Ruby method and class injection - Ruby on Rails Security Project

Ruby method and class injection and a growing number of other Ruby on Rails security topics. A class name in user input.A user could provide an arbitrary model name in params[:type] and thus find an object in a different model than expected. Now, there might be other code that will fail if the item doesn’t respond to a certain attribute name.
Ruby method and class injection - Ruby on Rails Security Project #ruby #rubydeveloper #rubyonrails #class #security

Nezir Zahirovic

Contractor Ruby On Rails (8+ years) / MCPD .Net / C# / Asp.Net / CSS / SQL / (11 years)

related articles