Ruby on Rails Security Guide. Ruby on Rails does a decent job in handling security concerns in the background. You will have to configure your application to avoid few security attacks while plugins would be required for many security concerns which are not at all or poorly managed by rails. In this article I have described the security issues related to a ruby on rails web application. I have followed DRY by linking to articles with good explanation and solutions to security concerns wherever required. This guide can also be used as a quick security check for your current web application. Table of Contents Authentication Authentication is the foremost requirement of most of the web applications to authenticate and give privileges to their users. Plugin - Restful Authentication (recommended) - easy to use and you can tweak it according to your requirements. SQL Injection The problem arises when metacharacters are injected into your queries to database. Activerecord Validation Creating records directly from parameters.
Stack Overflow. Ruby on Rails. Ruby-Doc.org: Documenting the Ruby Language. Cplusplus.com - The C++ Resources Network. Hypertext Preprocessor. Ruby Programming Language.