- If your HTTP header’s
HTTP_CLIENT_IP is not equal to
HTTP_X_FORWARDED_IP, then rails 2.1 and above will consider it an IP spoofing attack and throw an exception! This is bad news for some traditional Apache->Mongrel setups. Solution is probably to change the apache HTTP headers, but we’re wondering exactly why this is a security problem for rails (and why they would break compatibility with the default apache setup from way back when)?
- Be careful when using
:case_sensitive => true AND a unique index at the database level. If your database is case insenitive, then rails will approve the uniqueness, but the database will fail the insert. Solution: be sure to use a collation type for the unique column that is case sensitive (such as binary in mysql).
- Rails 2.1+
:includes are way better than pre-2.1, but they are less compatible with conditions. Hence, rails falls back on the old style. Here’s when it might legitimately fall back:
User.find(:all, :include => :profile, :conditions => "profiles.gender = 'M'")
Because we reference the included table
profiles in the
:conditions, rails has no choice but to construct one giant query to fetch Users and their profiles, rather than a separate query. Here’s a case when it guesses wrong:
User.find(:all, :include => :profile,
:joins => "INNER JOIN comments ON comments.user_id = users.id",
:conditions => "comments.approved = 1")
Because the conditions references a table that is not
users, rails thinks it has to fall back to the old include style… but it’s wrong! Here’s how we tricked ActiveRecord into always using rails 2.1+ includes (note that we had to fix up a few queries that were referencing :inlcuded tables in :conditions to make this work):
One client decided that Web 2.0-style rounded corners are only needed in Firefox and Webkit-based browsers because they are “free” with CSS properties built in for those rendering engines:
-webkit-border-radius. Internet Explorer is going to be left in the 1.0 world, at least for now, due to the over head of managing rounded corners.
Feel free to promote your personal favorite rounded corner techniques in the comments.
Ask for Help
“We need to hide a flash widget without setting it to
display:none, which causes it to be loaded from the server again when
display:none is removed.”
Hit me with your div-hiding techniques!
- Move it off the screen with
- Shrink it down to nothing with
visibility:hidden;height:0;width:0 but watch out for any IE 6 minimum height/width issues
- Similar to the above, hide it with
- As suggested in 09/03, one project switched to using Solr for search indexing. We were warned that wide range queries might be slow (looking for a value between 1… 10000) could be very slow, but it is not, at least with 400K indexed documents. We’ll watch out for slowdowns as the number of indexes increases.
Ask for Help
“JSUnit tests do not show line numbers for assertion failures, which makes it hard to know which assertion failed. Suggestions?”
Have fewer assertions per test, or use the message argument, such as
assertEquals(foo, bar, 'foo should be the same as bar.').
“Is there any way to see test failure stack traces as soon as a test fails or errors? This would be especially nice for slow-running Selenium tests.”
A few Pivots remember hacking on
Test::Unit and Rspec to display failure details immediately, but more research is needed. Perhaps there’s a plugin?
“Design Adam’s beard!”
Pivot Adam is shaving is beard and is looking for facial hair suggestions. Over the years he has displayed many of the “standard” beards and mustaches, so it’s time to get creative. Look to The Quest For Every Beard Type for inspiration. Here is your canvas:
Ask for Help
“Is there something wrong with Net::SSH in the latest versions of Capistrano? I can’t deploy to localhost…”
Not that anyone knows of. Have you tried turning it off and on again? The power button… it’s the little glowing button on the front… the button on the front… Are you from the PAST?
“Is there a good ruby Gem or Plugin for working with the Google Charts API?”
One pair used gchartrb but abandoned it almost immediately. So far, it’s string << string << string.
Unfortunately not. Desert plugins should have an
Ask for Help
“We are getting 504 Gateway errors and we thing it is because our mongrels are freezing up do to inability to allocate memory, what to do?”
Without more info on the problem a few possibilities were suggested, such as the OS might be swap thrashing or the OS has no more memory to allocate.
One suggestion is to cut down your swap space to 0 in an attempt to verify that your mongrels are asking for too much, basically remove to OS swapping memory to disk from the equation.
Another suggestion is to boost your swap up to some insane size, also to take it out of the equation, the theory being that we know mongrel can leak memory, we trust the OS to keep the used memory in RAM, and we have plenty of disk space, so why put your OS in the position of not grating a mongrel what it is asking for.
Both solutions above don’t seem ideal but, whatever, we are pragmatists, and if we combine those with periodic monitoring of the system using top/ps/vmstat, at least your mongrel can keep running and this may give you time to figure out why mongrel may be so memory hungry