Welcome to the VectorLogic blog. We publish content of a technical nature, across the field of software (mainly web) development. The content is published on a pretty sporadic basis, but if you want a heads up when we drop any new content, please subscribe below.
The humble HTML label element never gets much press, but it makes our form inputs more user-friendly and accessible.
In this brief post we look at using the nested format for the label element to tighten up HTML formatting.
RSpec block syntax offers an extremely flexible option for validating the arguments passed in method calls. In this post we look at an example of how to use RSpec block syntax to verify arguments.
Read nowRails supports a RESTful interface through its resourceful routing. Sticking to these resourceful defaults can help to avoid bloated controllers and can also help to uncover hidden domain models.
Read nowSecuring controller endpoints is an important aspect of most non-trivial web applications. For Rails applications there are a number of established libraries used for this purpose. In this article we compare two of the most popular options, Pundit and CanCanCan. By means of an example we compare how these different libraries integrate into a Rails project.
Read nowContent Security Policy offers a way to lock down webpages, and prevent loading of external resources from non-trusted sources, thereby mitigating many XSS attack vectors. A nonce or hash approach can be used to handle existing inline scripts. In this post we look at how the hash generation can be achieved from the browser console, and why you may want to do that.
Read nowWe recently received a responsible disclosure from a security researcher, demonstrating an RCE exploit leveraging image uploads which were being processed by ImageMagick. Read on to understand more about the exploit, if you are vulnerable and how to mitigate.
Read nowHaving good test coverage of your code is a noble and worthwhile goal. However, sometimes resolving test failures can be an enormous time-sink. In this post we take a detailed look at one order-dependent test failure which I recently encountered. In the process we uncover an important lesson to bear in mind for your own controller specs.
Read nowSprokets remains an important part of the Rails ecosystem, despite the move to webpacker for Javascript assets. In this blog post I look at a particular case where the interplay of Sprockets require-directives and CSS @import rules can cause confusion.
Read nowRails offers filter methods to execute cross-cutting concerns around controller actions. Multiple filters can be attached to any given action, creating a filter chain. But some care is required to ensure you don't get tangled up with complicated filter chains.
Read nowThe safe-navigation operator is a great way to avoid repeated null checks. However, sometimes it can go a bit wrong. This post outlines a specific case where care is needed to ensure you don't break existing logic.
Read nowOver the last few years I have found myself reaching for CSS Flexbox with increasing frequency. Once you get a handle on a few basic properties it makes it very easy to position elements in a way that is natural and responsive. But how does this magical flex system determine the size of individual flex items? Unsurprisingly, there is some basic logic underpinning this process, and I will attempt to outline this logic here.
Read nowIn the world of software development and engineering there are innumberable books, blogs, theses etc. that are dedicated to the topic of good coding principles, and to the ultimate question of how to code well. My experiences have helped me to formulate my own ideas of what I believe to be important. I want to share these thoughts in the form of two precepts, which I have leaned on quite frequently in recent times.
Read nowRuby setter-methods are a great way to keep code explicit and terse. But beware of making a straight substitution for a regular function, as their return behaviour is different.
Read now
For many years I have equated localhost and the loopback address 127.0.0.1. Recently I became aware of some differences, and in particular how MySQL treats these two addresses.
If you run MySQL in a docker container there is a good chance you will bump your head on this also.