5:33 Play Subscribe with or Intro song by Falseta

Episode #280 - June 12th, 2012

9c5541e591a62dd93a2fd2d45b5732dd.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Olivier Lacan 2df14bd29ca441a9d4656f0abae2e0ab.jpg?s=18&r=pg&d=http%3a%2f%2fwww.gravatar.com%2favatar%2f8ebf4339f7c8cd73b53d1d1d3eba7c35 Gregg Pollack

Don't get LeakedIn, secure your routes, use your Savon, catch a Tokaido, put your models in a Display Case, and join the Ruby Study Hall.

Subscribe to our mailing list!

This episode is sponsored by Code School. Learn by doing with our interactive Courses and weekly CodeTV screencasts for just $25/month.

  • Code School
  • Insecure Passwords
  • Rails Security
  • Savon 1.0
  • Tokaido Update
  • Display Case
  • Ruby Study Hall
  • Ruby5

Techniques to Secure your Rails app Jump to Story

Jeremy Walker recently posted part 1 of his three part series talking about techniques to secure your Rails website. He talks about a few ways hackers can manipulate data before it hits your server, how Rails protects us from most of these situations, and thow you can protect yourself further. Data manipulation includes things like session hijacking, session fixation attacks, cross-site request forgery, etc. If you use the “match” keyword without specifying the method within your routes then you can call the route using a get GET method which doesn't check for an authenticity token.

July 22nd, 2014

Get your mind in the Gutter, agree that Programming is Not Math, be a RubyCritic, master Vim Plugins for Ruby, review 3 Ways to Create Classes in Ruby, and take a trip to RailsPacific.

July 18th, 2014

Take a peek into your app, think about accessibility, write polyglot web apps, learn Rails, say goodbye to 1.8.7 and 1.9.2 support

July 15th, 2014

In this episode we cover fun with iBeacons and PunchClock, visually starting a Rails app with Prelang, a Ruby Queue Pop method with Timeout, text translations from the command line with Termit and Diving into the Rails request handling.

July 11th, 2014

Time Travel Movies explained in git, a free online book to learn programming, better controllers with adequate_exposure, Avdi's Sinatra testing adventure, Engine Yard's App Server Arena, and the Informant Heroku add-on all in this episode of the Ruby5!