Matthew Bass

  • CORS woes on Heroku

    ,

    After spending the past 4 hours attempting to solve what boiled down to a rather simple problem, I figure I’d better blog about it to save someone else the time and effort.

    If you’ve been leveraging Passenger’s new –nginx-config-template command line option to add CORS headers to static assets served from a Rails app hosted on Heroku, and the CORS headers recently disappeared under mysterious circumstances… read on.

    I’ve been using the method described here to add CORS headers to custom fonts served from a Heroku-hosted Rails app that’s proxied by Nginx which handles serving static files. I recently updated to Rails 4.2.2 and suddenly, my custom fonts (.woff and .woff2 files) no longer had CORS headers on them.

    After the aforementioned hours spent scratching my head, I discovered that the latest version of the sprockets gem is generating asset digests that are 64 chars in length, where previously they had been 32. Nginx’s default regexp for identifying requests for static assets assumes the digest will be 32 chars long, like so:

    # Rails asset pipeline support.
location ~ "^/assets/.+-[0-9a-f]{32}\..+" {
  error_page 490 = @static_asset;
  error_page 491 = @dynamic_request;
  recursive_error_pages on;</code>

  if (-f $request_filename) {
    return 490;
  }
  if (!-f $request_filename) {
    return 491;
  }
}

    Changing the regexp to recognize digests that are 64 chars in length immediately solved the problem:

    location ~ "^/assets/.+-[0-9a-f]{64}\..+" {
   ...
}

    I had to laugh after something so stupid and silly cost me a good chunk of my Saturday to debug. But at least it’s working now. My statically served custom fonts have the correct CORS headers and Chrome and Firefox are happy again.

Need help?

I’m an independent software developer available for consulting, contract work, or training. Contact me if you’re interested.

  • Longhorn to support RSS

    ·

    AP ran a story last month on how Longhorn is going to have built-in support for RSS feeds. It sounds like the OS will basically manage your feeds for you (no more stand-alone RSS reader required?). The article also mentions something called “simple list extensions” which sounds proprietary, however, Microsoft will apparently “make the list extensions technology available for free” through a license which will “retain some intellectual property rights.” So it doesn’t sound like full-blown open source, but it’s at least a step in that direction. Will these new RSS tools be the next Internet Explorer? Maybe… maybe not. According to the article, only “6% of consumers actually have an RSS reader on their computers.” Microsoft’s move to integrate RSS with an operating system may change this. At least one thing is for sure: RSS seems to be gaining more and more traction as the data delivery format of choice.

  • Innovation isn’t just about the future

    ·

    Wired News ran an article last month talking about the recent phenomenon of warez traders and illegal music downloaders flocking back to Usenet to ply their trade. I find this fascinating considering the number of “modern” file sharing applications like Kazaa and BitTorrent which are easily available. The article cited anonymity as the primary force behind the shift, but it also cited speed as a factor.

    Uh, excuse me. Speed? Usenet’s reputation as a sluggish maiasaur when it comes to file downloads is uncontested, right? Well, not exactly. A new XML-based open source technology called the NZB file is allowing pirates to search for and download files at rates faster than traditional peer-to-peer file sharing apps. Add to that the nifty fact that files uploaded to Usenet are always there (at least until they scroll off the list) and you see the benefit.

    What does this mean for us as software developers, though? Simply that no matter how old or antiquated a technology may seem to be, there is usually always a new, different, and better way to use it. The trick, of course, is finding it. The warez traders are motivated to innovate by their apparent addiction to circumventing the law. Where does our motivation come from?

    I suggest that our motivation shouldn’t come exclusively through the vehicle of exciting new technologies and methodologies, the latest craze, or the slickest new toolset. The technologies of today were built upon the achievements of the past. I suggest that we should also dedicate a portion of our time to examining what’s been done before, even if it may not be popular right now.

    There may be value hidden where we least expect to find it.

  • Automating mundane tasks with Expect

    ·

    Expect is a UNIX program based on the Tcl programming language. It allows for quick and easy automation of interaction with other programs. For example, Expect can be used to write a script which launches FTP, enters a password when prompted, navigates to a directory, downloads a file, and finally quits.

    My current development work requires me to login to a remote server quite frequently, launch a session of SAS, and execute a program to connect to an Oracle database. Prior to Expect, it took me 30 to 45 seconds to login. Now that I have the login and SAS startup processes automated via Expect, it takes mere seconds to do the same thing.

    Expect isn’t for everyone, but if you need to automate an interactive UNIX program it can be a lifesaver. Visit the Expect web site for more information, including a number of useful example scripts.

  • A new beginning

    ·

    Hi there and welcome to my blog! My name is Matthew Bass. I’m a software developer at SAS Institute in Cary, North Carolina. I’m relatively new to the concept of blogging, but have been doing it internally at SAS for about a month now. I found it to be such an effective (and fun) way of sharing information that I decided to “go public.” Some of my work posts will be reprinted here. I’ll try to provide some original material as well. I personally despise posts that are books and I don’t like reading blogs which don’t provide me with immediately useful information. This blog will be my attempt to avoid falling into both of those traps. Thanks for reading!