James Crisp

Software dev, tech, mind hacks and the occasional personal bit

Category: Technical Page 6 of 14

Percent Number in Apache Rewrite Rules (mod_rewrite)

By

On November 5, 2009

In Technical

What do the %1 %2 in a Rewrite rule mean? The Apache guide does not help, nor does any other documentation I found. I came across the %1, %2 etc in some complex and arcane rules. Google ignores percent signs, which makes it hard to get an easy answer.

We’ll use the rules from my last post as an example.

RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^([a-z.]+)$ [NC]
RewriteRule ^/(.*)$ http://www.%1/$1 [R=301,L]

The %1 refers to the capture group in a previous RewriteCond. This differentiates it from the $1 which refers to a capture group in the current RewriteRule.

Hopefully I have littered this post with enough keywords that future googlers will find the answer to the %1 %2 in ReWrite rules more easily 🙂

Adding WWW to domains, and Apache Rewrite Rules (mod_rewrite)

By

On November 5, 2009

In Design / Architecture, Technical

Browse to http://google.com. Then look at the address bar. You’re not really at http://google.com. You’ve been redirected to http://www.google.com. Try the same on w3c, Facebook, Sydney Morning Herald etc.

Why WWW?
Why do all these sites redirect you to a www form? Well, the main reason is because it is advantageous to have a canonical URL, and, if your have to choose one URL, you might as well go with what people seem to expect, which is to include a ‘www’.

What’s so great about having one canonical URL?

  • Cookies: if your users can access the site at www.domain.com and domain.com, you can end up with some horrible cookie and session problems depending on the browser and web framework (behaviour is different between Firefox and IE). Stay tuned for another post with more details on this.
  • Certificates for HTTPS: certificates are usually for a single domain. If your site is available with and without ‘www’, your site will need a certificate for each or a multi-domain certificate (ie, more money and config).
  • Caching: if you have two URLS, any HTTP caching will only be half as effective
  • SEO: your page rank may be split between links to both possible URLs (though Google Webmaster tools seems to let you combine it)

How?
Right so, now you’re probably just hoping there is an easy way to implement this forced ‘www’ business! Well the good news is that it’s quite easy if you’re using Apache with mod_rewrite. I googled around to try and find some good rules, but the ones I found were tied to a single hard coded domain (no good for me where I have multiple domains pointing to the same server for different countries). See below for what I came up with. It seems to work quite well. You can put it in your virtual host configuration file or even .htaccess file.

RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^([a-z.]+)$ [NC]
RewriteRule ^/(.*)$ http://www.%1/$1 [R=301,L]

Line 1: Are you coming to the site without www. at the start of the host? [NC] means ignore case.

Line 2: Does your domain comprise of letters and dots (this means that going to the IP address will not fire the rewrite rule). Grab the domain in a capture group.

Line 3: Rewrite the URL with a www at the front, and keep the hostname from the previous condition (%1) and the path after the domain ($1). Use a status code 301, to tell the client that this is a permanent redirect.

Po: Beyond Yes and No by Edward de Bono (Book Review)

By

On October 23, 2009

In Book Reviews, Soft Skills and Mind Hacks, Technical

A few months back, I came across Edward de Bono’s book on Po at a local post office second hand book sale. I decided to risk 50c and buy this out of print, 1972 edition book on creativity and lateral thinking. It was worth every cent 🙂

Until you get a fair way into the book, it’s quite hard to work out what it is about. It is also quite wordy, and oddly organised. However, after reading it for a bit, I found it had some interesting ideas.

De Bono is not a big fan of the yes/no system or argument. He proposes that yes/no mindset that people usually use means that somebody has to be right and somebody wrong. With this mindset, an old theory cannot be replaced by a better one until it can be proven wrong by argument. For subjective subjects, this is not often possible. He proposes that when people have a “right” answer, they are happy and stop looking for a better answer, curbing creativity. Similarly, a “wrong” answer stops that train of thought – and perhaps if it had continued, then a good answer might have been found with ideas triggered from the “wrong” answer.

De Bono sets up PO as an alternative to the Yes / No system and talks about it as a way to break down established patterns and introduce discontinuity in thinking to come up with new ideas. He sees it as an alternative to the “clash” of argument and the “arrogance of logic” in the “closed and highly artificial world” of education, that in later life leads to a “need to be right”. He says that this “need to be right” then leads to people “defending not the idea, but your self-esteem” and having high resistance to new ideas and change.

De Bono disputes a common idea that by choosing the best answer in a series of questions or steps leads to the optimal solution at the end. He shows several examples where choosing the most optimal answer for each step leads to a solution which is not optimal.

