Ruby Blocks Simplified

One of the most unique and often misunderstood features of Ruby is blocks. Blocks are Ruby’s version of closures and can be used to make code more reusable and less verbose. But keywords such as yield can be hard to grok at first and make this functionality a bit…

Read this article

Nonce-based Content Security Policy (CSP) in Rails

Introduction During my time at Gusto as a part of the Application Security team, I’ve been exploring ways to improve defense against Cross-Site Scripting (XSS) in modern web applications. At Gusto, we primarily use Ruby on Rails and React.js. Individually each framework comes with some XSS protections out…

Read this article

Building Toward a Modular Monolith

Imagine you have a Rails monolith and want to add new functionality. Your options are to 1) continue adding to the monolith, or 2) create a new service. Which do you choose? What if there’s a third option? Background Adding new functionality to a monolith is a lot like…

Read this article