liquid-silence

Activity Graph

Page 1 of 21 | Next »

2017-11-27

[14:09:30] liquid-silence: Quit: Connection closed for inactivity

2017-11-26

[17:10:17] liquid-silence: has joined #RubyOnRails

2017-09-20

[14:35:20] liquid-silence: has joined #RubyOnRails
[15:17:51] liquid-silence: ACTION hates regex
[15:18:57] liquid-silence: so I have this string
[15:18:58] liquid-silence: nOverdue\n0.00\nTotal Due:\n240.00\nEdgars
[15:19:20] liquid-silence: and I need to pull out the Total Due value which is 240
[15:19:42] liquid-silence: Total Due:\\n(?<rands>\d+).(?<cents>\d+)\\n
[15:19:45] liquid-silence: thats where I am at
[15:20:41] liquid-silence: @havenwood any pointers?
[15:20:44] liquid-silence: yes I have done that
[15:21:10] liquid-silence: https://www.irccloud.com/pastebin/egX1CjVY/
[15:24:00] liquid-silence: @havenwood it should work
[15:24:16] liquid-silence: "/Total Due:\\n(?<rands>\d+)\.(?<cents>\d+)\\n/.match(s)"
[15:26:39] liquid-silence: I have been looking at this for way too long
[15:27:17] liquid-silence: @havenwood if you have any idea, I would appreciate it
[15:27:26] liquid-silence: if not im going to call it a day a
[15:29:18] liquid-silence: *bashes keyboard*
[19:45:04] liquid-silence: Quit: Connection closed for inactivity

2017-09-07

[10:20:53] liquid-silence: has joined #RubyOnRails

2017-08-02

[12:09:18] liquid-silence: has joined #RubyOnRails
[12:09:42] liquid-silence: have any of you had experience with savon?
[12:09:53] liquid-silence: Savon::SOAPFault: (soap:Client) Unmarshalling Error: unexpected element (uri:"", local:"api").
[12:10:07] liquid-silence: I am not sure why its complaining about the local: 'api'
[12:11:05] liquid-silence: kAccount>,<{}Soulstace>,<{}Sbux>,<{}EWalletMpesa>,<{}BankTransfer>,<{}Debitcard>,<{}Api>,<{}Loyalty>,<{}TransactionRecord>
[12:11:05] liquid-silence: full error Savon::SOAPFault: (soap:Client) Unmarshalling Error: unexpected element (uri:"", local:"api"). Expected elements are <{}DiscoveryMiles>,<{}TransactionType>,<{}RCS>,<{}Customer>,<{}Basket>,<{}Fraud>,<{}Autopay>,<{}Eft>,<{}EWallet>,<{}Credit>,<{}Globalpay>,<{}Creditcard>,<{}Customfield>,<{}ThirdParty>,<{}AuthenticationType>,<{}AdditionalInformation>,<{}PayPal>,<{}Wallet>,<{}Mobicred>,<{}Ebucks>,<{}Safekey>,<{}Ban
[12:20:30] liquid-silence: I am going to loose my cool with this thing
[15:19:14] liquid-silence: Quit: Textual IRC Client: www.textualapp.com
[15:44:32] liquid-silence: has joined #RubyOnRails
[15:47:17] liquid-silence: why would xml generated. by savonrb work perfectly when copied into soap-ui but not via. savonrb?
[16:02:26] liquid-silence: this is annoying
[18:04:06] liquid-silence: Quit: My MacBook has gone to sleep. ZZZzzz…

2017-06-27

[06:33:04] liquid-silence: has joined #RubyOnRails
[15:32:25] liquid-silence: Quit: Connection closed for inactivity

2017-06-03

[11:49:48] liquid-silence: Quit: Connection closed for inactivity

2017-06-02

[09:10:11] liquid-silence: has joined #RubyOnRails

2017-05-31

[10:36:59] liquid-silence: Quit: Connection closed for inactivity

2017-05-30

[04:51:56] liquid-silence: @Radar, phoenix?