Arguably the most interesting part of the book describes a number of tools for lateral thinking.

PO-1: Intermediate Impossible
Rather than immediately rejecting an impossible idea, look at it longer for good points. Reconsider your framework of judgment and concept package – maybe idea is right if you consider the situation in a different way. The idea can be a stepping stone to a better idea. When other people come up with a “wrong idea” listen longer and see where it can take you. This approach can be used as a tool – turn the “idea upside down, inside out, back to front” and “say the most unlikely and outrageous thing you can about the situation – and see where it gets you”.

PO-2: Random Juxtaposition
“When you have exhausted the different ways of looking at the problem from within, you bring in” a random word “in order to generate a fresh approach” through juxtaposition and connecting the words. The random word can be from opening a dictionary at random or from a list of “idea provoking” words.

PO-3: Change without rejection, by-passing old concepts to generate alternatives
“That idea is fine, but let us put it on one side and find a new way of looking at things”, “this is one way of looking at things and it is perfectly valid but it does not exclude other ways, so let us try to find some” or “I wonder if there are other ways of looking at this”. “Why do we have to look at things that way”, lets reconsider our starting point and understanding.

The last part I want to mention is the discussion of retardant doubt. De Bono suggests that with a Yes/No, boolean mindset, you require certainty of being right before acting. If you don’t have this certainty, your doubt holds you back. You may even create false certainty so that you can act (leading to problems later since you’ll then defend this false certainty). However, in the Po system, there is no certainty. The premise is only that the “current way of looking at things is the best one at the moment, but may need changing very soon”. This means you can act without certainty – your action might not be right in the absolute sense, but you are ready to “change it as soon as circumstances demand”. With the Po approach you explore a wide range of alternatives, choose the most effective idea for now, but be ready to change it for something even better.

Overall, I enjoyed the book (though skimmed some more repetitive bits) and plan to try out some of the lateral thinking tools. If you want to get the book, a second hand bookshop is probably a good option. It is quite expensive on Amazon.

Slides & Code: Securing your MVC site against Code Injection and X-Site Scripting

By

On August 26, 2009

In ALT.NET, C#, Talks, Technical

Here are the slides and code from yesterday’s talk at Sydney ALT.NET.

See Steve Sanderson’s post for the code/binary for subclassed aspx compiler and more information about the automatic encoding approach we covered in the talk.

Windows / .NET Dev Tools

By

On August 18, 2009

In C#, Technical, Windows

Recently I visited a .NET dev team to take a look at design, code and processes with a view to making recommendations to improve delivery speed. One of the more minor, but easily generalisable areas is around tooling. I often find that the little extra tools you pick up can make your work significantly more efficient. Here are a few free ones I use:

KDiff3
A brilliant merge tool that plugs nicely into TFS or SVN. SVN integration is automatic from the Kdiff3 installer. TFS integration is manual, but quite easy.

Console2
A tabbed console which works well with classic windows shell and powershell. Good support for resizing, copy paste, etc.

.NET Reflector
.NET decompiler for those dlls that don’t have source. There is also a great plugin that lets you decompile entire assemblies to files on disk.

Fiddler
When you’re debugging SOAP or RESTful web services, Fiddler is great. It lets you see the messages sent / received and even change and impersonate them.

QueryExpress
If you’ve got SQLExpress or just no tools installed, QueryExpress is a tiny (~100K) and quick query analyser style application for all breeds of MS SQLServer. Download in a few seconds, and be running queries before a minute is up.

Unlocker
Don’t you hate it when Windows gets its locks in a mess and you can’t delete/rename files? Unlocker will automatically pop up, show you which applications are holding file locks and let you release the locks.

Process Explorer
A more powerful and accurate Task Manager application which allows you to see file locks and many other types of information.

Talk: Securing your MVC site against Code Injection and X-Site Scripting

By

On August 18, 2009

In ALT.NET, C#, Talks, Technical

I’ll be giving a lightning talk on securing your ASP.NET MVC site against code injection and x-site scripting next Tuesday 25 August at the Sydney ALT.NET group. I’ll be demonstrating potential pitfalls and dangers of arbitary code injection, and how you can protect against it, elegantly. We’ve got 6 interesting talks lined up for the night. See you there!

“Ruby for Rails” by David Black

By

On August 10, 2009

In Book Reviews, Ruby / Rails, Technical

Ruby For RailsRuby for Rails by David Black is a fun read that takes concentration but repays it with little epiphanies that explain syntax and language features that you had previously taken for granted.

