Search (reset)

Episodes

Cross-Origin Resource Sharing (CORS)

Episode #254 8-9-2020 pro

Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin.

Dynamic Role Management

Episode #247 6-21-2020 pro

Create dynamic roles that can be assigned to users. Based on the assigned role, the user will be able to perform or view various parts of the application.

Interview with Frank Rietta

Episode #183 4-17-2019 free

In this interview, Frank Rietta, a security expert in web applications, talks about various recommendations for securing a Ruby on Rails application. Many areas are explored from code, staff, servers and infrastructure.

Policy Manager with GDPR Rails

Episode #164 12-16-2018 pro CC

Using the gdpr_rails gem, we look at adding a policy manager to require users to accept age, terms, and privacy policies before signing up for an account.

Friend Requests From Scratch

Episode #155 10-14-2018 pro

Part I - In this episode, we create our authentication for users, default view for authenticated users, friendship model, associations and scopes for our social media application.

Safely Running Shell Commands

Episode #151 9-16-2018 pro

We may come across a need to run shell commands and Ruby has some built in methods which appear safe, but can introduce major security risks.

Search Encrypted Attributes with Blind Index

Episode #139 6-24-2018 pro

Keeping client data protected is important, but once an attribute is encrypted, it becomes difficult to work with it. With Blind Index, we regain functionality on searching and validations.

Preparing for General Data Protection Regulation (GDPR)

Episode #129 4-15-2018 pro

In this episode, we look adding in some of the requirements of the General Data Protection Regulation into our Ruby on Rails application. Disclaimer: this episode is not legal advice and you should consult a lawyer.

Restricting Access by IP Address

Episode #92 8-6-2017 free

Learn to lock down your application or parts of your application by IP Addresses.

Client Side Encryption

Episode #63 1-15-2017 free

Add an extra level of security to your application with client side encryption. Even over an SSL connection, there are attacks which could expose your users' sensitive information. Using JSEncrypt, learn how to encrypt on the client side and decrypt on the server side.