Pick of the Day
Rails Security Topics
A class name in user input: Anything can happen.
A = in a name could make Excel run macros.
Injection with % in SQL LIKE is common and may lead to long queries.
Can CSS from the user do any harm?
CSP is a great way to reduce or completely remove the number 1 web app security vulnerability – Cross-Site Scripting (XSS).