RailsCasts Pro episodes are now free!

Learn more or hide this

Brakeman

#358 Brakeman

Jun 15, 2012 | 8 minutes | Security, Tools
The Brakeman gem will scan the Ruby code of a Rails application and alert you to common security vulnerabilities.
Click to Play Video ▶
  • Download:
  • source codeProject Files in Zip (129 KB)
  • mp4Full Size H.264 Video (25.5 MB)
  • m4vSmaller H.264 Video (13.2 MB)
  • webmFull Size VP8 Video (12.3 MB)
  • ogvFull Size Theora Video (34.2 MB)
Browse_code Browse Source Code

Resources

terminal 
gem install brakeman
rbenv rehash
brakeman
brakeman -o brakeman.html
bundle update rails
brakeman --rake
config/application.rb 
config.active_record.whitelist_attributes = true
products_controller.rb 
def index
  direction = params[:direction] == "desc" ? "desc" : "asc"
  @products = Product.order("name #{direction}")
end
sessions_controller.rb 
redirect_to redirect_url, only_path: true
models/user.rb 
validates_format_of :name, with: /\A\w+\z/
Gemfile 
gem 'brakeman', group: :development