Matthew Bass

  • CORS woes on Heroku

    ,

    After spending the past 4 hours attempting to solve what boiled down to a rather simple problem, I figure I’d better blog about it to save someone else the time and effort.

    If you’ve been leveraging Passenger’s new –nginx-config-template command line option to add CORS headers to static assets served from a Rails app hosted on Heroku, and the CORS headers recently disappeared under mysterious circumstances… read on.

    I’ve been using the method described here to add CORS headers to custom fonts served from a Heroku-hosted Rails app that’s proxied by Nginx which handles serving static files. I recently updated to Rails 4.2.2 and suddenly, my custom fonts (.woff and .woff2 files) no longer had CORS headers on them.

    After the aforementioned hours spent scratching my head, I discovered that the latest version of the sprockets gem is generating asset digests that are 64 chars in length, where previously they had been 32. Nginx’s default regexp for identifying requests for static assets assumes the digest will be 32 chars long, like so:

    # Rails asset pipeline support.
location ~ "^/assets/.+-[0-9a-f]{32}\..+" {
  error_page 490 = @static_asset;
  error_page 491 = @dynamic_request;
  recursive_error_pages on;</code>

  if (-f $request_filename) {
    return 490;
  }
  if (!-f $request_filename) {
    return 491;
  }
}

    Changing the regexp to recognize digests that are 64 chars in length immediately solved the problem:

    location ~ "^/assets/.+-[0-9a-f]{64}\..+" {
   ...
}

    I had to laugh after something so stupid and silly cost me a good chunk of my Saturday to debug. But at least it’s working now. My statically served custom fonts have the correct CORS headers and Chrome and Firefox are happy again.

Need help?

I’m an independent software developer available for consulting, contract work, or training. Contact me if you’re interested.

  • Quote of the Week: Max Beerbohm

    ·

    “Only mediocrity can be trusted to be always at its best.” — Max Beerbohm

  • Ruby Hoedown 2010

    ,

    ·

    This year’s Ruby Hoedown is happening in Nashville again on September 3rd and 4th. I’m really looking forward to attending. The quality of the talks combined with the smaller attendance size makes for some great hallway conversations. Last year’s Hoedown was at the Opryland hotel which was a stellar venue. I have seriously never seen such a large hotel. Unfortunately, it can’t be used this year due to the recent flooding. But the new venue, the Hilton Downtown, looks really nice as well. As before, the Hoedown is completely free (as in beer) and talk proposals are currently being accepted. Are you going?

    The Ruby Hoedown MMX

  • Are most of your projects one-time or maintenance?

    ·

    I’m curious about something. If you’re an independent contractor, consultant or freelancer, are most of your projects one-time gigs or do they more frequently involve long term maintenance? There is a lot of different thinking out there about how to handle ongoing work: batch it up and get it done all at once (and pay for it in one chunk too) or spreading it out over a longer period of time (the pain isn’t as severe, but lasts longer).

    Most of my projects start as one-time gigs and then evolve into ongoing maintenance work (assuming the client is pleased with what has been produced, which they generally are). I can think of only two instances where a one-time gig was just that… one-time… and didn’t involve ongoing maintenance. What has your experience been?

  • Quote of the Week: Mark Twain

    ·

    “Sometimes I wonder whether the world is being run by smart people who are putting us on, or by imbeciles who really mean it.” — Mark Twain