Episodes tagged with “security”
Dynamic attr_accessible Other translations:
It is important to use attr_accessible for security with mass assignment, but what if you need it to be dynamic based on user permissions? See how in this episode.
Sortable Table Columns Other translations:
In this episode we show you how to make a table of items sortable by clicking on links in the header cells.
XSS Protection in Rails 3 Other translations:
In previous versions of Rails it was easy for your application to be vulnerable to cross-site scripting attacks. Rails 3 solves this problem but automatically escaping output.
Seven Security Tips Other translations:
Security is paramount in your Rails applications. Here we show seven commons security flaws from mass assignment to CSRF.
Find out how to encrypt the data to send to PayPal and verify the authenticity of Instant Payment Notifications.
Cross-site Scripting Other translations:
Cross-site scripting is a common security issue. FInd out why it is important to escape any user input that you display in a browser.
Hackers Love Mass Assignment Other translations:
If you're using mass assigment you're giving complete control to your models to your users. Learn how to protect them in this episode.
SQL Injection Other translations:
Attacks via SQL injection are one of the most common ways to attack web applications. Learn how to avoid being a victim of it.
Restricting Access Other translations:
Learn how to lock your site down and keep the public from accessing the administration features,
Filtering Sensitive Logs Other translations:
By default, Rails stores sensitive data in its log files. Find out how to filter it out.