E-mail to friends
PrintSecuring and Testing Your Rails App
Last night at the RUG meeting I spoke about the talk that Aaron Bedra gave at RailsConf on Rails security. For protection against XSS (cross-site scripting), the plugins that he mentioned were:
I researched these, and actually found a newer one (it only works with Rails 2.0+) that I liked better called Cross Site Sniper.
The other talk that I mentioned was the Test Framework Dance-off presented by Josh Susser. In his presentation Josh reviewed the differences between Test::Unit, RSpec, and Shoulda. Shoulda is the new kid on the block which you shoulda check out.
The two most important takeaways from this talk were:
- The differences are mainly superficial and a matter of taste
- If your not testing, choose a testing framework now, and START TESTING YOUR CODE!
Tagged:
railsconf security testing rails
RSS
Post Comments
Add Your Comment!
Log in to leave a comment or Create an account » All comments» Comments RSS