What is ReDoS? Regular expression Denial of Service (ReDoS) is a security vulnerability that can occur in a regular expression (regex) when the regex is applied to a long string. This attack is designed to make a system or network unavailable to its intended users. An example occurrence of a ReDoS Imagine that a website has a form that accepts user input and uses a regex to validate the input. The regex is designed to only allow alphanumeric characters in the input, so it looks like this: /^[a-zA-Z0-9]+$/. An attacker could potentially craft a string of input that consists of

Rails 7 has introduced the in_order_of method which allows to sort records in a specific order. There is a detailed explanation of it in the article Rails 7 adds in_order_of for ActiveRecord::QueryMethods and Enumerable. This is a follow-up article to that one, in which we will explore how the in_order_of method has been improved in Rails 7.1. Rails 7 adds in_order_of for ActiveRecord::QueryMethods and EnumerableRails 7 has added in_order_of method for ActiveRecord::QueryMethods and Enumerable to retrieve the data in an explicit order.Kiprosh BlogsSupriya Laxman MedankarAllows

In the era of content consumption where streaming platforms like YouTube and Netflix have millions of concurrent users, no one wants to wait more than a minute to consume anything, it must be available instantly! Streaming becomes a need in this situation. While downloading requires waiting until the entire file has been downloaded on your computer, streaming allows you to view downloaded portions of the material on the fly. This significantly reduces the waiting time. Let's see with the help of a small example how streaming was handled before Rails 7 and what changed after Rails 7. With Rails <

Rails 7.1 adds the raise_on_assign_to_attr_readonly config to config.active_record that is used to raise ActiveRecord::ReadonlyAttributeError error on assignment to attr_readonly attributes. The previous behavior would allow assignment but silently not persist changes to the database. Configuring config.active_record.raise_on_assign_to_attr_readonly In a newly created Rails 7.1 application, config.load_defaults 7.1 is set by default in application.rb. The default value of raise_on_assign_to_attr_readonly for config.load_defaults 7.1 is true and for config.load_defaults < 7.1

The query_constraints config introduced in Rails 7.1 is helpful for pre-setting the DB query constraints on the ActiveRecord models.

Rails 7.1 supports infinite ranges that can be used with Active Record length and inclusivity validators.

A blog about broadcasting turbo streams in Hotwire and solution to some of the common scenarios and issues faced while using them.

Rails provides the has_secure_password method, which makes it gloriously easy to implement authentication in our application. But we often need an extra layer of verification before allowing users to update certain fields. For e.g. Users must provide their “old” password when updating their email/password fields. Before Rails 7.1To implement this, we must manually add and validate the current_password accessor: # app/models/user.rb class User < ActiveRecord::Base has_secure_password attr_accessor :current_password end# app/controllers/passwords_controller.rb class PasswordsController < ApplicationController def update password_challenge = password_params.delete(:current_password)

Rails 7.1 adds the ability to define the number of locals a template can accept. To achieve this, add a locals magic comment inside the partial.

Ruby 3 has introduced an experimental feature called Ractors. In this article, let's learn more about Ractor with example usage.