Sign in through GitHub

Please read for an updated status on RailsCasts:

Learn more or hide this

Applied Filters: Security x
7 Security Tips
Episode #178Sep 07, 200930 comments

7 Security Tips

Security is important! Here I show seven different security flaws which are common to Rails applications ranging from mass assignment to CSRF protection. (14 minutes)
PayPal Security
Episode #143Jan 05, 200944 comments

PayPal Security

This episode shows how to encrypt the variables passed to PayPal and verify the authenticity of the payment notifications (IPN). (11 minutes)
Cross Site Scripting
Episode #27May 04, 200715 comments

Cross Site Scripting

Another common security issue is cross site scripting. In this episode you will see why it is so important to escape any HTML a user may submit. (5 minutes)
Hackers Love Mass Assignment
Episode #26May 02, 200733 comments

Hackers Love Mass Assignment

Your site may be at risk! When using mass assignment, you are giving the user complete control over that model and its associations. See how a hacker might use this vulnerability and learn how to stop it in this episode. (6 minutes)
SQL Injection
Episode #25Apr 30, 200710 comments

SQL Injection

One of the most common security problems for dynamic sites is SQL Injection. Thankfully Rails does everything it can in solving this issue, but you still need to be aware of it. (5 minutes)
Restricting Access
Episode #20Apr 18, 200723 comments

Restricting Access

In this second part of the series on administration, you will learn how to lock down the site to keep the public from accessing the administration features. (4 minutes)
Filtering Sensitive Logs
Episode #9Mar 23, 20079 comments

Filtering Sensitive Logs

Are you accepting sensitive user data? Passwords, credit card numbers, etc. By default, Rails stores all submitted parameters in plain text in the logs. This episode will show you how to filter this sensitive input so it doesn't show up in the log file. (2 minutes)