31 Aug '17, 3pm

Ruby on Rails Security 17-Item Checklist

This checklist of Ruby on Rails Security Best Practices focuses on the development side. Check for Unauthorized Access Authentication Filter Passwords and Other Sensitive Data on Logs Cross Site Request Forgery (CSRF) Strong Parameters Throttling Requests Protecting Your Users Use HTTPS No Credentials in the Repository Credentials on Environment Variables Rails Security Announcements Bundler Audit Run Brakeman Admin Pages Run the Rails App as Unprivileged User SQL Injection User Input 1. Check for Unauthorized Access Always verify that the user is authorized to do the action he's doing. Say you have a page with a list of projects that a user owns, one link might be to /projects/1 . However, the user can easily go to a different project page by changing 1 to any number. Instead of @project = Project.find(params[:id]) , you should use @project = @current_user.projects.find(p...

Full article: http://www.engineyard.com/blog/ruby-on-rails-security-che...

Tweets

Ruby on Rails #Security 17-Item Checklist

engineyard.com 01 Sep '17, 8am

This checklist of Ruby on Rails Security Best Practices focuses on the development side. Check for Unauthorized Access Aut...

Ruby on Rails Security 17-Item Checklist

popl.ink 06 Sep '17, 5pm

Sign up for my newsletter and I'll let you know when there's something new. Sign Up Now ⚡️ by Poplink

Continue on existing Ruby on Rails project by s...

freelancer.com 30 Aug '17, 10am

rails generate model from schema , create new rails app , rails mysql , rails create migration from schema , how to run an...

6 Questions to Ask a Ruby on Rails Development ...

blog.planetargon.com 30 Aug '17, 3pm

Are you looking for a Ruby on Rails development company to help with your project? Are you looking to build a Minimum Viab...

Professional Ruby on Rails Developer with Rails 5

udemy.com 02 Sep '17, 3am

The Professional Ruby on Rails Developer with Rails 5 is the latest course brought to you by the creators of the best-sell...

Ruby on Rails 入門 -Railsアプリケーションの処理の流れ(表示編)- 21:...

schoo.jp 06 Sep '17, 10am

if (array_reduce($masterplan_nav_info, function($res, $info) { return $res || empty($info['flags']['is_able_to_access']) |...

Lafmatch: Ruby on Rails Developer

weworkremotely.com 01 Sep '17, 4pm

Programming is hard work but we believe it should be fun too. And if the product itself is fun? Even better! Lafmatch is a...

Verify user phone numbers in Ruby on Rails with...

rubyflow.com 30 Aug '17, 10am

× The Ruby and Rails community linklog Made a library? Written a blog post? Found a useful tutorial? Share it with the Rub...

Get your coding on with Ruby on Rails! This Sat...

facebook.com 05 Sep '17, 5pm

To help personalize content, tailor and measure ads, and provide a safer experience, we use cookies. By clicking or naviga...

Hubstaff: Ruby on Rails Software Engineer

weworkremotely.com 28 Aug '17, 6pm

We are looking for a talented Ruby on Rails engineer to join our passionate development team. You will help tackle challen...

Chef is looking for Software Security Developme...

jobs.jobvite.com 01 Sep '17, 6pm

Chef is building the best infrastructure automation platform on the planet. We’re writing the rules of the cloud -- rules ...

BRAKEMAN: Rails Security Scanner

rubyflow.com 02 Sep '17, 4am

× The Ruby and Rails community linklog Made a library? Written a blog post? Found a useful tutorial? Share it with the Rub...

How to Implement a GraphQL API in Rails

rubyflow.com 30 Aug '17, 9am

× The Ruby and Rails community linklog Made a library? Written a blog post? Found a useful tutorial? Share it with the Rub...

Ruby on Rails with Visual Studio Code

rubyflow.com 28 Aug '17, 2pm

× The Ruby and Rails community linklog Made a library? Written a blog post? Found a useful tutorial? Share it with the Rub...

The Cocktail - Desarrollador/a Ruby on Rails - ...

trabajosrails.com 30 Aug '17, 7am

Buscamos un desarrollador o desarrolladora que participe como back-end en proyectos challenger de The Cocktail colaborando...