| end | |
| end | |
| BCX::Application.routes.draw do | |
| draw :api | |
| draw :account | |
| draw :session |
The following rules of programming style are excerpted from the book "The Elements of Programming Style" by Kernighan and Plauger, published by McGraw Hill. Here is quote from the book: "To paraphrase an observation in The Elements of Style by Strunk and White, the rules of programming style, like those of English, are sometimes broken, even by the best writers. When a rule is broken, however, you will usually find in the program some compensating merit, attained at the cost of the violation. Unless you are certain of doing as well, you will probably do best to follow the rules."
| * Only the releases of the stable versions are listed in principle. The releases of the unstable versions especially considered to be important are indicated as "not stable." | |
| * The branches used as the source of each releases are specified, and the branching timing of them are also shown. BTW, before subversionizing of the repository, the term called "trunk" was not used, but this list uses it in order to avoid confusion. | |
| * In order to show a historical backdrop, big conferences (RubyKaigi, RubyConf and Euruko) are also listed. About the venues of such conferences, general English notations are adopted, in my hope. | |
| * ruby_1_8_7 branch was recut from v1_8_7 tag after the 1.8.7 release because of an accident. | |
| * 1.2.1 release was canceled once, and the 2nd release called "repack" was performed. Although there were other examples similar to this, since the re-releases were performed during the same day, it does not write clearly in particular. | |
| * Since 1.0 was released with the date in large quantities, the mi |
| { | |
| "_links": { | |
| "self": { "href": "/orders" }, | |
| "next": { "href": "/orders?page=2" }, | |
| "find": { "href": "/orders{?id}", "templated": true } | |
| }, | |
| "_embedded": { | |
| "orders": [{ | |
| "_links": { | |
| "self": { "href": "/orders/123" }, |
| class UsersController < ApplicationController | |
| include ActiveModel::MassAssignmentSecurity | |
| attr_accessible :name, :age | |
| attr_accessible :name, :age, :admin, :as => :admin | |
| def create | |
| @user = User.create!(user_params) | |
| redirect_to @user | |
| end |
| # this is the easiest way to use partials from model I could find so far | |
| class Entry < AR::Base | |
| def as_json | |
| context = ApplicationController.new.view_context | |
| context.render('/api/entries/entry.json', entry: self) | |
| end | |
| end |
| # app/controllers/users/password_controller.rb | |
| class Users::PasswordsController < Devise::PasswordsController | |
| def resource_params | |
| params.require(:user).permit(:email, :password, :password_confirmation) | |
| end | |
| private :resource_params | |
| end |
