Matthew Bass

  • CORS woes on Heroku

    ,

    After spending the past 4 hours attempting to solve what boiled down to a rather simple problem, I figure I’d better blog about it to save someone else the time and effort.

    If you’ve been leveraging Passenger’s new –nginx-config-template command line option to add CORS headers to static assets served from a Rails app hosted on Heroku, and the CORS headers recently disappeared under mysterious circumstances… read on.

    I’ve been using the method described here to add CORS headers to custom fonts served from a Heroku-hosted Rails app that’s proxied by Nginx which handles serving static files. I recently updated to Rails 4.2.2 and suddenly, my custom fonts (.woff and .woff2 files) no longer had CORS headers on them.

    After the aforementioned hours spent scratching my head, I discovered that the latest version of the sprockets gem is generating asset digests that are 64 chars in length, where previously they had been 32. Nginx’s default regexp for identifying requests for static assets assumes the digest will be 32 chars long, like so:

    # Rails asset pipeline support.
location ~ "^/assets/.+-[0-9a-f]{32}\..+" {
  error_page 490 = @static_asset;
  error_page 491 = @dynamic_request;
  recursive_error_pages on;</code>

  if (-f $request_filename) {
    return 490;
  }
  if (!-f $request_filename) {
    return 491;
  }
}

    Changing the regexp to recognize digests that are 64 chars in length immediately solved the problem:

    location ~ "^/assets/.+-[0-9a-f]{64}\..+" {
   ...
}

    I had to laugh after something so stupid and silly cost me a good chunk of my Saturday to debug. But at least it’s working now. My statically served custom fonts have the correct CORS headers and Chrome and Firefox are happy again.

Need help?

I’m an independent software developer available for consulting, contract work, or training. Contact me if you’re interested.

  • RubyConf 2012 recap

    ,

    ·

    After being unable to attend RubyConf last year, I was thrilled when I heard that this year’s conference would be held in Denver. Having lived in Boulder for several years, I’ve learned to love Colorado, the scenery, and the people. So it was almost a given that I would be attending.

    RubyConf 2012 was one of the most useful Ruby conferences I’ve been to. The variety and quality of the talks and the venue combined to create a memorable experience. My reading list is slam full of interesting things I picked up at the conf and want to keep learning about on my own. Another reason this was a great conf: the swag. I left the conf with no less than 8 T-shirts, all of which I’m reasonably sure I will actually wear (sometimes free shirts are rendered unwearable by being poorly made or just plain ugly). Some attendees even scored 9 or 10 shirts.

    But enough about shirts. Let’s go over some of the best talks I attended. (Which, by the way, will be posted online by Confreaks shortly, if they aren’t there already.)

    • My Name is MagLev by Jesse Cooke
      A Ruby implementation sitting on a Smalltalk VM, sporting a baked-in ORM that transparently persists your Ruby objects to the database. No more ActiveRecord wrangling!

    • Implementation Details of Ruby 2.0 VM by Koichi Sasada
      The 20th anniversary edition of Ruby was previewed at RubyConf and boy howdy does it have some nice features. Besides better method dispatch performance, the ability to prepend a module is very handy. The target release month for Ruby 2.0 is February, 2013.

    • Ruby Monitoring State of the Union by Joseph Ruscio
      Joseph surveyed various options for monitoring your Ruby programs: New Relic, statsd-ruby, Librato, and various monolithic open source software packages.

    • Zero Downtime Deploys Made Easy by Matt Duncan
      The title was misleading since Matt opened by saying there is no silver bullet. But he did share some interesting tricks to avoid locking database tables during long migrations, and also outlined a way to migrate between API versions.

    • Refactoring from Good to Great by Ben Orenstein
      One of my favorite talks of the conf, Ben gave several examples of smelly code and then proceeded to live code his way through various refactorings. Highly recommended.

    Tomorrow I’ll recap the remaining six talks, including Jim Weirich’s keynote which involved stabby procs and succeeded in completely blowing my synapses. Stay tuned.

  • Developers, please remember me by default

    ,

    ·

    When did developers start defaulting the “remember me” checkbox during login to NOT be checked? 99% of the time I’m on my own computer when logging in, which means that 99% of the time I want that box checked. I’ll uncheck the box myself for the remaining 1% (when I’m on a public computer for example). Fellow developers, please change your ways. It would save us all a little bit of hassle every time we login.

  • Quote of the Week: Roy DeSoto

    ·

    “Why don’t you get married instead of feeding your neurosis?” — Roy DeSoto, “Emergency!”

  • Indieconf 2012: The Anatomy of a Freelancer

    ,

    ·

    Out of all the talks on Saturday, this is the one I’d recommend for anyone who wants to become a freelancer. David Rogers gave an accurate and at times humorous overview of the distinctions between three different types of workers: the freelancer, the nine-to-fiver, and the moonlighter.

    He began by emphasizing that none of these choices are wrong or less advantageous than the others. Each work style has pros and cons. It’s up to each of us to decide which set of tradeoffs we’re willing to make. We also need to determine our own definition success.

    According to David, success:

    • should be measured by longevity, sustainability, and consistency
    • should NOT be measured by financial gain, hourly rate, or utilization
    • should produce a sense of satisfaction, belonging, and purpose

    He then introduced us to the freelancer:

    • wears many hats
    • notably independent
    • obsessed with efficiency
    • moves on quickly
    • pros: freedom of choice, what equipment and technologies to use, what to charge
    • cons: finding work, negotiating contracts, invoicing, scheduling

    Next, the nine-to-fiver:

    • values stability
    • appears dedicated
    • separates work from home life
    • pros: limited responsibility, division of labor, predictable cash flow, division between work and home
    • cons: illusion of job security, misplaced obligations (overtime), capped compensation, red tape, politics

    And finally the moonlighter:

    • distracted and tired due to alter-ego double life
    • may rely on chemical assistance or augmentation for performance
    • prone to repetitive burnout cycles or recuperative sabbaticals
    • pros: stability w/some freedom, attainable transition to freelancing, supplemental income
    • cons: extra responsibility and obligation, difficult to sustain over time, leaves little time for recreation

    Which one you are will largely be determined by your particular set of skills and whether you are comfortable with the pros and cons. That being said, it’s important that we not allow ourselves to get boxed into a job that we don’t like. Constant re-evaluation of our situation can be healthy.

    David closed with some suggestions on how to become a more marketable professional, regardless of which camp we’re in:

    • print and carry business cards
    • go places, meet people
    • make friends and be friendly
    • make connections and connect others
    • help people that need help
    • attend and speak at professional groups, social gatherings, and conferences
    • start communities and conversations (don’t wait for permission)

    Also, get plenty of sleep. Less than 8 hours is highly detrimental to learning and productivity. Contextual switching and mental fatigue are also productivity killers.

    David’s slide deck included some fantastic character art depicting each type of worker, courtesy of his artistic brother-in-law. I haven’t found his slides posted online yet, but if they show up I’ll add a link here. Update: slides posted here!

    Next Monday I’ll be sharing my recap of Merlin Mann’s presentation titled “Seven Lessons in Personal Marketing.” Until then…

    This post is one in a series from Indieconf 2012