Ruby method and class injection - Ruby on Rails Security Project

Ruby method and class injection and a growing number of other Ruby on Rails security topics. A class name in user input.A user could provide an arbitrary model name in params[:type] and thus find an object in a different model than expected. Now, there might be other code that will fail if the item doesn’t respond to a certain attribute name.
Ruby method and class injection - Ruby on Rails Security Project #ruby #rubydeveloper #rubyonrails #class #security https://www.rubyonrails.ba/single/ruby-method-and-class-injection-ruby-on-rails-security-project

Nezir Zahirovic

Contractor Ruby On Rails (8+ years) / MCPD .Net / C# / Asp.Net / CSS / SQL / (11 years)

related articles