Simon Willison’s Weblog

69 items tagged “rails”

Is there a substantial difference between using a Mac or a Windows machine for web development (particularly RoR)?

No matter if you are on Mac or Windows you should be using a Linux virtual machine for development, ideally running the same operating system as you deployment environment (I like Ubuntu for this). Vagrant is a popular tool for managing this kind of setup.

[... 151 words]

How can one become a masterful Rails developer (and still have a life)?

Don’t sacrifice your social life. Sacrifice TV.

[... 79 words]

What is the best framework to use, Yii or Ruby on Rails?

This is a big decision, and it’s worth taking the time to pick what’s the best fit for you. I recommend going through the tutorials for each one, building the basic application they describe and seeing which made the most sense to you. As a Django developer, I suggest trying that framework too :)

[... 126 words]

Is it worth it for an aspiring web developer in NYC to attend the San Francisco Startup Jobs Fair in November? What I mean is what are my chances that a company would be interested in me, allowing that my code skills are up to snuff, if I don’t live ...

Not being in SF already is no problem at all—demand for talented developers is crazy high, so provided you are a great developer the fact you would need to relocate won’t be a barrier.

[... 142 words]

What web programming framework best supports ’drag and drop’ actions?  Please give examples of sites and/or plug-ins that support the interaction.

Drag and drop is a client-side thing—it has nothing to do with the server-side technology being used.

[... 72 words]

Why did Twitter have so many problems if it is made with Ruby?

The technical problem Twitter solves (distributing millions of short messages per minute to an enormous graph of follow relationships) is extremely hard in any language.

[... 44 words]

How long until Ruby developers are as cheap as PHP developers? is it already happening? should I still learn it or it only has a couple years left and I’m better off with SSJS?

If you want to be a highly paid engineer, you should worry less about your expertise in a specific language and more about developing broad and deep skills across a wider range of development topics.

[... 197 words]

Play Framework, Django or Rails? Which one do you recommend for  Social Networking Web applications.

Both Rails and Django have been used for a large number of high profile social networking web applications. Off the top of my head, Django is used by Instagram and Pinterest, Rails is used by Posterous and Ravelry. I don’t know what the largest sites built using Play are at the moment.

[... 149 words]

Is there a framework that allows me to collect input from individual users, and then charge for the aggregate and analysis of that data?

No—your needs are extremely specific. You’re going to have to build this yourself.

[... 95 words]

Can someone improve their knowledge of programming in Ruby or PHP by using a framework like Rails or Zend, or does the framework just do a lot of the work for you without giving you an opportunity to learn from it?

Read the source, luke.

[... 82 words]

CSRF: Flash + 307 redirect = Game Over. Here’s the exploit that Django and Rails both just released fixes for. It’s actually a flaw in the Flash player. Flash isn’t meant to be able to make cross-domain HTTP requests with custom HTTP headers unless the crossdomain.xml file on the other domain allows them to, but it turns out a 307 redirect (like a 302, but allows POST data to be forwarded) confuses the Flash player in to not checking the crossdomain.xml on the host it is being redirect to. # 10th February 2011, 10:07 pm

How long would it take an average programmer to do a Ruby on Rails Reddit clone prototype?

Just FYI, Reddit is an open source Python project: http://code.reddit.com/

[... 34 words]

What are the tradeoffs (e.g. development speed, performance, scalability) between using various php frameworks, ruby/rails, or python/django?  Is there any reason to choose one overwhelmingly over another?

At this point, I’d argue that the decision between them comes down to programming language rather than framework—the frameworks have mostly converged on a very similar set of features.

[... 145 words]

Why is Diaspora built on Ruby on Rails instead of Node.js?

Because Node.js had almost no visibility at all six months ago when Diaspora started. Also, Node.js has only very recently stopped breaking API backwards compatibility on a regular basis. Plus the Ruby library ecosystem is much, much larger than the Node.js ecosystem.

