Category:Ruby on Rails

Many share the perception of Rails being a "secure" framework. And that might well be true, because we need less code to get things done and less code means a better overview of what's happening. But though Rails seems to be safer, doesn't allow to lean back. There has been a security bug (more detailed) in Rails last year and even in Ruby.

Starting point As a good starting point, here's a good Ruby on Rails example, which deliberately includes several security vulnerabilities: The Hacme Casino. Especially reading the user guide gives you a good insight on what can go wrong.

More on the Ruby on Rails Security site