29 Dec
2011
29 Dec
'11
3:37 a.m.
On Wed, 2011-12-28 at 13:47 +0900, 夜神 岩男 wrote:
With the vast majority of web applications being developed on frameworks like Drupal, Django and Plone, the overwhelming majority of "server hacks" with regard to the web have to do with attacking these structures (at least initially), not the actual OS layer directly at the outset.
---- just a mention that ruby on rails just changed the methodology with version 3.x in that all displayed code is automatically escaped and you have to designate beforehand anything that you want to be evaluated as html/script which is a significant bump in security.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.