No More Secrets
Ian McKeller shows how easy it is to find web API “secret keys” when the user has access to the (network) client code. It’s actually a nice little crash coarse in how to write cracking software (here “crack” means warez scene type “crack”). That crazy shit like this is possible is why I got into software in the first place. Completely
Extension/Scripting language comparisons - comp.lang.scheme
“While I do consider the adjective ‘baroque’ to be a compliment, I must point out that Perl is actually more of a romantic piece, with allusions to various classical motifs. My favorite composer is Mahler, which should surprise no one.” — Larry Wall
Ruby 1.9 - What's new? What's changed?
Markus Prinz with a nice review of important Ruby 1.9 changes.
rack-esi
Christoffer Sawicki has started in on a partial implementation of ESI (Edge Side Includes) as a Rack middleware component. Put something like this in front of Rack::Cache and things get real interesting real fast :)
Sanitize: A whitelist-based Ruby HTML sanitizer
Finally, a sane looking sanitization lib that doesn’t try to do too much.
Resourceful
Interesting looking HTTP client library for Ruby with support for HTTP caching (with pluggable backends), basic and digest auth, intelligent redirect handling. It’s been around for a while and looks like it could eventually become similar in feature set to Python’s httplib2.
cachet
Nick Kallen has started a project to implement a HTTP cache in Scala. Seems like an excellent idea given Java’s extensive collection of stable HTTP server libraries and Scala’s strengths in concurrency and performance.
Rails and Merb -- Why Merge At All?
A much more sober but constructive take on the plan to merge Rails and Merb.
Why Does Hollywood Hate the Suburbs?
“The reflexive reverence for Revolutionary Road is a testament to the degree to which antisuburban sentiment is one of the most unexamined attitudes in American culture.”
Google Groups: rack-cache
Mailing list for Rack::Cache users and hackers. Come on in, the water’s warm.
The arc of history is long . . ..
Awesome photo of Obama addressing a massive crowd in front of the Old St. Louis Courthouse — the same place slaves were being auctioned as recently as 1861. Crazy.
CloudKit via cURL
Jon Crosby’s RESTful JSON-based data store with OpenID and OAuth support. It does versioning and produces HTTP cache friendly responses all in a Rack middleware component. Jon’s been working on this for some time and it shows in the code and docs. Awesome.
Concluding Remarks
Jean-Jacques Dubray: “How do the RESTafarians work? They take Roy’s REST, they try to use it for anything in their day to day activities, and then when they stumble upon a problem, they try to find a more or less ‘RESTful’ solution and post it on a blog.”
Precisely!
Sinatra: 29 Links and Resources For A Quicker, Easier Way to Build Webapps
Peter Cooper: “Lots of awesome articles about Sinatra, Sinatra apps, and various links and resources have cropped up over the past few months. The remainder of this post links to the best we've found – most of which you should find useful as you start to explore Sinatra in detail.”
Introducing Rails Metal
David Heinemeier Hansson: “Rails Edge adopted Rack a while back and we’ve been exploring ways to expose that better. The first thing we did was to make it really easy to hook up any piece of Rack middleware in front of a Rails request. In your config/environment.rb file, you can do: config.middlewares.use(Rack::Cache, :verbose => true)”
Oh hell yes.
Rails Metal: a micro-framework with the power of Rails: \m/
Rails riding on Rack is going to be a big deal.
Introducing Cache Money
Bad-ass ActiveRecord extension that does read-through and write-through caching to memcached in a way that’s fairly transparent. This is one of the strategies the Twitter folks put in place recently to improve their response time and availability.
What’s Ruby’s future
Rafe Colburn: “On the other hand, I find programming in Ruby enjoyable and educational, so it’s not like I’m looking to give up. It’s just that even after a couple of years of doing it, I still feel like we’re dating rather than married.”
It seems like a lot of people are down on Ruby at the moment. Odd. I'm actually more excited about Ruby than I've ever been. Things seem to be moving along nicely, especially on the web tooling front.
ETags And Modification Times In Django
Nice look at caching idioms in Django and why you need to generate HTTP cache validators up-front and efficiently.
More Developers, Less Code
I never put it together that the teddziuba that wrote at lesscode.org in 2005 was that teddziuba. This is a great piece.
