The latest news in the Ruby and Rails community.

Subscribe to our mailing list!

Episode #280

June 12th, 2012

Don't get LeakedIn, secure your routes, use your Savon, catch a Tokaido, put your models in a Display Case, and join the Ruby Study Hall.

Stories

Techniques to Secure your Rails app

Jeremy Walker recently posted part 1 of his three part series talking about techniques to secure your Rails website. He talks about a few ways hackers can manipulate data before it hits your server, how Rails protects us from most of these situations, and thow you can protect yourself further.

Data manipulation includes things like session hijacking, session fixation attacks, cross-site request forgery, etc. If you use the “match” keyword without specifying the method within your routes then you can call the route using a get GET method which doesn't check for an authenticity token.

Visit site → Permalink

Previous Episodes

Episode #279

Fabrication goes 2.0, Ruby is faster than other dynamic languages, make rounded corners with RubyMotion, The dRuby Book, and rubygems-tasks on this episode of Ruby5!

Episode #278

Ruby on Rails has Scheduled a Food Fight Motion. And, with the help of their Sidekiq, they'll Survey the damage made by Installing Utils on OS X. It's all on this episode of Ruby5.

Episode #277

A recap of a couple of fun 'you got your music in my ruby' tools, a few gem updates, and a few useful gems to add to your toolbox on this edition of Ruby5. We recorded before the announcement, but its worth noting that Rails 3.2.5 was released last night.

Episode #276

We put our Claws on AWS, resuscitate Resque workers, make Little Classes out of Big Ones while Cedar goes GA, Dokuen gives you your own little Heroku and your Ruby Talks creepy to you.

View the archives →

Looking to learn about Ruby? Take a look at the Ruby Path on Code School

This podcast is produced and distributed by Code School. Copyright © 2015 Code School LLC