RailsConf 2016 - Will It Inject? A Look at SQL injections and ActiveRecord by Jessica Rudder

preview_player
Показать описание
If you've struggled through writing complex queries in raw SQL, ActiveRecord methods are a helpful breath of fresh air. If you're not careful though, those methods could potentially leave your site open to a nasty SQL Injection attack. We'll take a look at the most common ActiveRecord methods (and some of the lesser known ones!) with one question in mind....will it inject? If it's vulnerable to a SQL injection attack, we'll cover how to structure your query to keep your data secure.
  1. Confreaks
  2. rails
  3. railsconf
  4. ruby
  5. ruby on rails
  6. security
Рекомендации по теме
RailsConf 2016 - 0:32:40

RailsConf 2016 - Will It Inject? A Look at SQL injections and ActiveRecord by Jessica Rudder

RailsConf 2016 - 1:11:44

RailsConf 2016 - Opening Keynote - Jeremy Daer

RailsConf 2016 - 0:27:20

RailsConf 2016 - Can Time-Travel Keep You From Blowing Up The Enterprise? by David Copeland

RailsConf 2016 - 0:34:07

RailsConf 2016 - Surviving the Framework Hype Cycle by Brandon Hayes

RailsConf 2016 - 0:39:05

RailsConf 2016 - How to Get and Love Your First Rails Job By Molly Black

RailsConf 2016 - 0:35:43

RailsConf 2016 - Implementing the LHC on a Whiteboard by James Edward Gray II

RailsConf 2016 - 0:39:17

RailsConf 2016 - ActionCable for Not-Another-Chat-App-Please by Jesse Wolgamott

RailsConf 2016 - 0:41:52

RailsConf 2016 - Turbo Rails with Rust by Godfrey Chan

RailsConf 2016 - 0:38:15

RailsConf 2016 - Get a Whiff of This by Sandi Metz

RailsConf 2016 - 0:33:59

RailsConf 2016 - The State of Web Security by Mike Milner

RailsConf 2016 - 0:33:59

RailsConf 2016 - The State of Web Security by Mike Milner

RailsConf 2016 - 0:40:51

RailsConf 2016 - Inside ActiveJob By Jerry D'Antonio

RailsConf 2016 - 0:51:18

RailsConf 2016 - Opening Day 3 Keynote by Aaron Patterson

RailsConf 2016 - 0:48:20

RailsConf 2016 - Day 2 Opening Keynote by Chanelle Henry

RailsConf 2016 - 0:40:57

RailsConf 2016 - Booting Up: Hiring and Growing Boot Camp Graduates by Eric Weinstein

RailsConf 2016 - 0:30:46

RailsConf 2016 - Build Realtime Apps with Ruby & Pakyow By Bryan Powell

RailsConf 2016 0:31:32

RailsConf 2016 Writing a Test Framework from Scratch by Ryan Davis

RailsConf 2014 - 0:38:13

RailsConf 2014 - An Ode to 17 Databases in 33 Minutes by Toby Hede

RailsConf 2016 - 0:37:37

RailsConf 2016 - Turbolinks 5: I Can’t Believe It’s Not Native! by Sam Stephenson

RailsConf 2016 - 0:33:05

RailsConf 2016 - I Can’t Believe It’s Not A Queue: Using Kafka with Rails by Terence Lee

RailsConf 2016 - 0:19:08

RailsConf 2016 - How Compose uses Rails to Scale Work, Now Open-Sourced By JP Phillips

RailsConf 2016 - 0:37:59

RailsConf 2016 - Small Details, Big Impact By Yehuda Katz and Liz Baillie

RailsConf 2016 - 0:27:02

RailsConf 2016 - Building Applications Better the First Time by Jessica Roper

RailsConf 2016 - 0:39:28

RailsConf 2016 - The Rails Boot Process by Xavier Noria

Комментарии
Автор

the music at the start of this video is terrible !

ColumboJedi
Автор

It's a bit of a tragedy that after all this time, we're still composing SQL in strings. Every API allows it to be done right, but also still allows it to be done wrong. SQL APIs should and could prevent misuse by disallowing literals in SQL strings, instead requiring all concrete values to be passed in via additional arguments. How can we not have done this yet?

prozacchiwawa
Автор

Regretting buying Vtech now... I def will not be registering my products with them.

jaykilleen