RubyConf 2008: Lightweight Web Services
Adam Wiggins and Blake Mizerany’s presentation on Sinatra and RestClient.
ncache
An Nginx module that acts as a gateway cache. I haven’t tried it yet but it’s a really good idea.
Code for Christmas
Xavier Shay:
Ticking off an amazon wishlist never really resonated with me, so this year here is what we are all doing instead:
- Find someone’s pet open source project – I’d start at github
- Contribute! It doesn’t have to be much – a spec or two, some documentation, or even just a “hey it works on my box”. Fork, commit, pull request.
- Wish them a Merry Christmas!
Great idea. I feel like I finally have something worthwhile to give this year.
Building a iPhone web app in under 50 lines with Sinatra and iUI
Nicely done. I have to take a serious look at iUI one of these days. It sounds like you can get really close to a native app experience.
Debug your shell scripts with bashdb
“The syntax for many of the commands in bashdb mimics that of gdb, the GNU debugger. You can step into functions, use next to execute the next line without stepping into any functions, generate a backtrace with bt, exit bashdb with quit or Ctrl-D, and examine a variable with print $foo.”
Ruby on Rack #2 - The Builder
Pratik continues his series on Rack with a deep dive into Rack::Builder.
Showcase Of Clean And Minimalist Designs
Smashing Magazine shows off a massive catalog of minimalist designs and then attempts to deconstruct them.
Obama 'could stop using e-mail'
BBC: “The paper quoted aides saying that his emails, sometimes sent as late as 0100 or 0300, were ‘generally crisp, properly spelled and free of symbols or emoticons’.”
Can you imagine?
Dear Mr. Karzai,
im in ur country, bombing ur lands. =p
k thx.
--
- O
Ruby on Rack #1 - Hello Rack!
Pratik’s first in a series of pieces on Rack: how it came to be, why you need to understand it, along with some simple examples. Future installments will cover Rack::Builder and Middleware.
How to Write With Style
Kurt Vonnegut: “The most damning revelation you can make about yourself is that you do not know what is interesting and what is not.”
An Introduction to A/B Testing
I've read about five extremely solid articles on this site (20bits.com) today; all thorough, easy to read, and cover interesting topics.
How can C Programs be so Reliable?
Laurence Tratt: “I had implicitly bought into the idea that C programs segfault at random, eat data, and generally act like Vikings on a day trip to Lindisfarne; in contrast, programs written in "higher level” languages supposedly fail in nice, predictable patterns. Gradually it occurred to me that virtually all of the software that I use on a daily a basis – that to which I entrust my most important data – is written in C. And I can’t remember the last time there was a major problem with any of this software – it’s reliable in the sense that it doesn’t crash, and also reliable in the sense that it handles minor failures gracefully."
The Road to HTML 5: getElementsByClassName()
Includes a brief history of native support for getElementsByClassName in Mozilla and other browsers.
FreshPorts -- textproc/rdiscount
RDiscount, a fast Markdown library for Ruby, is now included with the FreeBSD ports collection thanks to Daniel Roethlisberger.
Rack cache headers
Interesting approach to setting cache related headers using a Rack middleware component.
minigems
An interesting RubyGems mod by Fabien Franzen that seems to fix the memory hit a process takes on require 'rubygems'. Unfortunately, you have to code for it in your app and apply it to installed ruby commands explicitly. Fabien has submitted a ticket and patch to the RubyGems project, however. You should +1 it (after reviewing the code, of course).
Hofstadter's Terrible Law
Adam Gomaa: “… this state of affairs doesn’t really help my general feeling of hopelessness when it comes to programming – I know that no matter how good I get, I'm still stuck at being just one person, and the code a single person can write is pitifully small.”
I've come to the same conclusion within the past couple of years. I take on much smaller projects now and try to contribute more to existing projects rather than playing mad scientist on massive works that will never see the light of day. I've also come to appreciate the idea of paying lots of attention to detail on one small thing rather than churning out large quantities of half-baked features.
Reverse HTTP
Allows a server to turn the tables and make HTTP requests to the client. I've been trying to come up with some use for this for 45 minutes and I'm totally baffled but it’s kind of interesting anyways.
Why Programmers Suck at CSS Design
Stefano Mazzocchi: “I have a much simpler and humble goal here: give programmers some tricks and some advice in how to proceed to make their web pages look cleaner, more readable and, hopefully, more professional, elegant and original than before.”
