Women in Technology

Hear us Roar

  Rolling with Ruby on Rails
Subject:   Security
Date:   2005-01-21 20:39:11
From:   JRootham
Is the app as constructed vulnerable to SQL injection or cross site scripting attacks?

If it is, how difficult is it to harden it?

Full Threads Oldest First

Showing messages 1 through 2 of 2.

  • Security
    2005-01-25 14:10:10  robertfollek [View]

    For security info, check out http://manuals.rubyonrails.com/read/book/8
  • Curt Hibbs photo Security
    2005-01-21 23:02:53  Curt Hibbs | O'Reilly AuthorO'Reilly Blogger [View]

    SQL injection was recently discussed heavily on the RoR mailing list, and all identified vulnerabilities inthe framework were plugged. I would suggest asking on the RoR mailing list about cross-site scripting and other security concerns, as the developer's who hang out there are very helpful (http://wiki.rubyonrails.com/rails/show/HomePage).