05 Mar '12, 12am

In the world of web app frameworks good features have 'use cases'. But the really great features have *countermeasures*

Web application frameworks are made to help developers building web applications. Some of them also help you with securing the web application. In fact one framework is not more secure than another: If you use it correctly, you will be able to build secure apps with many frameworks. Ruby on Rails has some clever helper methods, for example against SQL injection, so that this is hardly a problem. It’s nice to see that all of the Rails applications I audited had a good level of security.

Full article: http://guides.rubyonrails.org/security.html#countermeasures

Tweets

Preventing mass assignment vulns in RoR: Good l...

edgeguides.rubyonrails.org 04 Mar '12, 6pm

Web application frameworks are made to help developers building web applications. Some of them also help you with securing...

que

guides.rubyonrails.org 04 Mar '12, 8pm

The attacker creates a valid session id: He loads the login page of the web application where he wants to fix the session,...

Super excited about , which just landed on Rail...

edgeguides.rubyonrails.org 05 Mar '12, 12pm

Resourceful Routing: If you’re building a RESTful JSON API , you want to be using the Rails router. Clean and conventional...

A Fresh Cup - Home - What's New in Edge Rails #11

afreshcup.com 05 Mar '12, 11am

Monday, March 5, 2012 at 5:51AM Week of February 26-March 3, 2012 The big news this week is the switch to requiring whitel...

Great Content Equals Great Rankings, Right? Wro...

seomoz.org 05 Mar '12, 1am

I've been a big fan of Chris Dixon's excellent blog for a while now, so you can imagine that I was really excited to see h...

link: Ruby on Rails Guides: Ruby On Rails Secur...

edgeguides.rubyonrails.org 14 Mar '12, 9pm

The threats against web applications include user account hijacking, bypass of access control, reading or modifying sensit...

Ruby on Rails Guides: A Guide to Testing Rails ...

guides.rubyonrails.org 09 Mar '12, 6pm

Testing support was woven into the Rails fabric from the beginning. It wasn’t an “oh! let’s bolt on support for running te...

A Thing (or Two) About Holly Jean: Peek into My...

hollyjean.sg 28 Feb '12, 5pm

Did you order yourself or someone special a Vanity Trove for February? My Valentine's Day Vanity Trove came smelling extra...

@dhh @37signals hm..

weblog.rubyonrails.org 05 Mar '12, 6pm

[ANN] Rails 3.2.2 has been released! Posted by aaronp March 01, 2012 @ 06:12 PM Rails 3.2.2 has been released. This releas...

6 Steps To Refactoring Rails (for Mere Mortals)...

engineyard.com 02 Mar '12, 8pm

Since December, Rails has undergone a fairly significant internal refactoring in quite a number of areas. While it was qui...

“NetBeans 7.1にRuby on Railsプラグインをインストールする手順 - R...

oiax.jp 04 Mar '12, 3am

Ruby on Railsの開発しかしないのなら、http://netbeans.org/downloads/index.html から「すべて」と書いてあるバンドルをダウンロードして、インストールするときに「カスタマイズ」ボタンをクリックして...

Waltham warrior princesses out to #SaveTheArctic via @GPWalthamForest

Waltham warrior princesses out to #SaveTheArcti...

greenpeace.org.uk 26 Feb '12, 8pm

“Thank you,” I said to the woman who took a leaflet from me. “What’s all this about then, something to do with Shell?” she...

Ruby on Rails Database Sharding: A Quick Primer...

engineyard.com 28 Feb '12, 3am

Sharding is usually the final strategy to reach for when scaling a Ruby on Rails app: caching, offloading, and data segmen...

“Rail Spikes: Is your Rails application safe?”

railspikes.com 05 Mar '12, 12am

Tarantula : A fuzzing plugin that spiders your application looking for problems. Via Stuart Halloway’s post on Revelance’s...

Learning from Rails' failures:

merbist.com 29 Feb '12, 3pm

But what’s worse than everything listed so far is that the lack of competition and the internal rewrites made Rails lose i...