Tag Archives: csrf

Getting jQuery, Rails, and Authenticity Tokens to play nice

For anyone that uses the jQuery AJAX library to send POST requests to their Rails application, you have probably found that the built in Rails CSRF protection does not play nice with your jQuery POST requests. By the way, if you don’t know what CSRF is, check out my Ruby on Rails security presentation. [...]
Posted in Software | Also tagged , , , | Comments closed

Defending Against Attacks With Rails

A couple weeks ago I presented on Rails security at a local Ruby On Rails meetup. I finally got around to posting the slides online. The presentation covers topics including authentication, hashing, salting, key stretching, white listing, session hijacking, replay attacks, session fixation, cross-site request forgery, cross site scripting, sql injections, other injections, and some [...]
Posted in Software | Also tagged , , , , , , , , , , | Comments closed