The latest news in the Ruby and Rails community.

Subscribe to our mailing list!

Episode #291

July 24th, 2012

We talk about Sublime editing, implicit gemsets with Bundler & rbenv, really secure HTTPS with HSTS headers, easy graph output with Graphene and Rubies in Gemfiles tha...

Stories

Living with HTTPS: HSTS

This interesting blog post by Adam Langley explains that redirecting people to HTTPS is not as secure as you might think. It leaves you vulnerable to man-in-the-middle attacks when the first request is HTTP, that one could intercepted before users are redirected to the HTTPS one. No what you want to do is to use a header called: strict-transport-security or HSTS. This way, it's not the user’s burden to decide whether a certificate is secure or not. With HSTS, users will not be able to access a page with a certificate that isn’t proper.

Visit site → Permalink

Previous Episodes

Episode #290

Three great blog entries about grooming your development environment, The Role, Hamster, and more with co-host Dave Bock and special guest host Ryan McGeary of 'Let Me Google That for You' fame. The closing song would have made a lot more sense if our story on the javascript library 'mousetrap' hadn't been cut for space...

Episode #289

Ruby 1.9.3 with Clang, Clear Eyes gem, Advanced Caching tutorial update, Axlsx for creating Excel Spreadsheets, and MiniProfiler Ruby Edition

Episode #288

CodeClimate for open source projects, testing JSON APIs, faster asset precompilation, pruning your branches, retinafying your images, and riding the hovercraft in this episode of Ruby5!

Episode #287

The State of the Ruby stack, neater Dotfiles, ActiveRelation merge, ways to learn RubyMotion, custom flash types, and Asynchronicity.

View the archives →

Looking to learn about Ruby? Take a look at the Ruby Path on Code School

This podcast is produced and distributed by Code School. Copyright © 2015 Code School LLC