Rails
Railsで自分のサーバ名を知ろうとしてrequest.host_with_portを使おうとして、多段reverse proxy下だったのでめんどうなことになった。Rails(Rack)だと def host_with_port if forwarded = @env["HTTP_X_FORWARDED_HOST"] forwarded.split(/,\s?/).last else…
Rails SQL injection vulnerability: hold your horses, here are the facts – Phusion Corporate BlogPhusion Corporate Blog Let Me Github That For You | Lands of Packets CVE - CVE-2012-5664 (under review) User.find_by_name('foo', :select => 'id…
At 8:49am Pacific Time this morning a GitHub user exploited a security vulnerability in the public key update form in order to add his public key to the rails organization. He was then able to push a new file to the project as a demonstrat…