TLS is the new name for SSL
Group items tagged
cryptography - What's the difference between SSL, TLS, and HTTPS? - Information Securit... - 0 views
-
-
HTTPS is HTTP-within-SSL/TLS
-
SSL (TLS) establishes a secured, bidirectional tunnel for arbitrary binary data between two hosts
- ...10 more annotations...
-
HTTP is meant to run over a bidirectional tunnel for arbitrary binary data; when that tunnel is an SSL/TLS connection, then the whole is called "HTTPS".
-
"SSL" means "Secure Sockets Layer".
-
"TLS" means "Transport Layer Security".
-
The name was changed to avoid any legal issues with Netscape so that the protocol could be "open and free" (and published as a RFC).
-
-
not just Internet-based sockets
-
"HTTPS" is supposed to mean "HyperText Transfer Protocol Secure",
-
Other protocol acronyms have been built the same way, e.g. SMTPS, IMAPS, FTPS... all of them being a bare protocol that "got secured" by running it within some SSL/TLS.
-
To make the confusing perfect: SSL (secure socket layer) often refers to the old protocol variant which starts with the handshake right away and therefore requires another port for the encrypted protocol such as 443 instead of 80.
-
TLS (transport layer security) often refers to the new variant which allows to start with an unencrypted traditional protocol and then issuing a command (usually STARTTLS) to initialize the handshake.
-
Whether you use SSL or TLS for this depends on the configuration of your browser and of the server (there usually is an option to allow SSLv2, SSLv3 or TLS 1.x).
bbatsov/rails-style-guide: A community-driven Ruby on Rails 4 style guide - 0 views
-
custom initialization code in config/initializers. The code in initializers executes on application startup
-
Keep initialization code for each gem in a separate file with the same name as the gem
-
Mark additional assets for precompilation
- ...90 more annotations...
-
config/environments/production.rb
-
Create an additional staging environment that closely resembles the production one
-
Keep any additional configuration in YAML files under the config/ directory
-
Rails::Application.config_for(:yaml_file)
-
Use nested routes to express better the relationship between ActiveRecord models
-
nest routes more than 1 level deep then use the shallow: true option
-
namespaced routes to group related actions
-
Don't use match to define any routes unless there is need to map multiple request types among [:get, :post, :patch, :put, :delete] to a single action using :via option.
-
Keep the controllers skinny
-
all the business logic should naturally reside in the model
-
Share no more than two instance variables between a controller and a view.
-
using a template
-
Prefer render plain: over render text
-
Prefer corresponding symbols to numeric HTTP status codes
-
without abbreviations
-
Keep your models for business logic and data-persistence only
-
Avoid altering ActiveRecord defaults (table names, primary key, etc)
-
Group macro-style methods (has_many, validates, etc) in the beginning of the class definition
-
Prefer has_many :through to has_and_belongs_to_many
-
self[:attribute]
-
self[:attribute] = value
-
validates
-
Keep custom validators under app/validators
-
Consider extracting custom validators to a shared gem
-
preferable to make a class method instead which serves the same purpose of the named scope
-
returns an ActiveRecord::Relation object
-
.update_attributes
-
Override the to_param method of the model
-
Use the friendly_id gem. It allows creation of human-readable URLs by using some descriptive attribute of the model instead of its id
-
find_each to iterate over a collection of AR objects
-
.find_each
-
.find_each
-
Looping through a collection of records from the database (using the all method, for example) is very inefficient since it will try to instantiate all the objects at once
-
always call before_destroy callbacks that perform validation with prepend: true
-
Define the dependent option to the has_many and has_one associations
-
always use the exception raising bang! method or handle the method return value.
-
When persisting AR objects
-
Avoid string interpolation in queries
-
param will be properly escaped
-
Consider using named placeholders instead of positional placeholders
-
use of find over where when you need to retrieve a single record by id
-
use of find_by over where and find_by_attribute
-
use of where.not over SQL
-
use heredocs with squish
-
Keep the schema.rb (or structure.sql) under version control.
-
Use rake db:schema:load instead of rake db:migrate to initialize an empty database
-
Enforce default values in the migrations themselves instead of in the application layer
-
change_column_default
-
imposing data integrity from the Rails app is impossible
-
use the change method instead of up and down methods.
-
constructive migrations
-
use models in migrations, make sure you define them so that you don't end up with broken migrations in the future
-
Don't use non-reversible migration commands in the change method.
-
In this case, block will be used by create_table in rollback
-
Never call the model layer directly from a view
-
Never make complex formatting in the views, export the formatting to a method in the view helper or the model.
-
When the labels of an ActiveRecord model need to be translated, use the activerecord scope
-
Separate the texts used in the views from translations of ActiveRecord attributes
-
Place the locale files for the models in a folder locales/models
-
the texts used in the views in folder locales/views
-
config/application.rb config.i18n.load_path += Dir[Rails.root.join('config', 'locales', '**', '*.{rb,yml}')]
-
I18n.t
-
I18n.l
-
Use "lazy" lookup for the texts used in views.
-
Use the dot-separated keys in the controllers and models
-
Reserve app/assets for custom stylesheets, javascripts, or images
-
Third party code such as jQuery or bootstrap should be placed in vendor/assets
-
Provide both HTML and plain-text view templates
-
config.action_mailer.raise_delivery_errors = true
-
Use a local SMTP server like Mailcatcher in the development environment
-
Provide default settings for the host name
-
The _url methods include the host name and the _path methods don't
-
_url
-
Format the from and to addresses properly
-
default from:
-
sending html emails all styles should be inline
-
Sending emails while generating page response should be avoided. It causes delays in loading of the page and request can timeout if multiple email are sent.
-
.start_with?
-
.end_with?
-
&.
-
Config your timezone accordingly in application.rb
-
config.active_record.default_timezone = :local
-
it can be only :utc or :local
-
Don't use Time.parse
-
Time.zone.parse
-
Don't use Time.now
-
Time.zone.now
-
Put gems used only for development or testing in the appropriate group in the Gemfile
-
Add all OS X specific gems to a darwin group in the Gemfile, and all Linux specific gems to a linux group
-
Do not remove the Gemfile.lock from version control.