People finding new uses for Google’s Code search engine
<a title="Death By Comet
Really interesting study on the prevalence of SQL injection
Michael Sutton’s Blog : How Prevalent Are SQL Injection Vulnerabilities? Really interesting study showing that of a sample population of web apps. live on the Internet 11.3% had SQL injection vulnerabilities. I also thought it was very interesting to see how a combination of the googleAPI and some relatively simple coding can be turned into […]
Mega Rails cheatsheet
Ruby on Rails Cheat Sheet Collectors Edition looks like there’s loads of useful info. here
Learn something new… every 30 minutes
Re: (newbie) Why doesn’t this line work? Every time I work on my app. I feel like I learn something new about every 30 minutes… this time it was that the :confirm parameter on :link_to (which pops up a confirmation box when you click a link), is an HTML option and thus needs syntax like […]
Dependant Destruction and the problems with Rails books
true anymore” href=”http://weblog.rubyonrails.com/2006/04/28/associations-arent-dependent-true-anymore/”>Riding Rails: Associations aren’t :dependent => true anymore Some useful info. about how :dependent works in rails 1.1+ . Handy if you’ve got items that are dependent on one another and want to get rid of the child objects when you delete the parent. the other part of this post is a continuation […]
Google Cheatsheet.
Google Cheat Sheets (Version 1.05) Interesting. Has all the syntax for google searches on it.
handy validator recipes for rails
Validating Email Addresses, URLs and IP Formats with Regex in Ruby on Rails Some handy validator recipes which help you setup “validates_format_of” settings on your models.
Seriously Cool – Easy IE on linux
IEs 4 Linux – Internet Explorers for Linux Now this is mega-cool. an Easy script to download and install IE on a Linux box… This definately removes one of my few remaining reasons to ever boot into a windows VM.
XSRF example
Google Cross-site Request Forgery Cross Site Request Forgery is one of those vulnerability classes that can be a bit tricky to explain, so it’s always nice to find a decent live example. This one’s pretty harmless, just changes your google languange preferences, but I reckon that we’ll see a real growth in this kind of […]
Fix for XSS problems wih in_place_edit
In_place_edit_for with validation and sanitization I’ve started having a look at my little rails app. I’m writing with a security persons hat on and one of the problems I’ve run into is that you can’t by default use the h() function with an in place edit control. So this link has a solution for that… […]
Comments: 0