jQuery in Action, 3rd edition
The moose likes Ruby and the fly likes How does ruby deal with Security? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Building Microservices this week in the Design forum!
JavaRanch » Java Forums » Languages » Ruby
Bookmark "How does ruby deal with Security?" Watch "How does ruby deal with Security?" New topic

How does ruby deal with Security?

Hans Klaren

Joined: Aug 05, 2009
Posts: 7
Hello mr. Cooper,

I was wondering, as ruby (with rails) does every database update and create (using scaffold) in the back (correct me if im wrong).
But how is f.e. SQL Injection handled, and other type of attacks?
(sorry for my bad english)

Regards Hans
Alaa Nassef
Ranch Hand

Joined: Jan 28, 2008
Posts: 471

There's a good guide on securing ruby on rails applications here

Visit my blog: http://jnassef.blogspot.com/
Hans Klaren

Joined: Aug 05, 2009
Posts: 7
thank you! This might be interesting

Peter Cooper

Joined: Jul 17, 2009
Posts: 25
Firstly, your question is quite specific to Rails, I feel, rather than Ruby. There are many different database abstraction libraries for Ruby that have different ways (or even no ways!) of managing SQL attacks, but Rails uses ActiveRecord and the link presented above gives good information on that. Rest assured, though, with the latest version of Rails and using ActiveRecord properly (rather than manually building SQL) you're not particularly susceptible to SQL injection attacks.

Author of Beginning Ruby (Apress): http://bit.ly/t31ag
Editor of Ruby Inside and RubyFlow
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
subject: How does ruby deal with Security?
It's not a secret anymore!