1. JSON-P output with Rails

    At the recent Web Directions 06 conference Cameron Adams and Sitepoint’s own Kevin Yank gave a talk on Mashups and APIs, with a mention of JSON-P. JSON-P is a method of wrapping the JSON output of your API calls to allow other developers to call your API from within their page, bypassing the browser security […]

  2. Roll your own dispatch reaper script

    If you haven’t used it before, the reaper script is useful for restarting your Rails application’s FastCGI dispatchers. It’s seems the reaper script in Edge rails now relies on the existance of PID files in the tmp/pids directory. If you want to replicate the old functionality, create your own ruby script and override the capistrano […]

  3. Timing out and retrying calls to third parties

    When calling third parties you want to set them a sensible timeout, and you also might want to make a few attempts before giving up. Here’s a relatively succinct way to accomplish this in Ruby (3 attempts, each with a timeout of 5 seconds): 3.times do begin Timeout::timeout(5) do # Call your third party (for […]

  4. The effect of using Rails fragment caching

    Rails provides a few caching techniques, one of which is a fragment cache. The fragment cache is a dead-easy way to cache bits of your view. After checking that your queries are doing sensible things, the next often slowest part of the Rails stack is view rendering, especially if there’s lots of URL generation involved. […]

  5. Rails 1.1.5 security fix release

    The Rails team have released another security update, 1.1.5. Update your code/environment.rb to point to the new gem version, or go grab 1.1.5 and put it in your application’s vendor directory.

  6. Securing your production.log

    By default Rails logs all your POST parameters in both development and production. If you are accepting credit card numbers, passwords or other sensitive information then all this data will end up in plain text in your production.log file. Not very cool. Changing your log level to :warn prevents the logging of requests and their […]

  7. Installing and managing edge Rails

    By request, I’ll give you a quick rundown on how to develop against the latest version of Rails. Why would you want to do this? You might be working on a brand new app that’ll be in development for a while, so stability is not a great concern. Maybe you wanna be the cool kid […]

  8. Using AR::Associations to limit find() scope

    In an ecommerce application I’m currently building there’s a URL for destroying a line item in the user’s cart: Like all good web coding monkeys should, I’m going to need to check that the LineItem with id 16 is actually owned by the user before destroying it. Sounds obvious? Well scarily there are plenty […]

  9. Rails 1.1.4 security fix release

    If you haven’t done so yet, go grab the latest Rails 1.1.4 update which fixes a security hole in route processing. You can read more about the release on the official announcement (as well as the announcement for 1.1.3).