Escape and sanitize input and output?

Tagged sanitize, escape, input, output  Languages 

Thinking about escaping and sanitizing input and output? Read this:


  • Always sanitize output

You can fix bugs in the input sanitizer without touching the database by always sanitizing output.

  • Sanitize input, if it makes sense:

For example, if there’s a risk that input becomes invalid after sanitization it’s better to store data raw. Also, when there are multiple output formats sanitizing might break something.

faiss-cpu Dockerfile

Tagged faiss, dockerfile  Languages 


FROM continuumio/anaconda3

RUN conda install faiss-cpu -c pytorch


RUN pip install --upgrade pip
ADD requirements.txt /app/
RUN pip install -r requirements.txt



gid, uid in Dockerfile

Tagged uid, dockerfile, gid  Languages bash
# Debian
RUN addgroup --gid 10000 app && adduser --gid 10000 --uid 10001 app && chown -R app /app/ && chgrp -R app /app/ && chmod -R 740 /app/

# Alpine
RUN addgroup --gid 10000 app && adduser -u 10001 app -D -G app && chown -R app /app/ && chgrp -R app /app/ && chmod -R 740 /app/

Add the user to the host system too.

ActiveRecord after_create/after_save and associations

Tagged after_create, association, rails, after_save  Languages ruby

The order of ActiveRecord callbacks matter when for example they need to access associations (e.g. has_many).

For example, the calculate_doors will be called before the associations are saved to the database if you use :backdoor):

class Car < ApplicationRecord
  after_create :calculate_doors
  has_many :doors

This can lead to subtle errors.

Changing the order will fix the issue:

class Car < ApplicationRecord
  has_many :doors
  after_create :create_doors

Tested with Rails 6.1. Other versions might work differently.

See for details:

Placing your callbacks after associations is usually a good practice.

Preventing division by zero in PostgreSQL

Tagged zero, postgres, nullif, division  Languages sql
localhost=# select 1 / 0;
ERROR:  22012: division by zero
LOCATION:  int4div, int.c:824


localhost=# select 1 / NULL;
│ ?column? │
│        ¤ │
(1 row)

Time: 7.067 ms


localhost=# select 1 / NULLIF(0, 0);
│ ?column? │
│        ¤ │
(1 row)

Time: 0.303 ms