[... 81 words]

Hookbox (via) For most web projects, I believe implementing any real-time comet features on a separate stack from the rest of the application makes sense—keep using Rails, Django or PHP for the bulk of the application logic, and offload any WebSocket or Comet requests to a separate stack built on top of something like Node.js, Twisted, EventMachine or Jetty. Hookbox is the best example of that philosophy I’ve yet seen—it’s a Comet server that makes WebHook requests back to your regular application stack to check if a user has permission to publish or subscribe to a given channel. “The key insight is that all application development with hookbox happens either in JavaScript or in the native language of the web application itself”. # 29th July 2010, 9:48 am

Node.js, redis, and resque (via) Paul Gross has been experimenting with Node.js proxies for allowing web applications to be upgraded without missing any requests. Here he places all incoming HTTP requests in a redis queue, then has his backend Rails servers consume requests from the queue and push the responses back on to a queue for Node to deliver. When the backend application is upgraded, requests remain in the queue and users see a few seconds of delay before their request is handled. It’s not production ready yet (POST requests aren’t handled, for example) but it’s a very interesting approach. # 28th February 2010, 11:02 pm

Play framework for Java. I’m genuinely impressed by this—it’s a full stack web framework for Java that actually does feel a lot like Django or Rails. Best feature: code changes are automatically detected and reloaded by the development web server, giving you the same save-and-refresh workflow you get in Django (no need to compile and redeploy to try out your latest changes). # 25th October 2009, 11:21 pm

How We Made GitHub Fast. Detailed overview of the new GitHub architecture. It’s a lot more complicated than I would have expected—lots of moving parts are involved in ensuring they can scale horizontally when they need to. Interesting components include nginx, Unicorn, Rails, DRBD, HAProxy, Redis, Erlang, memcached, SSH, git and a bunch of interesting new open source projects produced by the GitHub team such as BERT/Ernie and ProxyMachine. # 21st October 2009, 9:14 pm

nginx_http_push_module. More clever design with webhooks—here’s an nginx module that provides a comet endpoint URL which will hang until a back end process POSTs to another URL on the same server. This makes it much easier to build asynchronous comet apps using regular synchronous web frameworks such as Django, PHP and Rails. # 17th October 2009, 4:48 pm

XSS Protection by Default in Rails 3.0. Fantastic news—congratulations, Rails core team. # 8th October 2009, 4:35 pm

Ravelry. Tim Bray interviews Casey Forbes, the single engineer behind Ravelry, the knitting community that serves 10 million Rails requests a day using just seven physical servers, MySQL, Sphinx, memcached, nginx, haproxy, passenger and Tokyo Cabinet. # 3rd September 2009, 6:50 pm

cache-money. A “write-through caching library for ActiveRecord”, maintained by Nick Kallen from Twitter. Queries hit memcached first, and caches are automatically kept up-to-date when objects are created, updated and deleted. Only some queries are supported—joins and comparisons won’t hit the cache, for example. # 28th June 2009, 3:17 pm

whine flu, railsmalefail 2009. Danny quotes the smartest take on the CouchDB/pr0n controversy: “It’s about presenting women as ’the other,’ not ’us.’ It would have been just as offensive if all the women shown were domineering mothers in aprons, shaking their fingers and threatening with rolling pins.” # 29th April 2009, 11:39 am

Phusion Passenger for nginx. Passenger (aka mod_rails / mod_rack) enables easy deployment of Rails and Ruby apps under Apache... and the latest version adds support for nginx as well. It works as an HTTP proxy and process manager, spawning worker processes and forwarding HTTP requests to them via a request queue. It can also handle Python WSGI applications—anyone tried it out for that yet? # 20th April 2009, 4:53 am

Ruby on Rails 2.3 Release Notes. I’m impressed with how thoroughly Rails has embraced Rack (Ruby’s standardised web framework API, inspired by Python’s WSGI). # 15th March 2009, 1:22 pm

Building and Scaling a Startup on Rails: 12 Things We Learned the Hard Way. Lessons learned from Posterous. Some good advice in here, in particular “Memcache later: If you memcache first, you will never feel the pain and never learn how bad your database indexes and Rails queries are”. Also recommends using job queues for offline processing of anything that takes more than 200ms. # 23rd February 2009, 8:28 am

Infrastructure for Modern Web Sites. Leonard’s thoughts on what the next generation of web frameworks should aim to provide. # 29th January 2009, 1:36 pm

Merb gets merged into Rails 3! Huge news. Of particular interest is the new focus on “framework agnosticism”, whereby Rails will aim to play well with people wishing to use alternative ORMs, template mechanisms and so forth. Rails has previously suffered from a reputation for getting in your way if you deviate from its opinions. # 23rd December 2008, 8:32 pm

Response Splitting Risk. Important reminder that you should always ensure strings used in HTTP headers don’t contain newlines. # 19th October 2008, 11:58 pm

Is your Rails application safe? (via) update_attributes(params[:foo]) in ActiveRecord is an anti-pattern. # 22nd September 2008, 8:28 pm