Displaying 2 results from an estimated 2 matches for "presidentbeef".
2012 May 22
1
rails-brakeman.com, an online service to find security issues in your rails projects
Hi,
I just released rails-brakeman.com, it is an online service to find
security issues in your rails projects, it works based on Justin''s great
gem brakeman <https://github.com/presidentbeef/brakeman>.
Rails developers always write code fast, but sometimes they leave some
security issues in their rails project. Do you still remember mass
assignment issues from github? Using rails-brakeman service can help you
find out potential security issues before pushing them on production.
An...
2011 Nov 22
4
A "strict Arel" mode for ActiveRecord to prevent SQL injection vulnerabilities
Hello rubyonrails-core,
I’ve been looking into possible changes to ActiveRecord / Arel to make it
easier to write Rails applications that are free of SQL injection
vulnerabilities, and in particular do so in a way that makes it easy for a
code reviewer to verify that the app is safe from such bugs.
The concern:
-----------------
With the ActiveRecord API as is, it’s relatively easy to write