2017-05-29

[12:49:13] liquid-silence: any suggestions for a bug tracker that we can expose to our clients?
[13:01:21] liquid-silence: yeah we are currently just using trello
[13:02:01] liquid-silence: for this project 3 devs, 2 clients and a pm
[13:03:23] liquid-silence: github becomes costly
[13:03:53] liquid-silence: yeah we tried self hosted gitlab :)
[13:04:53] liquid-silence: I dont understand why github has outside collaborators as seats

2017-05-24

[10:18:55] liquid-silence: has joined #RubyOnRails
[10:19:35] liquid-silence: what happened to jQuery in rails 5?
[10:19:52] liquid-silence: how are you supposed to render partials from remote calls now?
[10:20:04] liquid-silence: I cannot seem to find documentation on this on rails guides
[10:21:59] liquid-silence: should I just re-add jQuery?
[10:22:55] liquid-silence: now the question is though
[10:22:58] liquid-silence: why is it removed?
[10:25:03] liquid-silence: or is there a different way to render partials?
[10:26:58] liquid-silence: it somehow does not make sense to me
[10:36:35] liquid-silence: damn its quiet in here

2017-04-10

[16:26:23] liquid-silence: has joined #RubyOnRails
[16:27:58] liquid-silence: using devise with nested forms and its not creating the nested model, receiving a ActiveRecord::AssociationTypeMismatch: Company(#70111777399940) expected, got ActiveSupport::HashWithIndifferentAccess(#70111765387260) error
[16:28:02] liquid-silence: anyone seen this before?
[16:28:29] liquid-silence: fryguy doing so now
[16:30:54] liquid-silence: https://pastebin.com/bCZUNLTZ
[16:33:20] liquid-silence: not really sure why its throwing that specific error..
[16:35:15] liquid-silence: @fryguy can you see anything that I am not seeing?
[16:40:26] liquid-silence: nevermind I was being dumb
[16:45:52] liquid-silence: Quit: Textual IRC Client: www.textualapp.com

2016-07-26

[07:18:13] liquid-silence: has joined #RubyOnRails
[07:18:15] liquid-silence: has joined #RubyOnRails
[09:18:19] liquid-silence: Remote host closed the connection

2016-07-19

[00:24:41] liquid-silence: Quit: Textual IRC Client: www.textualapp.com

2016-07-18

[23:20:46] liquid-silence: has joined #RubyOnRails
[23:21:04] liquid-silence: has joined #RubyOnRails
[23:21:47] liquid-silence: is there a way I can stop capistrano from starting unicorn on a role?
[23:21:58] liquid-silence: I specify set :unicorn_roles, -> { :web }
[23:22:07] liquid-silence: but yet it still starts unicorn on all my machines
[23:22:17] liquid-silence: same with starting sidekiq on all the other machines
[23:22:23] liquid-silence: I am over this crap

2016-07-12

[05:41:35] liquid-silence: has joined #RubyOnRails
[05:42:13] liquid-silence: whats the standard to split a rails app into parts, same DB, and multiple sidekiq workers
[05:42:40] liquid-silence: we have around 8 workers currently and horizontal scaling is not the best idea here\
[06:17:39] liquid-silence: Radar we are hitting performance issues
[06:18:13] liquid-silence: so we have for instance 8 workers that use a lot of CPU and memory, we would like to know if there is a way to run each sidekiq worker on its own machine
[06:18:38] liquid-silence: well we could scale it horizontally but currently the machines need tons of CPU and Ram
[06:18:58] liquid-silence: and thats not ideal, so instead of scaling just one worker we scale the entire app, which makes it least cost effective
[06:19:35] liquid-silence: yeah but that still requires the entire rails stack to be loaded and not just AR + Redis drivers etc..
[06:19:47] liquid-silence: which means the machine will need to be heavy in resources
[06:23:55] liquid-silence: haha yea we are using AWS
[06:27:11] liquid-silence: in essence yes,
[06:27:23] liquid-silence: unless we move to EB, I dont think we will get decent scalling
[06:28:31] liquid-silence: so just a worker box?
[06:44:48] liquid-silence: Radar, I would like to scale each worker on its own
[06:45:09] liquid-silence: the issue is its super long running processes, imagemagick etc...
[06:48:05] liquid-silence: yeah but now we need to scale the entire worker stack
[06:48:09] liquid-silence: and not just one worker
[06:48:36] liquid-silence: for instance, one of the workers we have is a resource hog, so why can't we just scale that worker out over 3 machines
[07:36:08] liquid-silence: Quit: Textual IRC Client: www.textualapp.com

