Justin Bailey
2006-Jan-25 21:46 UTC
[Rails] Protecting Your Apps against Cross Site Scripting Attacks
This has been in the news lately, so I wrote up an article about a method I use to protect my app against XSS attacks. It''s easy to use if you don''t care how it works, and I go through some of the metaprogramming techniques I used if you do. Check it out: http://blog.explorationage.com/articles/2006/01/25/how-to-protect-your-rails-apps-against-cross-site-scripting-attacks Justin
Joshua Gitlin
2006-Jan-27 13:25 UTC
[Rails] Protecting Your Apps against Cross Site Scripting Attacks
Justin, Thanks for posting this, it was really informative for those of us learning Rails and should prove very useful! -Josh ----------- Due to the recent increase in spam and falsely sent email, I now PGP Sign all of my outgoing mail to prove my identity. This means that you will see an attachment called "PGP.sig" with this message. This attachment can be used to prove that I am who I say I am. If you are not familiar with PGP, you can safely ignore it. For more information, please visit http://www.pgp.com/ or http://www.gnupg.org/ On Jan 25, 2006, at 4:45 PM, Justin Bailey wrote:> This has been in the news lately, so I wrote up an article about a > method I use to protect my app against XSS attacks. It''s easy to use > if you don''t care how it works, and I go through some of the > metaprogramming techniques I used if you do. Check it out: > > http://blog.explorationage.com/articles/2006/01/25/how-to-protect- > your-rails-apps-against-cross-site-scripting-attacks > > Justin > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails-------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 194 bytes Desc: This is a digitally signed message part Url : http://wrath.rubyonrails.org/pipermail/rails/attachments/20060127/a6beeb37/PGP-0001.bin