Professional Documents
Culture Documents
Following my series on job interviews which started here Job Interview Rails
Main Components This post will have new questions. Hopefully some people
will learn a few things, at least I did. Without further ado the questions and
answers; enjoy!.
Class: is the blueprint from which individual objects are created. Classes in
Ruby are firstclass objectseach is an instance of class Class.
Instance: is an object which was instantiated from a Class
Module: is a collection of methods and constants. You can't make an
instance of a module; the way you access the constants and methods inside
it depends on it's definition; module methods and variables can be
accessed like this Module.method or Module.CONSTANT but if you want to
access an instance method you should include the module to another class
to use it.
mixes a module as class methods; also you can extend a singleton object
instance using this syntax. obj.extend Mod which will add the methods or
constants to that single instance of that particular class.
Conclusion
I hope this help anyone interesting in learning tip bits of Ruby. Also I also
would love to see another methods to solve the problems exposed in this
questions. Happy coding!
Resources
Ruby Object
What is a Class?
Ruby Module
Ruby Class
Include and Extend
Enumerable#zip
Enumerable#lazy
Blocks, Procs, Lambdas
9Comments
BlackMatter
Recommend 2
Share
SortbyBest
Jointhediscussion
BrianDouglas 2yearsago
Thisisgreatthanksforposting.
1
Reply Share
RafaelGeorge
Mod >BrianDouglas
@BrianDouglasThanks:)
Reply Share
BrianDaz ayearago
Thanks
Reply Share
Login
2yearsago
GeorgeSun 2yearsago
Thanksforsharingthosequestions.
Reply Share
RafaelGeorge
Mod >GeorgeSun
2yearsago
@GeorgeSunNoproblem:)
Reply Share
TobyOvodEverett 2yearsago
I'mconfusedbytheresponseto"Whatisasymbolandwhataretherisksofusing
theminwebapps?".Myunderstandingoftheprimaryriskforusingsymbolsinweb
appsisthatitenablesDoS(DenialofService)attacks.Theattackersupplies
strings(inboundparametersalwaysstartasstrings),buttheapplicationconverts
theinboundstringstosymbolsatsomepointintheexecution.Becausesymbols
areimmutableandnotgarbagecollected,iftheattackercansupplyarbitraryinput
thatwillgetconvertedtosymbols,theattackercanexhaustthememoryofthe
processbysupplyingalargenumberofdifferentstrings.
Idon'tseehowthis"canleadanattackertoexecutearbitrarycodeintheserver
youarerunningyourapp."Thegoodnewsaboutsymbolattacksisthattheyare
DoSattacks,butthebadnewsisthattheycanbeverysubtle.Forinstance,the
mentionedhttps://groups.google.com/foru...isafairlysubtleattacktheattackeris
supplyingaURLquerystringthatbuildsahashforthevalueofanentryinthe
paramshash,andthathashcansometimeshaveitskeyscoercedtosymbols.As
asidenote,thesymbolissueisonereasonRailsusesastringindexedhashfor
theinternalsoftheparamshash,whilestillpermittingdual(bothstringandsymbol)
access.Whenyouaccesstheparamshashwithasymbol,Railsconvertsthe
symboltoastringbeforelookingforthevalueinthehashratherthantheotherway
becauseitwantstoensureagainstarbitrarystring>symbolconversion.
Reply Share
RafaelGeorge
Mod >TobyOvodEverett
2yearsago
@TobyOvodEverettI'mresearchingfurtheronthatparticularthingstill
mythesisisbasedonvulnerabilitiesrelatedtootherservicesthatI'veseem
buttheyprobablydoesn'tapplyinhere.ThanksforyourinputafterIfinish
withmyresearchIwillupdatetheblogpost.
Reply Share
BradLanders>RafaelGeorge 2yearsago
Youshouldcorrectthatitem,becausethisisotherwiseagreatlist.
TherearenoRCE(remotecodeexecution)vulnerabilitiesrelatedto
symbols.Symbolsarenotgarbagecollected,andtherefore
representaDoSvector.Theycannot,however,beusedtoleverage
anRCEontheirown.AlltherecentRailsRCEvulnerabilitieswere
relatedtoserializationissues.Forexample:
http://blog.codeclimate.com/bl...
http://blog.codeclimate.com/bl...
Reply Share
RafaelGeorge
Mod >BradLanders
2yearsago
@BradLandersSurething,updating:)
1
Reply Share
WHAT'STHIS?
ALSOONBLACKMATTER
IfyouaregoingtoisolatefromRails
whynotditchRails?
2comments2yearsago
IsGithubtrulythenewresume?
1comment2yearsago
BrianDazTrue
jlecourAlso,awebframeworkisnot
justanORM.Railsprovidesagreatlayer
betweenanapplicationandtheweb:
Rack,arouter,alotof
MyGPAatCodeClimateis3.59:A
refactoringstory
Anotherrefactoringstory
16comments2yearsago
AvatarRafaelGeorgeIseebutinthelatest
6comments2yearsago
Black Matter
Black Matter
george.rafael@gmail.com
cored
cor3d