{"guid":"import-a65e30ad2a32152a2d","title":"Ruby on Rails Security","subtitle":null,"slug":"24c3-2252-en-ruby_on_rails_security","link":"http://events.ccc.de/congress/2007/Fahrplan/events/2252.en.html","description":"This talk will focus on the security of the Ruby on Rails Web Framework. Some dos and don’ts will be presented along with security Best Practices for common attacks like session fixation, XSS, SQL injection, and deployment weaknesses.\n","original_language":"eng","persons":["Jonathan Weiss"],"tags":["24c3"," Hacking"],"view_count":44,"promoted":false,"date":"2007-12-30T01:00:00.000+01:00","release_date":"2008-01-12T01:00:00.000+01:00","updated_at":"2026-01-28T12:30:12.700+01:00","length":2719,"duration":2719,"thumb_url":"https://static.media.ccc.de/media/congress/2007/24c3-2252-en-ruby_on_rails_security_high.jpg","poster_url":"https://static.media.ccc.de/media/congress/2007/24c3-2252-en-ruby_on_rails_security_high_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2007/import-a65e30ad2a32152a2d-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2007/import-a65e30ad2a32152a2d-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/24c3-2252-en-ruby_on_rails_security","url":"https://api.media.ccc.de/public/events/import-a65e30ad2a32152a2d","conference_title":"24C3: Volldampf voraus!","conference_url":"https://api.media.ccc.de/public/conferences/24c3","related":[{"event_id":341,"event_guid":"import-daa3dc4a05690f050a","weight":2},{"event_id":672,"event_guid":"import-f598f668f20869cb04","weight":1},{"event_id":2867,"event_guid":"341d7c6a-a8c0-47ec-8c24-4f6fc8639f3f","weight":1},{"event_id":3122,"event_guid":"1541abda-da85-52fa-b792-6180200b64b3","weight":1},{"event_id":3382,"event_guid":"7b5e1f40-3260-48f3-b5b0-b5b192a88737","weight":1},{"event_id":3494,"event_guid":"6fa5bff9-dea2-4736-9a96-5ca45f089ed8","weight":1},{"event_id":3776,"event_guid":"57b261cc-002f-5a05-824e-7f4ed01157b2","weight":1},{"event_id":5555,"event_guid":"6d6e883d-b0b9-5c23-9d05-14686411da58","weight":1}],"recordings":[{"size":102,"length":2719,"mime_type":"video/webm","language":"eng","filename":"24c3-2252-en-ruby_on_rails_security.webm","state":"downloaded","folder":"webm","high_quality":true,"width":640,"height":480,"updated_at":"2016-01-27T11:03:30.296+01:00","recording_url":"https://cdn.media.ccc.de/congress/2007/webm/24c3-2252-en-ruby_on_rails_security.webm","url":"https://api.media.ccc.de/public/recordings/2150","event_url":"https://api.media.ccc.de/public/events/import-a65e30ad2a32152a2d","conference_url":"https://api.media.ccc.de/public/conferences/24c3"},{"size":null,"length":2719,"mime_type":"video/mp4","language":"eng","filename":"24c3-2252-en-ruby_on_rails_security_high.mp4","state":"downloaded","folder":"mp4","high_quality":true,"width":640,"height":480,"updated_at":"2016-01-27T11:03:30.271+01:00","recording_url":"https://cdn.media.ccc.de/congress/2007/mp4/24c3-2252-en-ruby_on_rails_security_high.mp4","url":"https://api.media.ccc.de/public/recordings/4131","event_url":"https://api.media.ccc.de/public/events/import-a65e30ad2a32152a2d","conference_url":"https://api.media.ccc.de/public/conferences/24c3"}]}