Advanced Squid Caching for Rails Applications
So, I got an email yesterday disagreeing with my remark about HTTP caching being wildly under-appreciated in the Ruby web community. I felt bad, a little. Then I read this article (posted the day after my remark), which talks about Scribd moving to a Squid reverse proxy setup to front their Rails deployments:
“But there was a problem – no one uses caching proxies in 2008 :–) So, we’ve got an idea – why can’t we place such a server in front of our application and make it cache content for all users in the world?”
The fact that Scribd had to “have this idea” on their own and had not previously been exposed to a ton of literature/tools on reverse proxy / gateway caching is completely fucking unacceptable. I'm back to agreeing with myself.
Creating a Rack Middleware for Minifying Your Javascript files
Pretty good introduction to building pieces of Rack middleware and using Rack::Builder.
What's New in Edge Rails: Even Better Conditional GET Support
Much nicer, IMO. I'm interested to see if someone can get Rails + Rack::Cache working together so that you can maximize the benefits of generating these validators.
Introducing ActsAsMarkup: A Markdown, Textile, Wikitext, and RDoc Plugin for ActiveRecord
Interesting Rails plugin from Viget Labs that adds ActiveRecord attribute helpers for various humane markup languages. The markdown variation supports both rdiscount and rpegmarkdown. Cool. Not sure how I missed it when it was released in August.
Ezra's "Merb, Rubinius and the Engine Yard Stack" Google Tech Talk
So I've been skeptical about Merb but I really like the world-view Ezra puts forth here: core framework code should be simple (no/little meta-programming), fast is good, Rack is awesome, etc.
What I Believe Roy Said
Paul Downey translates Dr. Fielding’s REST APIs Must be Hypertext Driven into lay-hacker speak.
AJAX should not mandate HTTP
Huh? In a sane world, “Ajax” would have been called “HTTP” (or, more elaborately: “JavaScript gets a mostly-standard asynchronous HTTP client library”).
At first I thought this was going to be one of those articles that confuses animated JavaScript effects for Ajax but it goes on to talk about how Ajax is bad because it breaks “Save Page to File” … or something. Save Page to File?!
How I Turned Down $300,000 from Microsoft to go Full-Time on GitHub
Tom Preston-Werner on how GitHub came into being and leaving Powerset after the Microsoft acquisition: “When I’m old and dying, I plan to look back on my life and say ‘wow, that was an adventure,’ not ‘wow, I sure felt safe.’”
Why Ruby is Not My Favorite Language
Same here. I'm still looking for techniques that would make my Ruby libs and apps as simple to follow, debug, and maintain as equivalent Python versions are naturally. Ruby’s module system and cowboy shit (instance_eval, modifying Object, Class, Module, etc.) can go to hell. Python + blocks + class scope + large community and I'm sold.
Two logical fallacies that we must avoid
“… the implications of many of the scientific ideas and theories, whether mine or otherwise, are indeed immoral, ugly, contrary to our ideals, or offensive either to men or women (or some other groups of people). I simply do not care. If what I say is wrong (because it is illogical or lacks credible scientific evidence), then it is my problem. If what I say offends you, it is your problem.”
Qwitter: Catching Twitter quitters
Sends an email notification when someone stops following you on Twitter. I don’t have the nervous system for it myself.
Conditional classnames
Using conditional comments to stick an “ie” classname on <body> so that you can target IE from a single CSS file instead of bringing in a separate stylesheet. Nice hack.
Varnish's ESI Support
“Varnish implementes a subset of the ESI Language 1.0 defined by W3C, this document lays out some of the thoughts and rationale for choices made and advice for usage of these features.”
This lets you perform includes at the cache layer so that each included resource can have its own caching policy. Akamai edge proxies have supported this for some time, apparently.
Varnish 2.0 released!
Looks like a really solid improvement on 1.0. I haven’t had a chance to play with any of the betas but I'm anxious to see whether If-Modified-Since/If-None-Match validation made it in. There’s a note on “serving expired objects until we have a fresh one” but that sounds more like stale-while-revalidate.
Dear Leg-Shaker
I'm pretty sure this exact thought occurs to everyone that sits at a table connected to mine on a daily—maybe hourly—basis. I'm sorry!
