Discovering a Cross Site Scripting (XSS) vulnerability in Slim
Benoit
What is Slim? Slim is a templating engine for the Ruby ecosystem. It is a domain-specific language (DSL) that is meant to ease the burden of writing HTML views for…
Browsing Category
Ruby
16 posts
Behind the Scenes: Building a Dynamic Instrumentation Agent for Ruby
Jb
TL;DR Building a Ruby Dynamic Instrumentation Agent is no easy task. We’ve been working hard at Sqreen to make our protection transparent and frictionless. The Sqreen agent is based on…
The two most common vulnerabilities in Rails (with code)
Ruby on Rails is one of the most popular frameworks used to create web applications. It’s very easy to start using it; it shines to do any kind of non-trivial…
Sqreen at EuRuKo 2016 – Europe’s largest Ruby Conference
Paul
Two weeks ago Sqreen was a proud Puma sponsor of EuRuKo the biggest Ruby conference in Europe. It brought together over 700 Ruby aficionados in Sofia, Bulgaria. Being present with a…
Integrating Content Security Policy into your Rails applications
TL; DR Content Security Policy (CSP) is an HTTP response header that restricts the browser to loading external assets such as scripts, styles or media from a wide variety of…
Ruby on Rails Security in your Continuous Integration
Foundations of your development cycle “Never send a human to do a machine’s job ” — Agent Smith How open-source public tools can help improve your software security in your Continuous…