The book aims to “help Rails developers achieve Ruby mastery”. The coverage of Ruby features is not complete and there are some concepts missed that I would have liked to have read more about (eg, how do instance variables work under the hood?). There are also a number of introductory chapters on Ruby and Rails and some chapters devoted to a sample Rails project (R4RMusic) which I flicked through but didn’t add much value for me (they are also a little dated). By far, the most interesting parts of the book for me were on the Ruby type system, ‘self’ in various situations and how method look up works with modules and inheritance.

An area of Ruby that I had not previously explored was adding singleton methods to instances (like what you can do in Javascript). Eg,

o = Object.new
def o.say_hi
  p "hi"
end

>> o.say_hi
"hi"

or alternatively

o = Object.new
class << o
  def say_hi
    p "hi"
  end
end

Now, the interesting thing is that this is the basis for the whole class system in Ruby!

Classes are just a special type of object, and when you add class methods, you are really adding singleton instance methods to the class object for the type.

Ie, when you do something like:

class Cars
  def self.find_all
    ...
  end

You are actually creating a new object, of type Class which has a singleton method called 'find_all'. 'self' in the code above is the Class object, so def self.xxx is adding a singleton method to it.

This also explains the alternative syntax for adding class methods:

class Cars
  class << self
    def find_all 
      ... 
    end
  end

The same thing could be done by saying:

Cars = Class.new
Cars.instance_eval { def find_all; ... end; }

In Ruby, the type and class system is not very different from the normal objects you work with every day. I find this really quite cute and internally consistent.

The way the method search path works in ruby was also nicely explained in the book. Basically, finding a method starts at the top of the list below and stops as soon as a method with a matching name is found (ie, that responds to the message sent to the object):

  • Singleton methods on the object
  • Methods defined by the object's class
  • Methods defined by modules mixed in to the class
  • Methods defined by parent class
  • Methods defined by modules mixed into parent class
  • Repeat checking parents until get to Object
  • Methods defined on Object
  • Methods defined on Kernel (module mixed into Object)

This also explains why you can always call methods like 'p' from anywhere. They are coming from Kernel which is mixed in at the top of the inheritance tree for your object. Another case of internal consistency - there's no 'special' mechanism for these seeming globals.

Overall, I enjoyed the book and would recommend anyone having a read who has worked with Ruby and Rails but would like to dig a bit deeper.

Mephisto Contact Form Plugin Moved to GitHub

By

On August 10, 2009

In Mephisto, Ruby / Rails, Technical

Sorry the the confusion, anyone who has been checking out the the Mephisto Contact Form Plugin from the old SVN repository. The latest version with an update for Rails 2.3 is at:

http://github.com/jcrisp/mephisto_contact_form/tree/master

“Now, Discover your Strengths” and “Strengthfinder”

By

On August 6, 2009

In Book Reviews, Personal, Soft Skills and Mind Hacks, Technical

A while back I bought a copy of Now, Discover your Strengths by Marcus Buckingham and Donald Clifton, and have only just got around to reading it. The book comes with a single-use code that lets you take an online personality test with 180 questions, with the aim of determining your 5 core strengths. The test takes about half an hour and is not onerous.

The book outlines one main idea. Find your natural talents and capitalize on these, building them up into strengths. Shape your work and life in ways that use your natural talents, as this will make you more effective, productive and happy. Although anyone can learn anything, people with a natural talent in an area are going to be able to reach a higher level of capability and success. Mitigate your weaknesses by partnering with people who have complementary strengths, developing a support system to help you, improving your skills in the area just enough to stop them from detracting from your strengths or simply stop doing things that play to your weaknesses.

The core concept of playing to your strengths is covered from many angles in the book and with supporting stories of successful people like Bill Gates and Warren Buffett. There is then a detailed description of each of the strengths that the online personality test can highlight. The last part of the book is interesting and focuses on building organisations which play to people’s strengths, management of people with different strengths and some thoughts on the staff review process in organisations.

Overall, the book was a very quick read with low information density. The online test was fun. You can see my results below. I don’t think it told me anything too new – I already know that I’m pretty analytical, like to learn, focus strongly on achieving tasks etc. The core idea about playing to and building your strengths does seem a good one from the personal satisfaction and cost/benefit point of view (assuming society values the areas you have talents in, and your areas of weakness don’t get in the way too often).

Please note that the following text is Copyright 2000 The Gallup Organization.

