Episodes tagged with “security”
-
237
Dynamic attr_accessible Other translations:
It is important to use attr_accessible for security with mass assignment, but what if you need it to be dynamic based on user permissions? See how in this episode.
-
228
Sortable Table Columns Other translations:
In this episode we show you how to make a table of items sortable by clicking on links in the header cells.
-
204
XSS Protection in Rails 3 Other translations:
In previous versions of Rails it was easy for your application to be vulnerable to cross-site scripting attacks. Rails 3 solves this problem but automatically escaping output.
-
178
Seven Security Tips Other translations:
Security is paramount in your Rails applications. Here we show seven commons security flaws from mass assignment to CSRF.
Tags: security forms views active-record
-
143
PayPal Security
Find out how to encrypt the data to send to PayPal and verify the authenticity of Instant Payment Notifications.
Tags: tools security e-commerce
-
27
Cross-site Scripting Other translations:
Cross-site scripting is a common security issue. FInd out why it is important to escape any user input that you display in a browser.
-
26
Hackers Love Mass Assignment Other translations:
If you're using mass assigment you're giving complete control to your models to your users. Learn how to protect them in this episode.
Tags: security active-record forms
-
25
SQL Injection Other translations:
Attacks via SQL injection are one of the most common ways to attack web applications. Learn how to avoid being a victim of it.
Tags: security active-record forms
-
20
Restricting Access Other translations:
Learn how to lock your site down and keep the public from accessing the administration features,
Tags: administration security
-
9
Filtering Sensitive Logs Other translations:
By default, Rails stores sensitive data in its log files. Find out how to filter it out.
Tags: security