5:46 Play Subscribe with or Intro song by Falseta

Episode #291 - July 24th, 2012

9c5541e591a62dd93a2fd2d45b5732dd.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Olivier Lacan E1574ab5d4fc1e9178987de73c8f3c07.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Eric Allam

We talk about Sublime editing, implicit gemsets with Bundler & rbenv, really secure HTTPS with HSTS headers, easy graph output with Graphene and Rubies in Gemfiles thanks to Heroku's new Bundler 1.2.0-RC compatible Ruby buildpack.

Subscribe to our mailing list!

This episode is sponsored by Try Git. Still stuck in SVN land or not yet feeling comfortable with Git? Try Git is a great interactive way to get your feet wet, and best of all it's free.

  • Try Git
  • Sublime Text 2
  • Implicit Gemsets
  • HTTPS with HSTS
  • Graphene
  • Heroku & Bundler 1.2.0-RC
  • Ruby5

Living with HTTPS: HSTS Jump to Story

This interesting blog post by Adam Langley explains that redirecting people to HTTPS is not as secure as you might think. It leaves you vulnerable to man-in-the-middle attacks when the first request is HTTP, that one could intercepted before users are redirected to the HTTPS one. No what you want to do is to use a header called: strict-transport-security or HSTS. This way, it's not the user’s burden to decide whether a certificate is secure or not. With HSTS, users will not be able to access a page with a certificate that isn’t proper.

August 27, 2014

In today's episode we cover the new Rails 4.2beta, JSON API Resources, Country Select 2.0, Harpoon, Poodr course learning, and Feature Focus all while riding in our Roles Royce.

August 22nd, 2014

Semaphore is now free for open source projects, URL extraction with PostRank-URI, STI with JSON fields, a different approach to email validation, transit-rails, and the Pixel Perfect Precision Handbook all in this episode of the Ruby5!

August 19th, 2014

We talk about Rails 4.0.9 and 4.1.5, flatten records, introduce Http::Exceptions, manage configurations, and update Devise.

August 15th, 2014

Dokkufy, Rails Helpers, JRuby, Xiki and DHH code review