2016-07-01

[05:50:29] liquid-silence: has joined #RubyOnRails
[06:16:15] liquid-silence: Quit: Textual IRC Client: www.textualapp.com

2016-06-30

[18:06:42] liquid-silence: has joined #RubyOnRails
[18:08:08] liquid-silence: has joined #RubyOnRails
[21:01:14] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…

2016-06-29

[07:16:53] liquid-silence: has joined #RubyOnRails
[07:57:57] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[08:03:34] liquid-silence: has joined #RubyOnRails
[08:14:37] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[08:17:14] liquid-silence: has joined #RubyOnRails
[08:32:58] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[08:41:45] liquid-silence: has joined #RubyOnRails

2016-06-06

[09:48:57] liquid-silence: has joined #RubyOnRails
[09:48:57] liquid-silence: has joined #RubyOnRails
[09:49:10] liquid-silence: has anyone here ever tried to watermark images on the fly with rails?
[09:51:53] liquid-silence: norc I am just checking if someone has done this, so I dont have to do all the research :P
[09:54:20] liquid-silence: yeah I know how we would like to do it
[10:38:29] liquid-silence: Quit: Textual IRC Client: www.textualapp.com
[10:52:23] liquid-silence: has joined #RubyOnRails
[10:52:23] liquid-silence: has joined #RubyOnRails
[13:17:20] liquid-silence: Read error: Connection reset by peer

2016-05-20

[04:16:54] liquid-silence: has joined #RubyOnRails
[04:16:54] liquid-silence: has joined #RubyOnRails
[04:24:30] liquid-silence: jhass so my document to the client worked, sortof
[04:26:41] liquid-silence: Read error: Connection reset by peer
[04:43:19] liquid-silence: has joined #RubyOnRails
[04:43:19] liquid-silence: has joined #RubyOnRails
[04:45:36] liquid-silence: @jhass so my document to the client worked, sorry dont know if this got through, internet DC'd
[06:05:02] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[06:20:14] liquid-silence: has joined #RubyOnRails
[06:20:14] liquid-silence: has joined #RubyOnRails
[07:06:51] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[07:28:45] liquid-silence: has joined #RubyOnRails
[07:28:45] liquid-silence: has joined #RubyOnRails
[08:02:40] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[08:15:18] liquid-silence: has joined #RubyOnRails
[08:15:18] liquid-silence: has joined #RubyOnRails
[08:31:04] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[08:41:13] liquid-silence: has joined #RubyOnRails
[08:41:14] liquid-silence: has joined #RubyOnRails
[10:15:10] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[10:29:03] liquid-silence: has joined #RubyOnRails
[10:29:03] liquid-silence: has joined #RubyOnRails
[11:02:04] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[13:41:54] liquid-silence: has joined #RubyOnRails
[13:41:54] liquid-silence: has joined #RubyOnRails
[14:23:36] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[14:35:30] liquid-silence: has joined #RubyOnRails
[14:35:30] liquid-silence: has joined #RubyOnRails
[14:51:35] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[15:02:01] liquid-silence: has joined #RubyOnRails
[15:02:02] liquid-silence: has joined #RubyOnRails
[15:14:14] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[15:15:19] liquid-silence: has joined #RubyOnRails
[15:15:19] liquid-silence: has joined #RubyOnRails
[15:38:39] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[15:43:08] liquid-silence: has joined #RubyOnRails
[15:43:09] liquid-silence: has joined #RubyOnRails
[16:12:07] liquid-silence: Quit: Textual IRC Client: www.textualapp.com

