similar to: script injection/cross-site scripting protection

"Beast" is more appropriate than you know. It''s definately Frankenstein code. (read: it ain''t pretty, but it works - some of the time). Anyway, it entertains my wife; not sure if hardcore programmers will get anything out of it or not. You might find it interesting (or pointless) that in a complete bastardization of rails'' main reason for being it

We are using Rails for a project that must integrate with a legacy database. Is there a way to get Rails to automatically set the timestamp for a column named something other created_on or updated_on ? Also, how does one manipulate the size of the database connection pool? Dennis Byrne -------------- next part -------------- An HTML attachment was scrubbed... URL:

I have been frustrated with J2EE technology just like any other developer who has worked in that technology for a long time. This made me learn about Rails and I was excited about RoR. Today I came across JBoss Seam framework and I am not able to contain my excitement. My passion for JEE development is back. It seems like it is better than RoR. I would like to hear differnt opinions about this

When routing requests to more than one fcgi process, what are my options with Rails? Are most people in the community just using some form of session affinity? Dennis Byrne -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060711/2a366faa/attachment.html

If I want to wrap two account updates, the syntax is ... Account.transaction(dennis, david) do dennis.withdraw(10); david.deposit(10); end .. where both dennis and david are instances of Account. Can someone please let me know what the syntax is for starting and ending a *single* database transactions which spans two *different* kinds of models/tables ? Dennis Byrne -------------- next

I recently built an RSS feed in Ruby, and it seemed to work fine. Now, when I generate my xml file, I''m getting an error because of an invalid character. The character is a simple apostrophe on the word >> I''m << Is there something that I should be doing for this? Like, specify a certain encoding, or inside of my <description></description> tags,

Being new to testing and ruby, are there "standard" tests that can be done that test for things like cross site scripting and friends? If not, anyone have ideas on what I might do about testing those sorts of things? I''ll be using rails, also. Mike B. ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging

I was trying to convert a some text with the (r) character it so it replaced character \xAE with &reg; h(@item.description) didn''t do anything. I need to use @item.description.grep(/\xAE/,''&reg;'') for it to work. I think the h() function should be able to do all the codes that are available. Regards Neil.

I am seeing a curious anomaly with the inspect method. It displays one of the objects in a way I don''t understand. I''ll use the Recipes example to illustrate. First, I''ll describe the recipes table, then show how the @recipe variable is being created in the controller and passed in to the show view, and then show how I''m using the

according to the documentation, only the url_for from ActionView escape the URL. which happens on this line escape ? html_escape(url) : url and can be prevented by passing :escape => false to url_for. still according to the documentation, the url_for from ActionController is not supposed to escape the url. BUT IT DOES. at the moment of this line escape ? html_escape(url) : url url has

My organization has a policy against "installing software downloaded from the Internet." There is a waiver procedure, but it is difficult and lengthy. It is much easier to get approval to purchase software, even if it is a CD copy of open-source. However, a search on r-project.org didn't seem to show any way of obtaining the distribution in this way. Any clues would be

My organization has a policy against "installing software downloaded from the Internet." There is a waiver procedure, but it is difficult and lengthy. It is much easier to get approval to purchase software, even if it is a CD copy of open-source. However, a search on r-project.org didn't seem to show any way of obtaining the distribution in this way. Any clues would be

Hi, Can you help me.....I have downloaded the latest version of samba 3.0.0. After having followed the instructions to configure & compile etc I am getting the following error message when I run the command smbstatus. smbstatus Error trying to resolve symbol 'init_module' in /usr/local/samba/lib/charset/CP850.so: ld.so.1: smbstatus: fatal: /usr/local/samba/lib/charset/

hello, I have today updated my rails app to 3.0.4 security release but now this yield :javascripts fails in the layout and I get my custom js escaped as text in the view. anybody seeing this also? tia, jk -- www.least-significant-bit.com -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to

ERROR: undefined method `h'' for ERB::Util:Module i get above error when i use ERB::Util.h(content) in my controller''s action. can any one one tell me how to use this ''h'' method within controller? thanks, Jigar Gosar http://jigar.org -- Posted via http://www.ruby-forum.com/.

Hi Railers, For some time now I''ve been looking for a decent Rails equivalent of PHP''s "htmlentities" command, because ERB''s html_escape (or more commonly called as just "h", eg. <%=h @somevariable %> ) just doesn''t go far enough for me. Back in PHP land, I actually had an extended version of the htmlentities command to deal with

I''m sure a real newbie question, but try searching for ''h'' in any search engine and you don''t get far. I am wondering what the h does in Ruby as in the code below: <%= h(truncate(product.description, 80)) %> -- Posted via http://www.ruby-forum.com/.

Is there available in R a generalized inner product or matrix product, similar to 'outer(x,y, fun)', where one can specifiy an arbitrary function in place of ordinary multiplication? Here's my application. I frequently analyze user questionnaires from our HR/training department. These have questions of the form "please rate your skill in task X", and other questions

On 11/22/2016 3:50 PM, Dr. Mikeal Hughes wrote: > When you go to the Dell Linux site and choose shop now you are taken to a page featuring Windows 10 machines. [OT rant] a pet peeve... webpile redesigns that mess everything up. I was looking for info on the BLM (Bureau of Land Management) website last night, and they'd totally redone the entire mess, it was all slick and web 3.0-ish,

Hello, Is there a common way of stripping html tags from a string? Right now I''m just calling gsub!(/<.*?>/, ''''), but with a background in PHP and always having used its strip_tags() method, I wonder if the Rails community has standardized this fairly common task with something a bit less simpleminded than my quick fix. Thanks! Zack -------------- next part