Skip to content
Ruby on Rails Security Project

Hand-picked Rails security resources

Menu

  • Home
  • New here?
    • About
    • Rails security for beginners
    • Advanced Rails security
    • Essential Rails security links
  • Topics
    • Cross-Site Scripting (XSS) in Rails
    • SQL Injection in Rails
    • Rails configuration security
    • Rails security books
    • Vulnerabilities and threats
    • Cross-Site Request Forgery (CSRF)
    • All resources
  • Feed

Projects, Page 2 Archive

Httponly cookies in Rails

Why and how, for session and normal cookies

RubyGems security

Keep your gems and RubyGems sources safe

Markdown and Textile security

Using another language doesn’t fix XSS

Avoid race conditions with locking

2 processes updating a record may have unexpected results

JavaScript-based DDoS

A distributed layer-7 (http) attack

Threat of Content Spoofing in file uploads

Paperclip gem security update

Learn to hack a Rails application

A vulnerable Rails app that follows the OWASP Top 10

Check gems for security updates

Bundler-audit checks for vulnerable versions of your gems

Rails security mailing list

Announcements by e-mail

OWASP Top Ten Project

The most critical web application security flaws

  • ← Newer Posts
  • Older Posts →

Meta

Rails Security Bi-Weekly
Search
Update Feed
Resources Feed
Suggest a resource

About

Hand-picked quality Rails security resources © 2006-today by bauland42 (relaunch in 2015)
About