Archive for the ‘Uncategorized’ Category

Upgrading From Rails < 2.0.1 – Security Notice

Tuesday, September 8th, 2009

So when you’re upgrading your ghetto rails app that hasn’t been touched in a couple of years to the new hottness, make sure you check your filters.

Previously, in Rails < 2.0.1 if you returned false in a before filter, it would stop the processing of the action. In Rails >= 2.0.1, before_filters _must_ now redirect or render in order to halt the calling of the controller action.

This can be a large security issue if you are returning false in an authorize component. Make sure to update them to redirect or render a 403.

In our case, we also created a “errors” directory in our views directory to hold our 403.erb view which we now call where we used to return false only.

Previously:

return false

Now:

render ‘errors/403′, :status => 403 and return false

Posted in Uncategorized | No Comments »

Moving to Corvallis

Monday, April 7th, 2008

Looks like we are moving to Corvallis. Erin found this nice ’70s house that needs some updating. It is in a nice neighborhood and we should be able to fit in well. Now, to sell our current house!

Posted in Uncategorized | 3 Comments »

PCR: When you need to know who the daddy is.

Sunday, March 2nd, 2008

Posted in Uncategorized | No Comments »

Wedding

Sunday, July 1st, 2007

Just married this weekend. Yay!

:)

Pictures.

Posted in Uncategorized | 3 Comments »

Hi.

Tuesday, March 6th, 2007

Welcome. A change, for the better, I hope.
Please look around, at my Activities and l earn About Me. Leave a comment.

Posted in Uncategorized | No Comments »