01 Sep '17, 8am

Ruby on Rails #Security 17-Item Checklist

This checklist of Ruby on Rails Security Best Practices focuses on the development side. Check for Unauthorized Access Authentication Filter Passwords and Other Sensitive Data on Logs Cross Site Request Forgery (CSRF) Strong Parameters Throttling Requests Protecting Your Users Use HTTPS No Credentials in the Repository Credentials on Environment Variables Rails Security Announcements Bundler Audit Run Brakeman Admin Pages Run the Rails App as Unprivileged User SQL Injection User Input 1. Check for Unauthorized Access Always verify that the user is authorized to do the action he's doing. Say you have a page with a list of projects that a user owns, one link might be to /projects/1 . However, the user can easily go to a different project page by changing 1 to any number. Instead of @project = Project.find(params[:id]) , you should use @project = @current_user.projects.find(p...

Full article: http://www.engineyard.com/blog/ruby-on-rails-security-che...

Tweets

Ruby on Rails Security 17-Item Checklist

engineyard.com 31 Aug '17, 3pm

This checklist of Ruby on Rails Security Best Practices focuses on the development side. Check for Unauthorized Access Aut...

BRAKEMAN: Rails Security Scanner

rubyflow.com 02 Sep '17, 4am

× The Ruby and Rails community linklog Made a library? Written a blog post? Found a useful tutorial? Share it with the Rub...

Ruby on Rails Security 17-Item Checklist

popl.ink 06 Sep '17, 5pm

Sign up for my newsletter and I'll let you know when there's something new. Sign Up Now ⚡️ by Poplink

Professional Ruby on Rails Developer with Rails 5

udemy.com 02 Sep '17, 3am

The Professional Ruby on Rails Developer with Rails 5 is the latest course brought to you by the creators of the best-sell...

Ruby on Rails 入門 -Railsアプリケーションの処理の流れ(表示編)- 21:...

schoo.jp 06 Sep '17, 10am

if (array_reduce($masterplan_nav_info, function($res, $info) { return $res || empty($info['flags']['is_able_to_access']) |...

Lafmatch: Ruby on Rails Developer

weworkremotely.com 01 Sep '17, 4pm

Programming is hard work but we believe it should be fun too. And if the product itself is fun? Even better! Lafmatch is a...

10 famous Ruby on Rails web applications

10 famous Ruby on Rails web applications

syndicode.co 31 Aug '17, 3pm

GitHub This is the most popular platform for the code developers. We bet you know it already. GitHub was launched in 2008 ...

Get your coding on with Ruby on Rails! This Sat...

facebook.com 05 Sep '17, 5pm

To help personalize content, tailor and measure ads, and provide a safer experience, we use cookies. By clicking or naviga...

Chef is looking for Software Security Developme...

jobs.jobvite.com 01 Sep '17, 6pm

Chef is building the best infrastructure automation platform on the planet. We’re writing the rules of the cloud -- rules ...

Unmiss: Add Ruby's method_missing to you javascript objects #ruby #rails

Unmiss: Add Ruby's method_missing to you javasc...

github.com 01 Sep '17, 8pm

implementation you can use in your javascript classes. Basically, it is a method that is called when no matching method is...

New Job Alert: Ruby on rails developer by GoCom...

freelancer.com 03 Sep '17, 1pm

ruby on rails developer resume , ruby on rails developer job description , ruby on rails developer means , ruby on rails d...

Ruby on Rails Developer

genuinejobs.com 04 Sep '17, 5pm

Programming is hard work but we believe it should be fun too. And if the product itself is fun? Even better! Lafmatch is a...

إلى إطار العمل Ruby on Rails https://t.co/cIpOtm7cAp

إلى إطار العمل Ruby on Rails https://t.co/cIpOt...

academy.hsoub.com 11 Sep '17, 7pm

يتطلب تجميع ضغط أصول CoffeScript و JavaScript وجود بيئة تنفيذ Javascript في نظام التشغيل، وبغياب هذه البيئة ستتلقى خطأ exe...