CloudFront CORS with Custom Origin

Modern browsers respect Cross Origin Resource Sharing which means they won’t load web fonts (.woff, .ttf, etc.) from a CloudFront distribution.

If you are using a custom origin (AKA your website) for CloudFront you need to do the following:

1. Send the header Access-Control-Allow-Origin: * when serving up web fonts on your server.

Example for Apache (in .htaccess):

 # Set CORS headers so CloudFront will forward them
 <FilesMatch ".(eot|ttf|otf|woff|svg)">
 Header set Access-Control-Allow-Origin "*"

2. Edit your CloudFront distribution Behavior to Forward Headers and add Origin to the whitelist. I know this doesn’t make a ton of sense but that’s how AWS set it up (source).



3. Invalidate your cache from the AWS console or just wait until CloudFront refreshes its cache.

Use DateTime instead of Date for ActiveRecord ranges

I was working with a query that selected all “Orders” created this month, it looked like this:

 @today =
 @start_date = @today.beginning_of_month
 @end_date = @today.end_of_month
 @orders = Order.where(created_at: @start_date..@end_date)

and the resulting SQL query looked like this:

 SELECT `orders`.* FROM `orders` WHERE (`orders`.`created_at` BETWEEN '2014-08-01' AND '2014-08-31')

…but since Rails automatically converts Date objects from localtime to UTC the dates in that query should have been offset by my timezone (in this case PDT -7 hours).

The fix was simple, use DateTime objects instead of Date objects and Rails automatically calculated the offset based on my Timezone (config.time_zone):

@today =
 # ...

and the fixed query:

 SELECT `orders`.* FROM `orders` WHERE (`orders`.`created_at` BETWEEN '2014-08-01 07:00:00' AND '2014-09-01 06:59:59')

Debug your Apache mod_rewrite Rules!

Apache mod_rewrite is incredibly powerful but it’s also a PITA if you’re trying to do something advanced. Luckily, you can log mod_rewrite’s activities and better understand why your rules aren’t working.

Just add RewriteLogLevel and RewriteLog to your Apache VirtualHost config:

 <VirtualHost *:80>
 # ...

RewriteLogLevel 8
 RewriteLog /var/log/apache2/rewrite.log

# ...

I suggest log level 8 but you can try lower. Logging rewrites will be SLOW: do not enable in production.

Sample rewrite log output:

 [perdir /var/www/] RewriteCond: input='/small/asdfsadf/avatar.jpg' pattern='^(.*)/(.*)/(.*)' => matched
 [perdir /var/www/] RewriteCond: input='/var/www/' pattern='-f' => matched
 [perdir /var/www/] rewrite 'small/asdfsadf/avatar.jpg' -> '/small/avatar.jpg'
 [perdir /var/www/] internal redirect with /small/avatar.jpg [INTERNAL REDIRECT]


Pretty print to console in Node.js

JSON.stringify is pretty cool, in fact you can use it to print javascript data structures in a more readable format.

Of course modern browser javascript consoles already format nested data for you, but this is really helpful when using console.log() in Node.js

console.log(JSON.stringify(window.location, null, 2));

// prints...
  "ancestorOrigins": {
    "length": 0
  "origin": "",
  "hash": "",
  "search": "",
  "pathname": "/category/web-dev/",
  "port": "",
  "hostname": "",
  "host": "",
  "protocol": "http:",
  "href": ""

JSON.stringify documentation

Analyzing mysql slow query log

I had yet to have a need for a tool to analyze a MySQL slow query log, after some searching I came across a tool I already had!

Most MySQL installs come with the utility mysqldumpslow which is great for parsing your slow query log. I needed to sort by lock time so I just ran the following:

[code]mysqldumpslow -s l mysql-slow.log | less[/code]

I'm in love with git

A month ago I switched to git from subversion when I started at RealSelf. Now I’m in love.

