I’m an experienced programmer, but new to Rails.
I would like to echo an unanswered question I’ve recently read
elsewhere.
Can any recommend an overview of get/post, cookies, sessions, etc.,
and how Ruby on Rails interacts with all of this?
I’m interested in understanding how to harden a Rails application
Regards
Dave
Read “Agile Development with Rails” by the God of Rails, David
Heinemeier
Hansson. Or anything he has written. Doesn’t get any better.
2009/11/11 Dave E. [email protected]
On Wed, Nov 11, 2009 at 1:00 AM, Dave E. [email protected]
wrote:
Can any recommend an overview of get/post, cookies, sessions, etc.,
and how Ruby on Rails interacts with all of this?
I would start by reading the HTTP RFC(s).
–
Hassan S. ------------------------ [email protected]
twitter: @hassan
Dave E. wrote:
I’m an experienced programmer, but new to Rails.
I would like to echo an unanswered question I’ve recently read
elsewhere.
Can any recommend an overview of get/post, cookies, sessions, etc.,
and how Ruby on Rails interacts with all of this?
I’m interested in understanding how to harden a Rails application
Do you need to? The framework already plugs a lot of common loopholes
(provided the app doesn’t do stupid things). See if Rails is already
doing what you need.
Also check out http://www.rorsecurity.info .
Regards
Dave
Best,
Marnen Laibow-Koser
http://www.marnen.org
[email protected]
In message
[email protected], Kemal
Pince [email protected] writes
Read “Agile Development with Rails” by the God of Rails, David Heinemeier
Hansson. Or anything he has written. Doesn’t get any better.
Thanks, yes I’ve read chapter 26: Securing Your Rails Application.
In message
[email protected], Hassan
Schroeder [email protected] writes
I would start by reading the HTTP RFC(s).
Yes
In message [email protected], Marnen
Laibow-Koser [email protected] writes
Dave E. wrote:
I’m interested in understanding how to harden a Rails application
Do you need to? The framework already plugs a lot of common loopholes
(provided the app doesn’t do stupid things). See if Rails is already
doing what you need.
Of course
Also check out http://www.rorsecurity.info .
Thanks
I’ve now downloaded the book, too
http://www.owasp.org/index.php/File:Owasp-rails-security.pdf
Regards
Dave