Sessions

1 view
Skip to first unread message

Dave English

unread,
Nov 11, 2009, 4:00:16 AM11/11/09
to rubyonra...@googlegroups.com
I'm an experienced programmer, but new to Rails.

I would like to echo an unanswered question I've recently read
elsewhere.

Can any recommend an overview of get/post, cookies, sessions, etc.,
and how Ruby on Rails interacts with all of this?

I'm interested in understanding how to harden a Rails application

Regards
--
Dave

Kemal Pince

unread,
Nov 11, 2009, 4:43:28 AM11/11/09
to rubyonra...@googlegroups.com
Read "Agile Development with Rails" by the God of Rails, David Heinemeier Hansson. Or anything he has written. Doesn't get any better.

2009/11/11 Dave English <dave.e....@gmail.com>

Hassan Schroeder

unread,
Nov 11, 2009, 10:36:12 AM11/11/09
to rubyonra...@googlegroups.com
On Wed, Nov 11, 2009 at 1:00 AM, Dave English <dave.e....@gmail.com> wrote:

> Can any recommend an overview of get/post, cookies, sessions, etc.,
> and how Ruby on Rails interacts with all of this?

I would start by reading the HTTP RFC(s).

--
Hassan Schroeder ------------------------ hassan.s...@gmail.com
twitter: @hassan

Marnen Laibow-Koser

unread,
Nov 11, 2009, 2:10:33 PM11/11/09
to rubyonra...@googlegroups.com

Do you need to? The framework already plugs a lot of common loopholes
(provided the app doesn't do stupid things). See if Rails is already
doing what you need.

Also check out http://www.rorsecurity.info .

>
> Regards
> --
> Dave

Best,
--
Marnen Laibow-Koser
http://www.marnen.org
mar...@marnen.org
--
Posted via http://www.ruby-forum.com/.

Dave English

unread,
Nov 12, 2009, 7:18:27 AM11/12/09
to rubyonra...@googlegroups.com

In message
<295ede1d0911110143h569...@mail.gmail.com>, Kemal
Pince <kpi...@gmail.com> writes

>Read "Agile Development with Rails" by the God of Rails, David Heinemeier
>Hansson. Or anything he has written. Doesn't get any better.

Thanks, yes I've read chapter 26: Securing Your Rails Application.

In message
<4eedb92a0911110736g5da...@mail.gmail.com>, Hassan
Schroeder <hassan.s...@gmail.com> writes


>I would start by reading the HTTP RFC(s).

Yes

In message <275ab984ba1e80fe...@ruby-forum.com>, Marnen
Laibow-Koser <rails-mai...@andreas-s.net> writes
>
>Dave English wrote:

>> I'm interested in understanding how to harden a Rails application
>
>Do you need to? The framework already plugs a lot of common loopholes
>(provided the app doesn't do stupid things). See if Rails is already
>doing what you need.

Of course

>Also check out http://www.rorsecurity.info .

Thanks

I've now downloaded the book, too

http://www.owasp.org/index.php/File:Owasp-rails-security.pdf

Regards
--
Dave

Reply all
Reply to author
Forward
0 new messages