Safely Passing Ruby Variables to JavaScript in ERB

from blog code.dblock.org | tech blog, | ↗ original
A user reported a bug in Slava, a bot that syncs Strava activities to Slack, where they couldn’t subscribe to the paid version because their Slack team name contained a quote. That was a rookie mistake on my part in HTML escaping that almost cost me $9.99. Interestingly, it required a rather non-trivial fix. The bot’s code extensively uses ERB,...
This is a short summary. ↗ Open original to view full content

Related

How to access url query parameters in Clack, Lucerne or Caveman
Lisp journey | original ↗
Oxtail, and more Cooklang Exploration
Hearthside by Caleb Hearth | original ↗
Snippets I Use Regularly
Robb Knight • Posts • RSS Feed | original ↗
i18n in my Lisp web app with Djula templates and gettext
Lisp journey | original ↗
Meaningful labels using ARIA – or not.
HTMHell | original ↗
Getting and Displaying a Mastodon Post in Client-Side JavaScript
Raymond Camden | original ↗
Introducing metadown
Steve Klabnik | original ↗
Using GitHub as a CMS
anderegg.ca | original ↗
Brainfuck VM in Clojure
Oliver Caldwell's blog | original ↗
Syntax extensions and regular expressions for Rust
Andrew Gallant's Blog on Andrew Gallant's Blog | original ↗

More from code.dblock.org | tech blog

Adding a Spell Checker to a Jekyll Blog
30 Dec 2024 | original ↗

I found it annoyingly non-trivial to add a spell checker to this blog. For now, I settled on GitHub Spellcheck Action that uses PySpelling on files changed in the commit or pull request as described in this blog post. name: Check Spelling on: [push, pull_request] jobs: check: runs-on: ubuntu-latest steps: - uses:...

I Participated in 2882 Meetings in 5 Years
20 Dec 2024 | original ↗

Since my first day in AWS 5 1/2 years ago, I’ve been experimenting with keeping a CHANGELOG of everything I do, available for everyone at the company to see. I wrote about it here. If you work at AWS, use the URL in the screenshot below to find it. I wrote a little script to try and classify where I spent my time. Here are some quick, very...

Do Not Fix Bugs Reported in Your Open Source Projects
19 Dec 2024 | original ↗

Have you watched The IT Crowd? It’s a hilarious British television sitcom from around 2006 that cast a bunch of IT geniuses at the Reynholm Industries tech support department in London. One of the signature laughs is that every time the phone rang, Roy would pick it up and without waiting say “Have you turned it off and on again?”, then hang up....

Harvesting the Low Hanging Fruit in Open Source Projects
18 Dec 2024 | original ↗

Every active open-source project grows a lot of low hanging fruit. Encouraging project users to harvest some of the yield can be a great way to engage and retain new contributors. Here are some ideas, mostly borrowed from Barani, for low-hanging work items that you can propose to anyone engaging in your project. Help Wanted, Good First Issue and...

How to Grow Open-Source Contributors and Maintainers
14 Dec 2024 | original ↗

I’ve been very active in open source since around 2008 and have become very passionate about growing contributors and maintainers in the projects I am involved in. The health of an open-source project can easily be measured by the number of actively engaged participants in its code, which cannot happen without maintainers. Maintainers are leaders...