What is ReDoS? Regular expression Denial of Service (ReDoS) is a security vulnerability that can occur in a regular expression (regex) when the regex is applied to a long string. This attack is designed to make a system or network unavailable to its intended users. An example occurrence of a ReDoS Imagine that a website has a form that accepts user input and uses a regex to validate the input. The regex is designed to only allow alphanumeric characters in the input, so it looks like this: /^[a-zA-Z0-9]+$/. An attacker could potentially craft a string of input that consists of

Rails 7.1 supports infinite ranges that can be used with Active Record length and inclusivity validators.

Ruby 3 has introduced an experimental feature called Ractors. In this article, let's learn more about Ractor with example usage.

Let's explore how we can use Chrome Dev Tools Protocols(CDP) with Capybara. We will look at headers, cookies, and cache manipulation using CDP

Let's look at how to reduce the complexity of the automation script by combining the cucumber Data table and the scenario outline.

debug is Ruby's new default debugger included in Ruby 3.1. This new debugger has replaced byebug in Rails 7. Not only does debug provide us with a wide range of functionality, but it also provides some advanced features. In this article, we will explore and understand a few advanced features of debug. 1. Seamless integration with VSCode Below steps can be followed to integrate debug gem in VSCode. Install extension VSCode rdbg Ruby Debugger - Visual Studio Marketplace in your VSCode.Open the file you want to debug in the VSCode.Register the breakpoint by clicking on the line

One of the most convenient features of Rails is the ability to track attribute changes. Rails 7 is releasing soon and bringing in a lot of new features as a treat for developers. One of the many features that Rails 7 is introducing, is that we can also track the associated object. This Rails ActiveRecord specific PR has added two methods for tracking the changes for the belongs_to association. In this article, we will discuss these two new methods with the help of examples. 1. association_changed?The association_changed? method tells if a different associated object has been

Rails 7 is introducing a new method invert_where that will invert all scope conditions. It allows us to invert an entire where clause instead of manually applying conditions. We can either chain invert_where to a scope or to a where condition. class Account scope :active, -> { where(active: true) } end Account.active.invert_where => "SELECT \"accounts\".* FROM \"accounts\" WHERE \"accounts\".\"active\" != 1"Account.where(active: true).invert_where => "SELECT \"accounts\".* FROM \"accounts\" WHERE \"accounts\".\"active\" != 1"What are the various side effects of using invert_where?1. The invert_where method inverts all the where

Most of the time in a web application, a single API request consists of multiple database queries. For example: class DashboardsController < ApplicationController def dashboard @users = User.some_complex_scope.load_async @products = Product.some_complex_scope.load_async @library_files = LibraryFile.some_complex_scope.load_async end end Quoting snippet from load_async PR description from rails repository. The queries are executed synchronously, which mostly isn’t a huge concern. But, as the database grows larger in size, the response time of requests is getting longer. A significant part of the query time is often just I/O waits.

We had previously talked about the Serialization formats and How Serialization is implemented for storing objects in the relational database in the first two parts of the blog series. This article focuses on the various Serializers that prepare and construct API transferable data in Ruby on Rails.