security episodes

#27
May 04, 2007
18 comments

Cross Site Scripting

Another common security issue is cross site scripting. In this episode you will see why it is so important to escape any HTML a user may submit.
Tags: security views
Download (19.4 MB, 5:50)
alternative download for iPod & Apple TV (9.3 MB, 5:50)
#26
May 02, 2007
36 comments

Hackers Love Mass Assignment

Your site may be at risk! When using mass assignment, you are giving the user complete control over that model and its associations. See how a hacker might use this vulnerability and learn how to stop it in this episode.
Tags: security active-record forms
Download (15.2 MB, 6:14)
alternative download for iPod & Apple TV (8.9 MB, 6:14)
#25
Apr 30, 2007
12 comments

SQL Injection

One of the most common security problems for dynamic sites is SQL Injection. Thankfully Rails does everything it can in solving this issue, but you still need to be aware of it.
Tags: security active-record forms
Download (16.3 MB, 5:29)
alternative download for iPod & Apple TV (8.7 MB, 5:29)
#20
Apr 18, 2007
17 comments

Restricting Access

In this second part of the series on administration, you will learn how to lock down the site to keep the public from accessing the administration features.
Tags: administration security
Download (18.6 MB, 4:32)
alternative download for iPod & Apple TV (8.3 MB, 4:32)
#9
Mar 23, 2007
8 comments

Filtering Sensitive Logs

Are you accepting sensitive user data? Passwords, credit card numbers, etc. By default, Rails stores all submitted parameters in plain text in the logs. This episode will show you how to filter this sensitive input so it doesn't show up in the log file.
Tags: security
Download (8 MB, 2:42)
alternative download for iPod & Apple TV (4.6 MB, 2:42)

navigation:
sponsored by:
tags:
if you want to help:
required:
Get Quicktime Player