I''m an experienced programmer, but new to Rails. I would like to echo an unanswered question I''ve recently read elsewhere. Can any recommend an overview of get/post, cookies, sessions, etc., and how Ruby on Rails interacts with all of this? I''m interested in understanding how to harden a Rails application Regards -- Dave
Read "Agile Development with Rails" by the God of Rails, David Heinemeier Hansson. Or anything he has written. Doesn''t get any better. 2009/11/11 Dave English <dave.e.english-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>> > I''m an experienced programmer, but new to Rails. > > I would like to echo an unanswered question I''ve recently read > elsewhere. > > Can any recommend an overview of get/post, cookies, sessions, etc., > and how Ruby on Rails interacts with all of this? > > I''m interested in understanding how to harden a Rails application > > Regards > -- > Dave > > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
On Wed, Nov 11, 2009 at 1:00 AM, Dave English <dave.e.english-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Can any recommend an overview of get/post, cookies, sessions, etc., > and how Ruby on Rails interacts with all of this?I would start by reading the HTTP RFC(s). -- Hassan Schroeder ------------------------ hassan.schroeder-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org twitter: @hassan
Dave English wrote:> I''m an experienced programmer, but new to Rails. > > I would like to echo an unanswered question I''ve recently read > elsewhere. > > Can any recommend an overview of get/post, cookies, sessions, etc., > and how Ruby on Rails interacts with all of this? > > I''m interested in understanding how to harden a Rails applicationDo you need to? The framework already plugs a lot of common loopholes (provided the app doesn''t do stupid things). See if Rails is already doing what you need. Also check out http://www.rorsecurity.info .> > Regards > -- > DaveBest, -- Marnen Laibow-Koser http://www.marnen.org marnen-sbuyVjPbboAdnm+yROfE0A@public.gmane.org -- Posted via http://www.ruby-forum.com/.
In message <295ede1d0911110143h5694a7b0s6c7bb1c729c816b8-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>, Kemal Pince <kpince-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> writes>Read "Agile Development with Rails" by the God of Rails, David Heinemeier >Hansson. Or anything he has written. Doesn''t get any better.Thanks, yes I''ve read chapter 26: Securing Your Rails Application. In message <4eedb92a0911110736g5da2aa7bx4f15c224e17fe705-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>, Hassan Schroeder <hassan.schroeder-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> writes>I would start by reading the HTTP RFC(s).Yes In message <275ab984ba1e80fee25f8988a45dba4b-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org>, Marnen Laibow-Koser <rails-mailing-list-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> writes> >Dave English wrote:>> I''m interested in understanding how to harden a Rails application > >Do you need to? The framework already plugs a lot of common loopholes >(provided the app doesn''t do stupid things). See if Rails is already >doing what you need.Of course>Also check out http://www.rorsecurity.info .Thanks I''ve now downloaded the book, too http://www.owasp.org/index.php/File:Owasp-rails-security.pdf Regards -- Dave