Matthew Bass

  • CORS woes on Heroku

    ,

    After spending the past 4 hours attempting to solve what boiled down to a rather simple problem, I figure I’d better blog about it to save someone else the time and effort.

    If you’ve been leveraging Passenger’s new –nginx-config-template command line option to add CORS headers to static assets served from a Rails app hosted on Heroku, and the CORS headers recently disappeared under mysterious circumstances… read on.

    I’ve been using the method described here to add CORS headers to custom fonts served from a Heroku-hosted Rails app that’s proxied by Nginx which handles serving static files. I recently updated to Rails 4.2.2 and suddenly, my custom fonts (.woff and .woff2 files) no longer had CORS headers on them.

    After the aforementioned hours spent scratching my head, I discovered that the latest version of the sprockets gem is generating asset digests that are 64 chars in length, where previously they had been 32. Nginx’s default regexp for identifying requests for static assets assumes the digest will be 32 chars long, like so:

    # Rails asset pipeline support.
location ~ "^/assets/.+-[0-9a-f]{32}\..+" {
  error_page 490 = @static_asset;
  error_page 491 = @dynamic_request;
  recursive_error_pages on;</code>

  if (-f $request_filename) {
    return 490;
  }
  if (!-f $request_filename) {
    return 491;
  }
}

    Changing the regexp to recognize digests that are 64 chars in length immediately solved the problem:

    location ~ "^/assets/.+-[0-9a-f]{64}\..+" {
   ...
}

    I had to laugh after something so stupid and silly cost me a good chunk of my Saturday to debug. But at least it’s working now. My statically served custom fonts have the correct CORS headers and Chrome and Firefox are happy again.

Need help?

I’m an independent software developer available for consulting, contract work, or training. Contact me if you’re interested.

  • How does PersistJS compare to Gears and Dojo?

    ,

    ·

    PersistJS was released just a few days ago by Paul Duncan. It’s a JavaScript framework enabling client-side data storage. Check out my post on InfoQ to learn how it compares with Google Gears and Dojo Storage.

  • How to block ads on Facebook

    ·

    The ads they run on Facebook are getting downright annoying. I’m confident I’m not alone in this feeling. Here’s a beginner’s tutorial describing how you can prevent Facebook ads from being displayed. You also pick up a few other nice features in the process.

    1. Download and install Firefox

    If you’re already using Firefox, you can skip this step. If you’re not, consider this your wake-up call. Internet Explorer just doesn’t cut it anymore. Aside from being completely open source, Firefox allows installation of scripts that enhance your browsing experience. You won’t be able to block Facebook ads without using Firefox.

    Visit this page, click on the big green download link, save the installer to your hard drive, and run it. Proceed through the installation…

    2. Install Greasemonkey

    Greasemonkey is an add-on for Firefox that allows for customization of the way a web page is displayed. It relies on JavaScript, but that’s not important to know for what we’re doing (unless you’re a geek).

    First, bookmark this post. You’re going to restart Firefox after this step. You’ll want to get back to this post so you can pick up where you left off.

    Next, visit this page and click the green “Add to Firefox” button. A dialog will pop up. Wait for the countdown to finish, then click the “Install” button. A new dialog will ask if you want to restart Firefox. Yes, you want to, so do it.

    3. Install Facebook Companion

    This is a Greasemonkey script that does three nice things to Facebook:

    • Removes ads
    • Adds an “Ignore All Requests” button (useful if you don’t want to see new app requests)
    • Adds a plus over all thumbnails that, when clicked, pops up a large version of the image

    To install, visit this page and click on the small, gray button on the right side titled “Install this script” (it’s just below the search box). Again, you will be presented with a dialog and an “Install” button. Click it…

    4. Visit Facebook and enjoy

    Now it’s time to visit Facebook and do some ad-free social networking. Enjoy!

    Extra credit: if you’re interested in browsing for Greasemonkey scripts that do other cool things, check out Userscripts.org

  • One week left for Ruby Hoedown proposals

    ,

    ·

    You’ve got about a week left to get your proposals in for a talk at the Ruby Hoedown, the South’s regional Ruby conference. Speakers will receive free admission and an as of yet undetermined honorarium along with dinner the night before the conference. (C’mon, you can’t possibly pass up free food.) Ping proposals@rubyhoedown.com if you have any questions.

  • Why geeks need public speaking

    ·

    If you know anything at all about public speaking, your perception of it is probably that it’s a playground for salespeople, marketers, and trainers; an outlet for extroverted businesspeople to practice their presentations to upper management. This is certainly true, but there is another group that can gain enormous benefit from learning and practicing public speaking: software developers.

    Let’s face it, we software developers are not thought of as your typical public speaker. But there is room us to learn this skill. There is room to push ourselves to do something that will not only benefit us personally, but help the people around us as well.

    Continue reading at the Career 2.0 blog…