Why I liked git before:

  • Distributed
  • Fast
  • Github
  • (hip)

Why I love git now:

  • Branching does not disrupt workflow


# …working on myBranch…

git stash

git checkout someOtherBranch

# …make your changes to someOtherBranch…

git commit

git checkout myBranch

git stash pop

# and I’m right back where I left off!


  • Rebase


# instead of:

git merge master

# and getting a messy commit log.. do this:

git rebase master

# and your commits starting after you branched
# are rewound and applied on top of the latest from master


  • The command line interface is so powerful and usable that I don’t rely on GUI tools (except for resolving conflicts)
  • Pull requests (Github again)

Mockingbird doesn't want casual users

This morning a friend forwarded me this email from Mockingbird.

Dear Mockingbird customers,

Mockingbird’s taking flight

We’re excited to announce that Mockingbird will launch on August 15, 2010 — with multi-user collaboration!

Details on the paid plans:

Active Projects Users Price/month
Personal 2 Unlimited $9
Team 10 Unlimited $20
Pro 25 Unlimited $40
Unlimited Unlimited Unlimited $85

There will also be a free account available that allows 1 project with 3 pages.

You can archive finished projects, which won’t count toward your active project limit. You won’t be charged for months during which you have no projects active.

What you need to do

Projects made with beta accounts will be automatically archived and will not be accessible after August 15, 2010. Customers who choose to upgrade to a paid plan may re-activate beta projects, but free accounts will not be able to access old beta projects, so please make sure to log into your Mockingbird account to export PNG or PDF versions of any projects you need.

Beta discount

Your feedback has made Mockingbird better, and we’d like to thank you by offering a coupon for 25% off the first three months of any paid plan. Keep your eye out on your inbox for the coupon code when Mockingbird launches.

Questions or comments?

If you’ve got questions about the transition out of beta or want to get in touch with us for any other reason, we’d love to hear from you. Email us at

Thanks for all your support, and we look forward to continuing to help you make great wireframes.
– The Mockingbird Team

In a nut shell they are saying thanks for testing, all projects are now archived so export them. If you want your old projects back, pay us. Wow.. Awesome. Thanks!

I jumped on Twitter, first off I never use Twitter but I figured it might be worth a try.

Thanks @gomockingbird for throwing casual users under the bus, hope you enjoyed all the testing that was done with no reward except a coupon

@willlangford We really do want to be usable for casual users, and it seems like many don't use more than 1-2 pages, hence our free plan.
@gomockingbird archiving current projects and only allowing paid users to reactivate old projects is what got me.
@willlangford If you need to keep your projects longer, just let us know, and we'll happily do so. Also, share links will keep working

Wow. Didn’t expect that.

I guess I just have to tweet a complaint to get my projects extended, so everyone else that is in the same boat as me has to ask? What’s the harm in letting your free beta testers to keep their current projects? Oh… right.. Mockingbird doesn’t want casual users that could see the benefits of a quick HTML5 mockup tool so they won’t eventually become paid users and tell friends and colleagues alike how great of an application it is.

My project is exported.. who knows what they will do in the future but don’t consider your projects safe with this startup.

A good reason to dump OpenDNS

namebench DNS Benchmark Results

Like me, you’ve probably read all sorts of great things about the public DNS service OpenDNS, but one thing you should find out for yourself is how it will impact the speed of your web browsing.

After using OpenDNS name servers for months at work I started to notice that page load times at home (on a much slower connection) were considerably more “snappy” with my ISP provided DNS servers. A quick Google brought up the comprehensive Open Source namebench DNS benchmark tool.

A run of namebench resulted in a pretty html file with numbers and graphs that confirmed my suspicions. My ISP’s (Comcast) DNS servers were 174.4% faster than OpenDNS on average, with Google’s Public DNS coming in a close second place.

It should be noted that namebench is rather smart and it rifles through your browser history in order to compile a personalized set of domains for its testing, so my results are potentially unique – and this is just one test (actually I did three, I also used Alexa top domains for a source to avoid DNS caching – and the results were all similar), at one location. Although once I switched to my ISP’s DNS servers I experienced a noticeable difference in page load times.  Not to mention that my results may change in the future due to server load, poor caching, etc. But with OpenDNS, there was always a slight wait before a page would even start to load, and now that wait is gone. And that’s on a 36Mbps downstream connection.