Analytical
Your Analytical theme challenges other people: “Prove it. Show me why what you are claiming is true.” In the face of this kind of questioning some will find that their brilliant theories wither and die. For you, this is precisely the point. You do not necessarily want to destroy other people’s ideas, but you do insist that their theories be sound. You see yourself as objective and dispassionate. You like data because they are value free. They have no agenda. Armed with these data, you search for patterns and connections. You want to understand how certain patterns affect one another. How do they combine? What is their outcome? Does this outcome fit with the theory being offered or the situation being confronted? These are your questions. You peel the layers back until, gradually, the root cause or causes are revealed. Others see you as logical and rigorous. Over time they will come to you in order to expose someone’s “wishful thinking” or “clumsy thinking” to your refining mind. It is hoped that your analysis is never delivered too harshly. Otherwise, others may avoid you when that “wishful thinking” is their own.
Learner

You love to learn. The subject matter that interests you most will be determined by your other themes and experiences, but whatever the subject, you will always be drawn to the process of learning. The process, more than the content or the result, is especially exciting for you. You are energized by the steady and deliberate journey from ignorance to competence. The thrill of the first few facts, the early efforts to recite or practice what you have learned, the growing confidence of a skill mastered—this is the process that entices you. Your excitement leads you to engage in adult learning experiences—yoga or piano lessons or graduate classes. It enables you to thrive in dynamic work environments where you are asked to take on short project assignments and are expected to learn a lot about the new subject matter in a short period of time and then move on to the next one. This Learner theme does not necessarily mean that you seek to become the subject matter expert, or that you are striving for the respect that accompanies a professional or academic credential. The outcome of the learning is less significant than the “getting there.”

Command
Command leads you to take charge. Unlike some people, you feel no discomfort with imposing your views on others. On the contrary, once your opinion is formed, you need to share it with others. Once your goal is set, you feel restless until you have aligned others with you. You are not frightened by confrontation; rather, you know that confrontation is the first step toward resolution. Whereas others may avoid facing up to life’s unpleasantness, you feel compelled to present the facts or the truth, no matter how unpleasant it may be. You need things to be clear between people and challenge them to be clear-eyed and honest. You push them to take risks. You may even intimidate them. And while some may resent this, labeling you opinionated, they often willingly hand you the reins. People are drawn toward those who take a stance and ask them to move in a certain direction. Therefore, people will be drawn to you. You have presence. You have Command.

Focus
“Where am I headed?” you ask yourself. You ask this question every day. Guided by this theme of Focus, you need a clear destination. Lacking one, your life and your work can quickly become frustrating. And so each year, each month, and even each week you set goals. These goals then serve as your compass, helping you determine priorities and make the necessary corrections to get back on course. Your Focus is powerful because it forces you to filter; you instinctively evaluate whether or not a particular action will help you move toward your goal. Those that don’t are ignored. In the end, then, your Focus forces you to be efficient. Naturally, the flip side of this is that it causes you to become impatient with delays, obstacles, and even tangents, no matter how intriguing they appear to be. This makes you an extremely valuable team member. When others start to wander down other avenues, you bring them back to the main road. Your Focus reminds everyone that if something is not helping you move toward your destination, then it is not important. And if it is not important, then it is not worth your time. You keep everyone on point.

Input
You are inquisitive. You collect things. You might collect information—words, facts, books, and quotations—or you might collect tangible objects such as butterflies, baseball cards, porcelain dolls, or sepia photographs. Whatever you collect, you collect it because it interests you. And yours is the kind of mind that finds so many things interesting. The world is exciting precisely because of its infinite variety and complexity. If you read a great deal, it is not necessarily to refine your theories but, rather, to add more information to your archives. If you like to travel, it is because each new location offers novel artifacts and facts. These can be acquired and then stored away. Why are they worth storing? At the time of storing it is often hard to say exactly when or why you might need them, but who knows when they might become useful? With all those possible uses in mind, you really don’t feel comfortable throwing anything away. So you keep acquiring and compiling and filing stuff away. It’s interesting. It keeps your mind fresh. And perhaps one day some of it will prove valuable.

Spying on Instance Variables in Ruby

By

On August 5, 2009

In Ruby / Rails, Technical

A little while back, a few colleagues and I were spiking a proxy concept based on extending an existing web server. We wanted to check out an instance variable (eg, @very_secret) in a framework object which did not have an accessor. In the past, we’d used send (eg, secretive_object.send :hello_private) to get at privates, but send is only for methods. We were just digging around doing some debugging, so we opened the relevant class and added a public accessor for the instance variable to see what was happening. However, we thought there must be a more elegant way to do access instance variables outside the class, and one has just come to mind (at last!):

secretive_object.instance_eval { @very_secret }

instance_eval lets us run the code block in the context of secretive_object. Ie, self == secretive_object, so we can get at all the hidden stuff.

It’s a rather different approach to other languages like C# and Java where accessing private variables and private methods are part of a reflection/introspection API.

Page 6 of 14

Previous

Next

Powered by WordPress & Theme by Anders Norén