2016-05-19

[08:39:39] liquid-silence: @universa1 well the request would have been made already
[08:39:53] liquid-silence: http://stackoverflow.com/questions/1848532/how-can-you-use-rails-authenticitytoken-infrastructure-to-explicitly-protect-a-g
[08:41:12] liquid-silence: I am between to sides of a coin here, the one side, I think this is secure enough and I should find a way to convince him that its fine as is, the other side the client is super paranoid and I find a solution
[08:41:36] liquid-silence: jhass I am following :)
[08:42:41] liquid-silence: but what if I leave my computer unlocked and the session_id is still in the browser's cookie (we store session information in the database) and he copies the encrypted cookie, runs off and starts making requests against the server
[08:43:01] liquid-silence: he should then gain access to the data, but if there is a rolling value
[08:43:06] liquid-silence: he will not be able to do so
[08:43:46] liquid-silence: universa1 yeah, I am just trying to formulate a decent response, to this
[08:44:22] liquid-silence: yeah, its required in this case, hehe
[08:44:56] liquid-silence: the main security venerability here is the user it self.
[08:45:30] liquid-silence: jhass apparently I cannot use the IP, as it many users in one company so their IPs will be the same
[08:46:01] liquid-silence: I was planning on tying the nonce to something like the time of request
[08:46:51] liquid-silence: so once the request is made, I generate a new nonce that is tied to a unix timestamp, a random string and a sha of the users email,
[08:47:14] liquid-silence: yes but you can only replay 1 request
[08:47:54] liquid-silence: not particularly, because the nonce might have expired..
[08:48:03] liquid-silence: and cannot be used and you will be logged out
[08:48:25] liquid-silence: unless I tie it to something like CPUID of the machine
[08:48:48] liquid-silence: jhass within the timeframe yes, I am pretty screwed
[08:49:48] liquid-silence: I explained to this person that the session data is stored in the database, we use SSL, cookies only contain the session id, and how authenticity tokens work
[08:50:38] liquid-silence: jhass sure, we do this already
[08:51:24] liquid-silence: but when reading content inside the application, and the user is not making requests, the session will die
[08:51:59] liquid-silence: with the nonce, when the attacker captures the request, and the user completes the request, that request is invalid
[08:53:33] liquid-silence: so in a scenario, attacker watches the requests, while the user is navigating the application, the attacker has on a split second to complete the replay, as the user would have completed the request and the nonce (maybe not the correct usage, could be a request token) would be invalided
[08:53:56] liquid-silence: so replay will only be possible in a very small window of time, the time it takes the server to invalidate that token
[08:55:13] liquid-silence: yeah I understand if he can capture the request, he has the response anyway so why block replay? The attacker has already gained access to the content.
[08:57:11] liquid-silence: but now he has the request, cookie and so forth, we block the him from capturing requests, he leaves, user is still logged in, he can replay
[08:57:31] liquid-silence: jhass mind a quick PM? just want to paste a short paragraph to give context?
[08:57:39] liquid-silence: s/context?/context
[08:57:57] liquid-silence: we can further the conversation here
[08:58:49] liquid-silence: sure its just an instruction that I dont want to paste publically
[09:01:38] liquid-silence: jhass I actually think with the measures we have in place its pretty secure
[09:08:13] liquid-silence: jhass the problem is formulating a response to this request
[09:12:58] liquid-silence: jhass yeah thanks for the insight, I appreciate it
[09:45:56] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[09:46:19] liquid-silence: has joined #RubyOnRails
[09:46:19] liquid-silence: has joined #RubyOnRails
[12:50:11] liquid-silence: jhass this is what I am thinking we are trying to block
[12:50:28] liquid-silence: I intercepted a request with Charles and copied it as a curl request
[12:50:32] liquid-silence: sent it to someone else
[12:50:38] liquid-silence: and boom he gained access
[12:52:38] liquid-silence: yes but I am capturing the request and sending it to you in an email
[12:52:40] liquid-silence: you can replay it
[12:53:00] liquid-silence: but the user can just as well write it down
[12:53:19] liquid-silence: jhass, I have a curl request the Charles outputted, and I gave it to a person on the other side of the world
[12:53:29] liquid-silence: he was able to execute the curl request and see the content
[12:54:19] liquid-silence: but in all honesty, if the user wanted to do that, he could screenshot the content anyway and forward it off
[12:54:42] liquid-silence: jhass I did not mean to offend or upset you, sorry
[12:55:38] liquid-silence: with the current setup only the user that has access to the content can leak the content, not anyone else
[12:56:04] liquid-silence: you have to be at the physical computer where the application is open and the user needs to log in
[12:56:10] liquid-silence: *to be logged in
[15:49:12] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…
[16:10:44] liquid-silence: has joined #RubyOnRails
[16:10:44] liquid-silence: has joined #RubyOnRails
[17:24:06] liquid-silence: Quit: My Mac has gone to sleep. ZZZzzz…