Tonight I found a plugin to auto escape html in order to protect from XSS attacks. I’m not sure why rails doesn’t do it out of the box (you have to use h() helper). Anyway the plugin is called xss_terminate and it can be found here. The cool thing about it is that now you can forget about h() 
.
I’ve created simple rails initiator in order to start Sphinx through daemon_controller based on the Thinking Sphinx configuration. I hope it will help somebody.
require 'daemon_controller' def before_start if not ThinkingSphinx.define_indexes? config = ThinkingSphinx::Configuration.instance cmd = "#{config.bin_path}#{config.indexer_binary_name} --config \"#{config.config_file}\" --all" cmd << " --rotate" if ThinkingSphinx.sphinx_running? system cmd end end if defined?(ThinkingSphinx) if not ThinkingSphinx.sphinx_running? conf_instance = ThinkingSphinx::Configuration.instance @controller = DaemonController.new( :identifier => 'Sphinx search server', :start_command => "#{conf_instance.bin_path}#{conf_instance.searchd_binary_name} --pidfile --config \"#{conf_instance.config_file}\"", :before_start => method(:before_start), :ping_command => lambda { TCPSocket.new(conf_instance.configuration.searchd.address, conf_instance.configuration.searchd.port) }, :pid_file => conf_instance.configuration.searchd.pid_file, :log_file => conf_instance.configuration.searchd.log) @controller.start end end
I found really nice description of rails initialization process here.
Very often when looking at the code in rails plugins you can run into this:
module Taggable def self.included(base) base.extend(ClassMethods) end module module ClassMethods #methods here end end
This is a part of a bigger pattern which is shown below:
module ModuleA def self.included(base) # add class methods from ModuleB base.extend(ModuleB) end end module ModuleB def act_as_hello p "hello from module B" end end class ClassC #class body here end # include moduleA in classC ClassC.send(:include, ModuleA) class ClassD < ClassC act_as_hello end classD = ClassD.new
The pattern is used often when developing plugins with ActiveRecord. What we gain by inheriting from ClassC (class ClassD < ClassC) are instance methods from ModuleA. This is done by:
ClassC.send(:include, ModuleA)
Moreover since ModuleA is included in ClassC, ModuleA’s initializer def self.included(base) will be invoked at the time ModuleA is mixed with ClassC. The invocation will call base.extend(ModuleB). In this case base represents ClassC which will be extended by adding class methods from ModuleB. The ModuleA’s init method is shown again below:
def self.included(base) # add class methods from ModuleB to ClassC base.extend(ModuleB) end
At the end our ClassD has now access to all class methods defined in ModuleB. act_as_hello will be called during ClassD initialization:
class ClassD < ClassC act_as_hello end
Few nice capistrano recipes which may help you automate Ubuntu Server setup: