Ruby on Rails security for beginners

Are you just starting out with Rails security or with Ruby on Rails itself? Here are the Rails security links that you’ll need to get started. Especially the official Rails security guide will give you a good overview.

Httponly cookies in Rails

Why and how, for session and normal cookies

Learn to hack a Rails application

A vulnerable Rails app that follows the OWASP Top 10

Rails SQL injection cheat sheet

Many examples of what NOT to do

Video: The World of Rails Security

RailsConf talk: Introduction to Rails security

What is Cross Site Scripting (XSS)?

The number 3 in the OWASP Top Ten web application vulnerabilities

Note that I’ll add more to this page, subscribe to the mailing list to hear about it first.