Jonathan Weiss recently had a session about Ruby on Rails security at 24C3, the 24th Chaos Communication Congress, in Germany. He has made the slides (44 of them) available, as well as a 45 minute long Google Video with the slides, video, and sound to enjoy. Jonathan goes into data sanitation, cross site scripting attacks, cookies, and lots of similarly good stuff.
(Credit for letting me know about this: Martin Sadler)
Comments
Daniel Fischer ·
I love rails security, thanks for the news.