View: 
Categories
- Active Record
- Active Resource
- Active Support
- Administration
- Ajax
- APIs
- Authentication
- Authorization
- Background Jobs
- Caching
- Code Walkthrough
- Controllers
- Debugging
- Deployment
- eCommerce
- Forms
- Mailing
- Models
- Performance
- Plugins
- Production
- Rack
- Rails 2.0
- Rails 2.1
- Rails 2.2
- Rails 2.3
- Rails 3.0
- Rails 3.1
- Rails 3.2
- Rails 4.0
- Refactoring
- Routing
- Search
- Security
- Testing
- Tools
- Views
Applied Filters:
Security x
7 Security Tips
Security is important! Here I show seven different security flaws which are common to Rails applications ranging from mass assignment to CSRF protection.
(14 minutes)
PayPal Security
This episode shows how to encrypt the variables passed to PayPal and verify the authenticity of the payment notifications (IPN).
(11 minutes)
Cross Site Scripting
Another common security issue is cross site scripting. In this episode you will see why it is so important to escape any HTML a user may submit.
(5 minutes)
Hackers Love Mass Assignment
Your site may be at risk! When using mass assignment, you are giving the user complete control over that model and its associations. See how a hacker might use this vulnerability and learn how to stop it in this episode.
(6 minutes)
SQL Injection
One of the most common security problems for dynamic sites is SQL Injection. Thankfully Rails does everything it can in solving this issue, but you still need to be aware of it.
(5 minutes)
Restricting Access
In this second part of the series on administration, you will learn how to lock down the site to keep the public from accessing the administration features.
(4 minutes)
Filtering Sensitive Logs
Are you accepting sensitive user data? Passwords, credit card numbers, etc. By default, Rails stores all submitted parameters in plain text in the logs. This episode will show you how to filter this sensitive input so it doesn't show up in the log file.
(2 minutes)