Chapter 15. Security
Ruby on Rails security sucks lolz amirite? No. Well, no to the nuance. Software security does, in general, suck. Virtually every production system has security bugs in it. When you bring pen testers in to audit your app, to a first approximation, your app will lose. While Ruby on Rails cherishes its Cool-Kid-Not-Lame-Enterprise-Consultingware image, software which is absolutely Big Freaking Enterprise consultingware, like say the J2EE framework or Spring, have seen similar vulnerabilities in the past.
—Patrick McKenzie1
1. http://www.kalzumeus.com/2013/01/31/what-the-rails-security-issue-means-for-your-startup/
Security is a very wide topic—one that we can’t possibly cover in a single book chapter. Still there are things ...
Get The Rails™ 4 Way, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.