Posts tagged "rails"
Devise version 4.7.1 was released with a fix for an edge case that could confirm accounts by mistake. We’ll explain now in details what is the issue, how it was fixed and which actions you might want to take in your applications. Description We received a security report saying that it was possible to confirm … »
Tags: devise, rails, Posted in English, Comments Off on Improve confirmation token validation in Devise (CVE-2019-16109)
In the past, we have been asked to include other authentication methods in Devise (e.g. token-based and magic email links). Although it might make sense to include those for some applications, there is no plan to support them in Devise. But don’t be upset, it turns out you might not need to override Devise’s SessionsController … »
Tags: devise, rails, Posted in English, Comments Off on Custom authentication methods with Devise
No Postgres existe a opção de salvar dados como JSON – o que pode ser muito útil especialmente quando temos muitas incertezas quanto aos requisitos de negócio que ajudariam na modelagem das tabelas. A flexibilidade de poder armazenar os dados sem se preocupar com a estrutura das tabelas parece interessante, porém qual o impacto disso … »
Tags: rails, Posted in Português, Comments Off on Índices para JSONB no Postgres
I’ve been working on Plataformatec for 5 years and one common mistake that I see developers making is hiding the error, instead of fixing the problem. This kind of behaviour can turn your product full of problems quickly by having a codebase with unnecessary defensive programming. Let’s explore that by taking a look at an … »
Tags: code, elixir, rails, Posted in English, Comments Off on Stop hiding the error and start fixing the problem
The Rails 5 release candidate is out, bringing new improvements that will make your life as a developer easier. Probably you are excited to update your application to the new major Rails release, but you may have some concerns. It is normal, updating your application to fit the new version may bring an unknown number … »
Tags: rails, rails 5, ruby, Posted in English, 2 Comments »
The article below was originally written by Kasper Timm Hansen (@kaspth on github & twitter) about his work during the Google Summer of Code 2013. Kasper and I worked a lot changing the underlying implementation of the sanitize helper to give Rails developers a more robust, faster and secure solution to sanitize user input. This … »
Tags: rails, Posted in English, 9 Comments »