Akshay Khot

I run an independent software studio/agency specializing in Ruby on Rails. This blog is my attempt to spread the joy of programming in Ruby and building web apps in Rails with the world.

Victoria, BC

184 Articles

How Rails Authenticity Tokens Protect Against CSRF Vulnerability

Rails protects your web application from CSRF attack by including an authenticity token in the HTML forms. This token is also stored in the user's session. Upon receiving a request, Rails compares these two tokens to decide if the request is verified.

Rails Internals 6 min read

Cross-Site Request Forgery (CSRF) Attack: What It Is, How It Works, and How to Prevent It

CSRF vulnerability tricks authenticated users of an application to perform a dangerous activity on that application, simply by clicking a link. This post explains how CSRF works with a practical example, and shows how to protect against it, both as a user and a developer building web applications.

7 min read

Docked Rails: Setup a Ruby on Rails Application on Docker 🐳

Setting up a new Ruby on Rails application with all the dependencies doesn't have to be complicated. Docked is a new command line tool that simplifies the process of creating a new Rails app using Docker.

7 min read

Nested Modules in Ruby

Ruby provides two different ways to define nested modules. This post explains the difference between them and how to decide which one to use. It also explains the `Module.nesting` method which returns the list of modules nested when called.

1 min read

The Difference Between load, autoload, require, and require_relative in Ruby 📖

Loading external files can get tricky in Ruby, but it doesn't have to be. This post explains the usage of Ruby's load, require, and require_relative methods, and when to use each.

6 min read

Open GitHub Repositories in VS Code In-Browser

GitHub allows you to open any repository in an in-browser VS Code by just pressing the `.` key on your keyboard.

How to Explicitly Render a Different View in Rails

A standard Rails controller receives an incoming HTTP request, generates the data needed for the response, and renders an HTML view template. 💡An API controller

2 min read

Method Shorthand in Ruby

While reading the docs, I learned that Ruby (3.0 and up) provides a shorthand syntax for one-line methods, similar to computed properties in C#

1 min read

Array Inquiry in Rails

The ArrayInquirer class provided by the Active Support framework in Rails provides a readable way to check the contents of an array. This post explores how you can implement this using metaprogramming in Ruby.

2 min read

How to Check If Value Exists in an Array in Ruby (and Rails)

In this post, we'll learn two different ways to check if a value is included in an Array.

1 min read

Tracking TODO and FIXME Comments with Rails Notes Command

This post shows how you can use the notes command in Rails to search through your codebase for comments starting with a specific keyword. By default, it searches the codebase for FIXME, OPTIMIZE, and TODO comments, but you can also configure it to use custom keywords.

1 min read

What Happens When You Call render? Let's Understand the Rails Rendering Process

This article explains the Rails rendering process in the context of returning JSON data from the controller. Hopefully, it will make it clear what really happens when you call the render method from the controller.

Rails Internals 7 min read