O'Reilly logo

Rails 4 Test Prescriptions by Noel Rappin

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 11Testing for Security

Web security is a very scary topic. All of our applications depend on cryptography and programming that is beyond our immediate control. Despite that, certain parts of web security are in our control—all the logins and access checks and injection errors that happen on our site as a result of programming choices we make.

When it comes to security and testing, there’s good news and bad news. The good news is that all kinds of access and injection bugs are amenable to automated developer testing. Sometimes unit testing will do the trick; other times end-to-end testing is the correct tool, but the effects of a security problem are often easily reproducible in a test environment. The bad news is that you need to actively ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required