Are there any tools to test the security of your rails application?
Things that can automatically test sql injection, cross-site scripting, etc...
That may be too much for what I am looking for. I was looking for something as simple (and cheap) as installing a plugin into your rails project.
vrish88
2009-04-17 19:45:37
They are the cheapest in the group. Otherwise you may need to outsource to others
jm04469
2009-04-20 12:20:21
A:
It's not a Rails plugin, but http://www.owasp.org/ is a good place to start.
Don Werve
2009-04-20 18:37:03
+1
A:
I'm not sure if there are any plugins out there for testing the security of your code, but here's some reading about the potential pitfalls and the fixes required for Rails apps:
Pras
2009-04-22 06:55:19
+1
A:
Safe ERB is a plugin that will raise an exception for any unescaped strings in your view templates i.e. dynamic data not escaped using the "h" method.
John Topley
2009-04-22 07:28:08