04 Mar '12, 6pm

Preventing mass assignment vulns in RoR: Good luck for security audits!

Web application frameworks are made to help developers building web applications. Some of them also help you with securing the web application. In fact one framework is not more secure than another: If you use it correctly, you will be able to build secure apps with many frameworks. Ruby on Rails has some clever helper methods, for example against SQL injection, so that this is hardly a problem. It’s nice to see that all of the Rails applications I audited had a good level of security.

Full article: http://edgeguides.rubyonrails.org/security.html#mass-assi...

Tweets

In the world of web app frameworks good feature...

guides.rubyonrails.org 05 Mar '12, 12am

Web application frameworks are made to help developers building web applications. Some of them also help you with securing...

que

guides.rubyonrails.org 04 Mar '12, 8pm

The attacker creates a valid session id: He loads the login page of the web application where he wants to fix the session,...

Super excited about , which just landed on Rail...

edgeguides.rubyonrails.org 05 Mar '12, 12pm

Resourceful Routing: If you’re building a RESTful JSON API , you want to be using the Rails router. Clean and conventional...

Tem um episódio sobre Mass Assignment no rails ...

railscasts.com 05 Mar '12, 1am

Mass assignment is something most Rails programmers make use of as it provides an easy way to populate the properties of a...

link: Ruby on Rails Guides: Ruby On Rails Secur...

edgeguides.rubyonrails.org 14 Mar '12, 9pm

The threats against web applications include user account hijacking, bypass of access control, reading or modifying sensit...

Ruby on REST 4: Using Representers in Rails: Th...

rubyflow.com 05 Mar '12, 7pm

Ruby on REST 4: Using Representers in Rails Posted by apotonick on March 05, 2012 — 0 comments The fourth post in the "Rub...

“NetBeans 7.1にRuby on Railsプラグインをインストールする手順 - R...

oiax.jp 04 Mar '12, 3am

Ruby on Railsの開発しかしないのなら、http://netbeans.org/downloads/index.html から「すべて」と書いてあるバンドルをダウンロードして、インストールするときに「カスタマイズ」ボタンをクリックして...

“Rail Spikes: Is your Rails application safe?”

railspikes.com 05 Mar '12, 12am

Tarantula : A fuzzing plugin that spiders your application looking for problems. Via Stuart Halloway’s post on Revelance’s...

Ruby on Rails Guides: A Guide to Testing Rails ...

guides.rubyonrails.org 09 Mar '12, 6pm

Testing support was woven into the Rails fabric from the beginning. It wasn’t an “oh! let’s bolt on support for running te...

Rails 3.1.4 has been released! It contains impo...

weblog.rubyonrails.org 01 Mar '12, 6pm

[ANN] Rails 3.1.4 has been released! Posted by aaronp March 01, 2012 @ 06:11 PM Rails 3.1.4 has been released. This releas...

Rails 3.2.2 has been released! It contains impo...

weblog.rubyonrails.org 01 Mar '12, 6pm

[ANN] Rails 3.2.2 has been released! Posted by aaronp March 01, 2012 @ 06:12 PM Rails 3.2.2 has been released. This releas...

@matthewlang not sure if you've seen/used this ...

apidock.com 09 Mar '12, 11am

The Model layer represents your domain model (such as Account, Product, Person, Post ) and encapsulates the business logic...

New @github pages infrastructure seems to be a ...

weblog.rubyonrails.org 01 Mar '12, 6pm

Rails/master is now 4.0.0.beta Posted by David December 20, 2011 @ 03:33 PM The forthcoming 3.2.x release series will be t...