Aug 31st, 2006

Comments: 0
Category: Ruby On Rails
Read More

Cool one way to deal with the rapidly moving rails

Well no sooner than I blog about the problems falgged up by Kevin Clark’s post on changes to the recommended styles for rails code, but someone comes up with an idea for Finding Old Rails Code Although it could be controversial if some of the findings are more of preferred style than deprecated features it’s […]

Aug 31st, 2006

Comments: 0
Category: Ruby On Rails
Read More

One of the problems of using a developing framework

Is that things change all the time, and keeping track of what’s changed can be tricky. There’s a list of Things You Shouldn’t Be Doing In Rails over at the Gluttonous blog, and from that in the comments I found another link on using params and not @params. This is all good stuff, but if […]

Aug 30th, 2006

Comments: 0
Category: Web Security
Read More

whups sounds like someone forgot to get a Pen.Test done

O2 closes call records site after security flap | The Register whenever I read this kind of story it makes me reckon that the victims probably hadn’t had a recent Pen. test done, and the kind of URL manipulation described would likely have been picked up by most testers. However kudos to O2 for admitting […]

Aug 30th, 2006

Comments: 0
Category: Web Security
Read More

Good post on the dangers of XSS

TaoSecurity: Why 0wn When You Can XSS I’ve come across a lot of postings where people doubt the impact of XSS, this post is a good exmaple of why it can be pretty serious. Replacing content on trusted news sites is an interesting attack which could be leveraged in a number of ways (pump-dump stock […]

Aug 30th, 2006

Comments: 0
Category: Ruby On Rails
Read More

CentOS ruby mysql plugin problem – solution

End to the madness, or “How to install the ruby mysql adaptor on CentOS” Here’s one solution to a problem I’m having at the moment where I’m trying to install the ruby mysql plugin on a CentOS machine. another note is that in order to get rails working you need to get the ruby 1.8.4 […]

Aug 28th, 2006

Comments: 0
Category: Ruby On Rails
Read More

solution for in_place_editor problem

in_place_editor_field and blank values One of the problems I’m having with my to do list application is when using the cool AJAX’y in_place_editor field I cant’ update an empty field… Anyway the link above looks like a solution to try. [Update] Yep that works… initially I didn’t seem to be able to get it working […]

Aug 27th, 2006

Comments: 0
Category: Ruby On Rails
Read More

Migrations Posting

Rubycon : Weblog One of the more useful features of rails is migrations, which remove the requirement to write database specific SQL statement and therefore make moving platforms easy… anyway the docs are pretty sparse as to what can actually be put in a migration as options, and this post seems to fill in some […]

Aug 27th, 2006

Comments: 1
Category: Ruby On Rails
Read More

fix for in_place_editing problem I had

One of the cool things about rails is the Scriptalicious javascript library which you get as part of rails. I’ve just been trying to add in place editing to some of the fields in my app and I encountered a problem with way it’s implemented in conjunction with the way I was decribing the view. […]

Aug 27th, 2006

Comments: 0
Category: Ruby On Rails
Read More

Ruby On Rails

Well I’ve been meaning to post some of this stuff for a while. I’ve been doing some Ruby On Rails (RoR) development for a while now, more to teach myself than to create any spectacular applications. Anyway as you do I’ve run across a variety of intersesting sources of information about rails as I built […]

Aug 25th, 2006

Comments: 0
Category: General Security
Read More

Sitekey vulnerabilities article

SiteKey-20060718.pdf (application/pdf Object) An article detailing some problems with the SiteKey implementation at BofA. I must say I’m not surprised by the one about real-time MITM bypassing the problem, but I’m a little surprised about one of the security processes for login being waived once the user clicks a button on a given PC and […]