Ruby on Rails Sustainable productivity for web-application development Ruby on Rails Guides Index This manual describes common security problems in web applications and how to avoid them with Rails. If you have any questions or suggestions, please mail me, Heiko Webers, at 42 {et} rorsecurity.info. After reading it, you should be familiar with: All countermeasures that are highlighted The concept of sessions in Rails, what to put in there and popular attack methods How just visiting a site can be a security...

http://guides.rubyonrails.org/security.html

近いうちに全部読む

http://b.hatena.ne.jp/entry/http://guides.rubyonrails.org/security.html