The Programming Aphorisms of Strunk and White
“Of course, Strunk and White, as the book is commonly called, has nothing to do with software (it was written in 1935) and everything to do with writing: grammar, composition, and style for users of the English language. But in its 100 short pages this book has more to say about the craft of software than many books you’ll find in the ‘Computing’ section of your local bookstore. All you have to do is replace a few key words throughout the text and presto! Pearls of software development wisdom, delivered in near-perfect English.”
Walmart Changes Mind on DRM, Keeps Servers Running
That makes sense to me. Gizmodo seems to think ripping off all those people who purchased that crap is a better idea. I hate DRM as much as the next guy but that’s a really dumb take on the situation, IMO.
The Subprime Primer
The financial crisis explained using the crappiest cartoon stick figures ever. Also, the best overview I've seen yet.
class='robots-nocontent'
Apparently, Yahoo!’s indexer supports marking specific content on a page as “extraneous to the main unique content”. This lets you prevent headers, navigation, and other types of site-level crud from overwhelming the content and the search results will excerpt only content that’s relevant to the page.
From the Yahoo! Web Crawler FAQ: “… apply the robots-nocontent attribute to indicate to search engines any content that is extraneous to the main unique content of the page. Yahoo! Search observes the class='robots-nocontent' present on XHTML elements, such as div, span, and all others.”
The Web is Agreement
This is really close to what “the web” looks like in my brain:
I try to stay in the general vicinity of the “principles mound.” :)
Graduating from Beer to Whisky: 10 Facts You Need to Know
“Beer is the people’s drink. Whiskey on the other hand is seen as a hard drink. It is a drinker’s drink. The sole preserve of men. It’s serious. It is the opposite end of the spectrum to fruit-based neon-coloured liquids sporting little paper umbrellas.”
Don’t overuse instance_eval and instance_exec
Ola Bini: “Using instance_eval changes the rules for the language in a way that is not obvious when reading a block. You need to think an extra step to figure out exactly why a method call that you can lexically see around the block can actually not be called from inside of the block.”
Having abused instance_eval in the past, I can say with absolute clarity that it’s usually The Wrong Thing. It can make DSLish code look really cool in controlled and scoped demos but it greatly increases cognitive complexity, making things hard to read and maintain.
"Air Budd Form Builder" meets "/admin Considered Harmful"
Bill Burcham applies the technique of making form controls inherit style from their container in the Air Budd Form Builder Rails plugin. Cool.
FastHTTP
… is a Ruby library suitable for use as a drop-in Net::HTTP replacement or with event frameworks like EventMachine and Rev.
Minima
Alex Payne’s tumble-like blog on minimalism in coding and design. I didn’t realize @al3x was such a huge conscious follower of the minimalist aesthetic, although I've definitely noticed it in his work.
Google's undocumented favicon to png convertor
I'm using this on all of my “linkings” index pages now (see here, for example). It works pretty well. I really like the idea of integrating a piece of the destination site’s visual identity instead of using a generic del.icio.us/bookmark icon. Some site’s with favicons don’t work properly, however, and I'd give anything to have another parameter that let me override the default globe icon (this one: ). It'd be nice if I could say, grab the favicon for this domain but if it doesn’t exist, give me the favicon for delicious.com (
).
Managed Ajax - A New Approach to Ajax
A horrible and misguided idea. I've personally never even liked the RJS/JavaScript generation stuff in Rails, and it’s actually well designed, thought out, and quite simple. “Managed Ajax” takes it to a whole new level, building from the assumption that “JavaScript is the new assembler,” and moves most types of interaction logic to the server. Reality seems to be moving in the exact opposite direction. Do yourself a favor and get real comfortable with JavaScript.
On Bacon and Simplicity
Thomas Jefferson: “I had rather be shut up in a very modest cottage with my books, my family and a few old friends, dining on simple bacon, and letting the world roll on as it liked, than to occupy the most splendid post, which any human power can give.”
Spotted on bacon.reddit.com…
Subtree merging and you
Very interesting alternative to git submodule, especially in “vendor branch” type scenarios. The other project is merged into yours at a specified prefix and can be updated with a simple git pull.
Latest iPhone Software supports full-screen Web apps
“One unpublicized feature introduced by Apple’s latest iPhone software updates is the ability to save Web apps to the home screen and have them launch in full-screen mode without the Safari wrapper, essentially mimicking the experience of a native app.”