My points are simple:

  1. Switching to OpenDNS (or any other DNS service) may be a bad thing.
  2. Your DNS server does matter.
  3. namebench is awesome.

It may be a matter of milliseconds but it all adds up, many large websites require dozens of DNS queries for ads, images, scripts and more. Do your own testing before believing the hype.

Regardless, OpenDNS is still a great service: if I ever have the need for a basic content filtering system I will turn to OpenDNS.

Download namebench (for Windows, Mac, or Linux/Unix) and see for yourself how your current DNS stacks up.

WordCamp PDX '09 Day 1 – What I came away with

I just attended WordCamp Portland ’09 Day 1 (Sat, Sept. 19 2009) an this is what I came away with…

  • Session: Jason Grigsby – Speed Up WordPress. Make Readers Happy and Your Site Green
    1. Setting expires headers really does matter in the battle for page loading speed/efficiency.
    2. SpriteMe makes CSS sprite implementation so easy there’s little excuse not to try it.
    3. There’s a promising SQL query stats plugin for WP available:  SQL Monitor
  • Session: Woopra intro w/ Lorelle VanFossen (who is very friendly!)
    1. Woopra provides real time analytics via a cross-platform desktop app.
    2. Woopra is free while in beta but will continue supporting most existing accounts when they go full release and start charging for the service.
    3. Woopra utilizes javascript embedded in the site in order to track (line Google Analytics).
    4. Woopra’s real time capabilities provide insight into the results of social networking + marketing campaigns.
    5. Woopra’s interface is snazzy!
  • Session: Matt Mullenweg – WordPress Q&A
    1. Matt is a funny guy in person too!
  • Session: Unconference discussion of the WordPress Codex (I suggested this topic)
    1. The Codex’s short comings are well known and being addressed!
    2. A new “handbook” documentation system is in the works and volunteer help is needed.
    3. The plan is to approach many help topics from multiple points of view such as Theme Designer, Core Developer, Plugin Developer, etc. as well as having “lessons” for particular tasks.
    4. The new docs will be standardized, version controlled, community driven, and overseen by the WP team.
    5. We can contribute to the current Codex (it’s MediaWiki driven) and our good stuff won’t be lost in the change over.
    6. A jobs board for is in the works – community cred will be associated with contractors offering their services.
    7. There is a passionate accessible open source community behind WordPress! It may be hard to find but it’s definitely there, and they need volunteer help from anyone involved in WordPress – even if you’re brand spanking new, they need your perspective! Some resources for contributing to WordPress:

On another note, there was an interesting mix of MacBooks and NetBooks at the con and from what I was seeing the WiFi was a little flaky (had some issues getting an IP).

If you would like to talk to me at the conference Sunday I will be wearing the below pictured yellow Kool-Aid Man Web 2.OH YEAAH!! t-shirt from Mule Design. I may appear to be derisive or zombie-like but I assure you it’s because I am trying to kick the energy beverage habit and suffering the side effects.

If you can’t read my badge on Sunday, my name is Sam.

Why might you want to talk to me?

  1. You enjoy my dry sarcasm.
  2. You have something to say about the WP plugin I wrote: TAC (Theme Authenticity Checker)
  3. You are curious why I only mentioned the above topics and not others.
  4. You take pity on me and want to inflate my ego.
  5. You want to meet a real live person you found on the web (even though I may lack celebrity).
  6. You enjoy the non-WordPress related content on this site and want to give me a high-five.
  7. You think I am a blundering idiot and don’t deserve to live (kindly warn me before you open fire).
  8. You really like the below t-shirt and want your picture taken with me. (I’m pretty good looking as well).
  9. You are having technical difficulties with you computer; Mac, Windows, or Linux and would like my help (I spend my daylight hours as a support technician).