Unsecured Mass Assignment is Bad
A slew of github gists. I don’t understand why people don’t make these blog posts, I can only imagine the traffic they’re getting. Embedding gists is easy.
- Homakov shows us how he was able to compromise Github.com
- Jbarnette shows us how to make your Rails app warn on ActiveRecord::Base#update_attributes
- Wycats creates a Proposal for Improving Mass Assignment
- DHH on how 37signals commonly avoids Mass Assignment vulnerabilities. Should be used in addition to attr_accessible.
giant robots smashing into other giant robots: 2011 Rubyist's guide to a Mac OS X development environment
It’s been two and a half years since my last laptop. It’s neat to look back and see how much has improved since then for setting up a Ruby development environment.
Of particular note, Homebrew, RVM, and Bundler did not exist back then.
Here’s how I set up an OS X 10.7 (Lion) thoughtbot laptop…
