less everything Use attr_protected or we will hack you
how to improve user security in rails apps
- Web Address: http://b.lesseverything.com/2008/3/11/use-attr_protected-or-we-will-hack-you
- Short Name: cistefetoch
-
Short Link: http://ma.gnolia.com/cistefetoch
-
Tags: rails, security
- Saved by Ivan Storck on March 13, 2008.
Bookmark licensed under Creative Commons Attribution Non-commercial Share Alike 2.5.
3 other people have commented on this bookmark
| Name | Title | Rating | When | |
|---|---|---|---|---|
 |
rarepleasures | Use attr_protected or we will hack you -- Less Everything... |
Not rated yet.
|
June 19, 2008 |
 |
Josh | Use attr_protected or we will hack you |
Not rated yet.
|
March 22, 2008 |
 |
Ian | Use attr_protected or we will hack you |
Not rated yet.
|
March 20, 2008 |
There are a few easy things anyone can do to prevent this hack. In order of importance: Use attr_protected. Don’t use mass assignments for your users table. Don’t have a users controller. Split the users table into a use... |
||||