Railscast - Episode 26: Hackers Love Mass Assignment
00:06:14
railscasts.com
Your site may be at risk! When using mass assignment, you are giving the user complete control over that model and its associations. See how a hacker might use this vulnerability and learn how to stop it in this episode.
Tags:
About RubyTu.be
RubyTu.be is a community driven collection of Ruby related videos and screencasts. Questions? Comments? Contact RubyTu.be via e-mail or click on the Feedback GetSatisfaction widget found on the other side of the page.Tags
-
1.8
1.9
MIDI
aac2009
abominations
access
actioncontroller
actionmailer
active merchant
active-record
activerecord
activeresource
adhearsion
admin
administration
agile
agilebanking
ajax
akismet
alohaonrails
anti-patterns
api
aqua
architecture
arduino
ardunio
array
arts
association
associations
asynchronous
atlrug
attachments
attributes
audio
authenticate
authentication
authorization
auto complete
autobench
aws
background
basic
basics
bdd
bddcasts
beauty
bert
bioinformatics
biology
bioruby
blocks
bookmarks
bostonrb
builder
bundler
cache
caching
calculation
calendars
camping
capistrano
charts
checkbox
checkboxes
chef
children
chronic
clojure
clone
cloud
clustering
code
code review
colored
community
compass
compiler
concurrent programming
conditional
conditions
configuration
confreaks
console
content_for
contributing
contribution
controller
controllers
cookie
couchdb
craftsmanship
cron
csrf
css
cucumber
customize
daemon
data
database
datamapper
date
debug
debugging
dependencies
deploy
deployment
design
design principles
destory
development
devise
devver
dhh
dns
domains
drp
dry
dsl
duby
dynamic
eager loading
ec2
edd
edge
education
em-http-request
emacs
email
encryptor
engines
enterprise
enumerable
environment
envycasts
erlang
error
eucalyptus
eventmachine
exceptions
experience
extension
facebook
factories
factory-girl
fastri
feed
ffi
file upload
filtering
find
fixjour
fixtures
flash
form
formatting
forms
formtastic
frameworks
functional
futureruby
gae
game
game development
games
gdb
gem
gems
generator
generators
gibbler
git
github
globalize2
god
google
goruco2009
goto
graphics
gravtastic
group_by
growl
gui
habtm
hacking
haml
hardware
hash
heckle
helper
heroku
highlighting
hijack
history
holidays
hotruby
howto
i18n
ide
idioms
images
imagescience
implementations
in_groups_of
indexing
installation
instance variables
interfaces
introduction
invitation
irb
ironruby
javascript
jemini
jqtouch
jquery
jruby
jruby spanish
jruby2009
json
juby
kata
keynote
kiss
larubyconf2009
layouts
legacy
less
lesscss
lightning talks
liquid
live_console
load testing
locking
logger
logging
looksee
macruby
mail
mailer
managing
many-to-many
marcel molina
markaby
mass assignment
matz
mechanical turk
memoization
memoize
memory
merb
metal
metaprogramming
metrical
metricfu
metrics
middleware
migrations
mime
mkmf
mobile
mocking
model
models
modularity
moneta
mongodb
monitoring
moonshine
mtnwestrubyconf2007
multiple records
music
mwrc2009
mysql
named routes
named_scope
navigation
nested models
nested-resources
networks
new relic
nokogiri
nosql
numbers
oauth
oop
openid
openssl
opentransact
orug
oss
pagination
paid
pair programming
paperclip
paperclipped
parsing
partials
passenger
payments
paypal
pdf
performance
pickle
plugin
plugins
polymorphic
populating
processing
profiling
programming
progress bar
prototype
puppet
python
rabbitmq
rack
racksh
radiantcms
rails
rails underground 2009
rails2.1
rails3
railscast
railscasts
railsconf
railsconf2009
railslab
rake
random_data
rdbms
reading
readystack
redirect
refactor
rest
restful_authentication
rhodes
rightscale
rjs
router
routes
routing
rpm
rspec
rss
rubinius
ruby
ruby on acid
ruby on rails
ruby-debug
ruby19
rubyclr
rubycocoa
rubyconf2008
rubyconf2009
rubygems
rubyinline
rubypulse
rvm
sass
scaffolding
scaling
scm
scope
screencast
sd ruby
sdruby
search
security
seed
select
selenium
seo
sequel
session
sharding
shopify
shoulda
simple
sinatra
sitemap
sketches
slicehost
software
software perversions
solr
sortable
sound
spam
sphinx
spork
sql injection
stack trace
static
string
stubbing
style
stylesheets
subdomains
subversion
symbol
synchronous
syntax
tagging
talk
tasks
tdd
teaching
template
templates
testing
textmate
themes
thoughtbot
thoughtworks
time
title
to_param
to_proc
tools
touch
ttd
tutorial
twitter
ubuntu
ui
unit testing
unobtrusive
unused
upgrade
uploads
usability
usage
ux
validation
validations
version control
versioning
video
view
views
vim
virtual attributes
voip
wav
waves
web services
webbynode
webrat
webservices
wii
will_paginate
windycityrails2009
wirble
with_options
xml
xss
yaml
Copyright 2009 Rubytu.be
