5:46 Play Subscribe with or Intro song by Falseta

Episode #291 - July 24th, 2012

E1574ab5d4fc1e9178987de73c8f3c07.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Eric Allam 9c5541e591a62dd93a2fd2d45b5732dd.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Olivier Lacan

We talk about Sublime editing, implicit gemsets with Bundler & rbenv, really secure HTTPS with HSTS headers, easy graph output with Graphene and Rubies in Gemfiles thanks to Heroku's new Bundler 1.2.0-RC compatible Ruby buildpack.

Subscribe to our mailing list!

This episode is sponsored by Try Git. Still stuck in SVN land or not yet feeling comfortable with Git? Try Git is a great interactive way to get your feet wet, and best of all it's free.

  • Try Git
  • Sublime Text 2
  • Implicit Gemsets
  • HTTPS with HSTS
  • Graphene
  • Heroku & Bundler 1.2.0-RC
  • Ruby5

Living with HTTPS: HSTS Jump to Story

This interesting blog post by Adam Langley explains that redirecting people to HTTPS is not as secure as you might think. It leaves you vulnerable to man-in-the-middle attacks when the first request is HTTP, that one could intercepted before users are redirected to the HTTPS one. No what you want to do is to use a header called: strict-transport-security or HSTS. This way, it's not the user’s burden to decide whether a certificate is secure or not. With HSTS, users will not be able to access a page with a certificate that isn’t proper.

December 16, 2014

This week we have Streem, Rails 4.2.rc3, Papercrop, and RubyMotion 3.0.

December 9, 2014

This week we have a jRuby security release, a new Command API for ROM, Traveling Ruby, early validations, easy rewrites with Ruby and Science!, and a Rails Camp not too far from Hobbiton.

December 5th, 2014

RubyConf 2014 on Confreaks, browser geolocation with Spyme, referential integrity with foreign keys, forwarding messages with tell, and free SecCasts all in this episode of the Ruby5.

December 2, 2014

In this episode we yap about Rails 4.2 RC1, Opal, Deployment, Interpol, Sportdb, Service Objects, and Emails.