I would like to echo an unanswered question I've recently read
elsewhere.
Can any recommend an overview of get/post, cookies, sessions, etc.,
and how Ruby on Rails interacts with all of this?
I'm interested in understanding how to harden a Rails application
Do you need to? The framework already plugs a lot of common loopholes
(provided the app doesn't do stupid things). See if Rails is already
doing what you need.
Read "Agile Development with Rails" by the God of Rails, David Heinemeier
Hansson. Or anything he has written. Doesn't get any better.
Thanks, yes I've read chapter 26: Securing Your Rails Application.
I would start by reading the HTTP RFC(s).
Yes
Dave English wrote:
I'm interested in understanding how to harden a Rails application
Do you need to? The framework already plugs a lot of common loopholes
(provided the app doesn't do stupid things). See if Rails is already
doing what you need.