You're reading from Polished Ruby Programming Build better software with more intuitive, maintainable, scalable, and high-performance Ruby code

Product type Paperback

Published in Jul 2021

Publisher Packt

ISBN-13 9781801072724

Length 434 pages

Edition 1st Edition

Languages

Ruby

Concepts

Programming Language

Author (1):

Jeremy Evans

View More author details

Table of Contents (23) Chapters

Preface

1. Section 1: Fundamental Ruby Programming Principles

2. Chapter 1: Getting the Most out of Core Classes FREE CHAPTER

3. Chapter 2: Designing Useful Custom Classes

4. Chapter 3: Proper Variable Usage

5. Chapter 4: Methods and Their Arguments

6. Chapter 5: Handling Errors

7. Chapter 6: Formatting Code for Easy Reading

8. Section 2: Ruby Library Programming Principles

9. Chapter 7: Designing Your Library

10. Chapter 8: Designing for Extensibility

11. Chapter 9: Metaprogramming and When to Use It

12. Chapter 10: Designing Useful Domain-Specific Languages

13. Chapter 11: Testing to Ensure Your Code Works

14. Chapter 12: Handling Change

15. Chapter 13: Using Common Design Patterns

16. Chapter 14: Optimizing Your Library

17. Section 3: Ruby Web Programming Principles

18. Chapter 15: The Database Is Key

19. Chapter 16: Web Application Design Principles

20. Chapter 17: Robust Web Application Security

21. Assessments

22. Other Books You May Enjoy

Summary

In this chapter, you learned about many ways to implement security in your web application.

You learned that most of the vulnerabilities in Ruby web applications are high-level vulnerabilities, not low-level vulnerabilities. You learned that you should never trust user input and that you should use a whitelist approach instead of a blacklist approach when handling user input. You also learned how to implement access control at the highest level possible and use a fail-closed design to avoid security issues. Then, you learned techniques for avoiding script injections, SQL injections, and code injections. Finally, you learned about high-security environments and defense-in-depth techniques that make system compromise more difficult and mitigate possible damage in case it occurs.

With the knowledge you've gained in this chapter, you can design secure Ruby web applications.