Archive of posts from January 2012

Testing Rails Engines With Rspec

After my lightning talk at [Ruby North East](, a couple of people asked me how to go about getting set up with an engine with RSpec as the testing framework. We've automated this at Sage, but here's what's necessary.

TimThumb Hack Check Script

I was recently a victim of the [timthumb vulnerability]( At first I noticed some rogue PHP in all my index.php files, which I cleaned up. But it turned out they had already got in enough to re-hack in no time at all. This time it was my javascript files which all had some obstruficated code in them, causing every page load to make a request to some random site.