In this episode, we explore session hijacking and an approach that we can take to limit the risk. There are some user experience and functionality caveats to this approach so they must be taken into consideration as well.

Using Javascript responses, we can make our Rails application have a quick and responsive Single Page Application feel to it.

Store multiple attributes and values using a text column. Not for everyday use, but has situations where it can save on the number of columns and/or models needed to accomplish a task.

Be default, Refile does not have a way to secure file downloads. It relies on a generated hash that is unknown to users unless the page renders that image or has a download to that file. This is okay sometimes, however, protecting the file from being downloaded for those who have the URL is a bit more involved.

Make your strong parameters do more by extracting the logic in order to maximize the ability and security of your application.