Rails 3.1 Nears Delivery
The open source Ruby on Rails community is gearing up for their next major release.
"There is some very important stuff in Rails 3.1," Nic Williams, VP of technology at Engine Yard told InternetNews.com.
Rails 3.1 Performance Boosters
From a production perspective, Williams noted that prepared statements will also make a big difference.
"Prepared statements is one of those things that is ridiculous that we didn't have from the start," Williams said. "For certain database environments this can lead to massive improvements in performance."
For the open source PostgreSQL database, using prepared statements can lead to an up to 10 times performance improvement. In contrast, Williams noted that the difference on the MySQL database is not as pronounced. He added that prepared statements will likely encourage Rails users to use PostgreSQL more than MySQL with Rails.
Rails 3.1 users will also get a performance boost from HTTP Streaming, which will enable Rails apps to download assets while the server response is still in process. HTTP Streaming will improve Rails application performance and it leverages Web server capabilities in the open source nginx server, which is commonly used for Rails deployments.
Rails 3.1 Security Enhancements
From a security perspective, Rails 3.1 also provides developers with a number of improvements. The new Force SSL controller is all about making sure connections are safe and encrypted.
"This module provides a method which redirects browsers to use the HTTPS protocol," the ForceSSL github comments state. "This will ensure that user's sensitive information will be transferred safely over the internet. You _should_ always force browser to use HTTPS when you're transferring sensitive information such as user authentication, account information, or credit card information."
Going a level deeper, password encryption gets a boost with the
"Dead-simple BCrypt-based passwords," David Heinemeier Hansson wrote in the Rails 3.1 release announcement. "Now there's no excuse not to roll your own authentication scheme."
Originally published on http://www.developer.com.