In this episode, we look adding in some of the requirements of the General Data Protection Regulation into our Ruby on Rails application. Disclaimer: this episode is not legal advice and you should consult a lawyer.

We may come across a need to run shell commands and Ruby has some built in methods which appear safe, but can introduce major security risks.

Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin.

In this episode, we look to add on some features to Device with tracking devices that a user has authenticated with and then remote deleting sessions.

We have a look at integrating the HaveIBeenPwned service with Devise so that our users will some awareness of their password being potentially compromised.