Cross Site XMLHttpRequest Design
Oh, nice. Here’s a high-level design document that describes the new cross-site XmlHttpRequest (their calling it, “XXX”) functionality and ties the other documents floating around out there together. It seems that servers will be able to signal that certain resources are accessible from other domains using HTTP headers or (gasp!) XML processing instructions (PIs). Weird.
Bug 389508 – Implement Cross-site XMLHttpRequest
Just landed on mozilla trunk a few days ago. See the draft spec for specifics.
A Big Change for Open Source
Bruce Perens on the recent JMRI/GPL ruling:
“For a decade there'd been questions: Are Open Source licenses enforceable at all? Are their terms, calling for a patent detente or disclosure of source code, legal? Are they contracts, which require agreement by all parties to be valid, or licenses, which are binding even if you don’t agree to then? What legal penalties can a Free Software developer employ: only token damages, or much more? The court’s ruling makes the answers to these clear. Did such weighty questions come up in cases involving IBM, Sun, HP, or Red Hat? No, this is the quirky world of Free Software: it was a court case about model trains.”
Varnish 2.0 beta 2 released
Lots of good stuff coming in Varnish 2.0. GC, regexp based purge, custom hash funcs, backend load balancing based on health or other metrics, and the thing I'm personally most interested: what looks like support for validation based caching.
SHA-1 Pseudocode
Pseudocode for the SHA-1 algorithm. Pretty straight-forward for being so insanely useful.
HTML5 Validator
Highly experimental HTML 5 validation service. More info and bookmarklets available on the about page.
How to usurp PHP’s place: an outline
Aristotle Pagaltzis on eating PHP’s lunch: “It will have to be more than just a programming language, because PHP itself is really more than a programming language. It includes a crude web framework (an invocation model reminiscent of CGI, with extensions) plus a crude deployment solution (just make all the libraries part of the language and let the sysadmin worry about it – who in turn often defers to his operating system vendor). This is PHP’s way of taking the worse-is-better philosophy to dazzling new depths …”
I was having this conversation at work the other day and came away with the conclusion that even if something were to reach feature / ease of use parity with PHP today, it would be many years before it actually surpassed the language in real deployments. PHP is everywhere.
Online Literacy Is a Lesser Kind
“When the Texas Education Agency evaluated its Technology Immersion Pilot, a $14-million program to install wireless tools in middle schools, the conclusion was unequivocal: ‘There were no statistically significant effects of immersion in the first year on either reading or mathematics achievement.’”
Dead Man's Switch
Sends emails to people when you die. Awesome.
“This is how this works. You write a few e-mails, and choose the recipients. These emails are encrypted with military-grade algorithms, so you can be sure that no-one except the intended recipient will ever read them. Your switch will email you every so often, asking you to show that you are fine by clicking a link. If something were to… happen… to you, your switch would then send the emails you wrote to the recipients you specified. Sort of an ‘electronic will’, one could say.”
The C10K problem
Dan Kegel: “You can buy a 1000MHz machine with 2 gigabytes of RAM and an 1000Mbit/sec Ethernet card for $1200 or so. Let’s see – at 20000 clients, that’s 50KHz, 100Kbytes, and 50Kbits/sec per client. It shouldn’t take any more horsepower than that to take four kilobytes from the disk and send them to the network once a second for each of twenty thousand clients. (That works out to $0.08 per client, by the way. Those $100/client licensing fees some operating systems charge are starting to look a little heavy!) So hardware is no longer the bottleneck. ”
Looks like this is from 2003 but is still pretty accurate as far as I can tell.
Typography for Lawyers
For lawyers?!?? This site is way too useful and right to limit it to lawyers.
App disqualified from App Store because it 'duplicates iTunes functionality'
“An iPhone developer who created an app that manages and plays podcasts says the app was disqualified from the App Store because ‘it duplicates the functionality of the Podcast section of iTunes.’ That’s right, iTunes for the desktop.”
And the overwhelming majority of comments are actually in support of Apple’s decision, change the subject, or attack the author. Amazing.
Django’s cache framework
All frameworks should approach caching the way Django does. The core app/origin framework does no real caching but provides utility/helper methods for setting standard RFC 2616 cache related headers on the response easily and correctly. A completely separate set of caching goo (“middleware”) sits between your app and performs the actual caching based purely on the headers set by the origin. The benefit to this approach is that caching is totally independent from the app framework and can be swapped out for a true gateway (“reverse proxy”) cache at any time.