jfire6

- friends
1,008 link karma
63 comment karma
send messageredditor for
what's this?

TROPHY CASE


  • Five-Year Club
sorted by:
new
hottopcontroversial

0
1

How to securely bootstrap JSON in a Rails view (jfire.io)

submitted ago by jfire6 to rails

Ruby 1.9.3-p194 is released, includes security fix for rubygems by burkein ruby

[–]jfire6 1 point2 points ago

RubyGems 1.8.23 is also out with the same fix.

Two security issues were fixed:

  • RubyGems did not validate SSL certificates (the dreaded OpenSSL::SSL::VERIFY_NONE problem).
  • RubyGems allowed HTTPS-to-HTTP redirects. And in fact rubygems.org did redirect gem downloads from HTTPS to HTTP (also fixed).

Either of these mean that an attacker could MITM your gem install or bundle install and give you malicious gem contents. You'd be owned when you required the gem -- possibly sooner, in fact, because gem install itself provides mechanisms for arbitrary code execution.

It's also important to note that RubyGems does not default to HTTPS. I highly recommend using source "https://rubygems.org" in your Gemfile and the following in your ~/.gemrc:

:sources:
  - https://rubygems.org

2
3

Why Ember.js doesn't use property descriptors (jfire.io)

submitted ago by jfire6 to javascript

0
1

Code Archaeology with Git (jfire.io)

submitted ago by jfire6 to git

0
1

Code Archaeology With Git (jfire.io)

submitted ago by jfire6 to programming

20
21

Xcode 4.3, Homebrew, and Ruby (jfire.io)

submitted ago by jfire6 to ruby

5
6

Matcha: an alternative to Jasmine for testing your Rails application's JavaScript (github.com)

submitted ago by jfire6 to rails

2
3

Mt Penanjakan Viewpoint, Bromo Tengger Semeru National Park, East Java, Indonesia [1024x1024] (flickr.com)

submitted ago by jfire6 to VillagePorn

The famous "Horns of Paine" bathed in sunrise light, Torres del Paine National Park, Chile. [750x508]. © Ian Plant. by defabc456123in EarthPorn

[–]jfire6 -5 points-4 points ago

This is photoshopped. The foreground and background are two different photos.

8
9

Class Coercion in Ruby (mutuallyhuman.com)

submitted ago by jfire6 to ruby

sorry, this has been archived and can no longer be voted on

5
6

Making sense of constant lookup in Ruby (jfire.posterous.com)

submitted ago by jfire6 to ruby

sorry, this has been archived and can no longer be voted on

5
6

rubygems 1.4.0 released (rubygems.rubyforge.org)

submitted ago by jfire6 to ruby

sorry, this has been archived and can no longer be voted on

1
2

Selenium on Ruby (jfire.posterous.com)

submitted ago by jfire6 to ruby

sorry, this has been archived and can no longer be voted on

10
11

The Incompetence of American Airlines & The Fate of Mr. X (dustincurtis.com)

submitted ago by jfire6 to reddit.com

sorry, this has been archived and can no longer be voted on

5
6

On July 9, 1958, an earthquake and landslide in Lituya Bay, Alaska triggered a mega-tsunami wave that rose to a height of 1,720 feet (516 m) (drgeorgepc.com)

submitted ago by jfire6 to science

sorry, this has been archived and can no longer be voted on

16
17

On cursor preservation in collaborative editors (neil.fraser.name)

submitted ago by jfire6 to programming

sorry, this has been archived and can no longer be voted on

37
38

C++ Intellisense in VS2010 (blogs.msdn.com)

submitted ago by jfire6 to cpp

sorry, this has been archived and can no longer be voted on

45
46

Code Rush — the commercially-unavailable documentary from 2000 about the open-sourcing of the Netscape code base and the beginning of the Mozilla project — is in the Creative Commons (waxy.org)

submitted ago by jfire6 to programming

sorry, this has been archived and can no longer be voted on

0
1

Django 1.1 status update (groups.google.com)

submitted ago by jfire6 to reddit.com

sorry, this has been archived and can no longer be voted on

0
0

Have you been avoiding e-books because they just don’t smell right? Here's your solution. (makersofuniverses.com)

submitted ago by jfire6 to reddit.com

sorry, this has been archived and can no longer be voted on

source code to django project that runs everyblock.com released by TheKCGuyin Python

[–]jfire6 0 points1 point ago

sorry, this has been archived and can no longer be voted on

Yeah, I noticed they aren't using reverse() or the url template tag anywhere. Wonder why not.

40
41

EveryBlock.com, a major Django-powered website by Django co-creator Adrian Holovaty, has been open sourced (blog.everyblock.com)

submitted ago by jfire6 to programming

sorry, this has been archived and can no longer be voted on

18
19

Source code released to EveryBlock.com, website from the co-creator of Django (blog.everyblock.com)

submitted ago by jfire6 to django

sorry, this has been archived and can no longer be voted on

0
1

China's New Mandatory Censorware Creates Big Security Flaws (freedom-to-tinker.com)

submitted ago by jfire6 to reddit.com

sorry, this has been archived and can no longer be voted on

0
0

Attack of the Zombie Photos (lightbluetouchpaper.org)

submitted ago by jfire6 to programming

sorry, this has been archived and can no longer be voted on

view more: next

Use of this site constitutes acceptance of our User Agreement and Privacy Policy. © 2012 reddit inc. All rights reserved.

REDDIT and the ALIEN Logo are registered trademarks of reddit inc.

π Rendered by PID 30005 on app-48 running e1a6304.