RubyFlow The Ruby and Rails community linklog

×

The Ruby and Rails community linklog

Made a library? Written a blog post? Found a useful tutorial? Share it with the Ruby community here or just enjoy what everyone else has found!

Avoiding SQL Injection in Rails

I promise this is not related to or prompted by the Rails CVEs today - just coincidental timing.

I’ve put a small blog post together about rails-sqli.org, a list of dangerous methods in ActiveRecord. The list includes example queries and injection code.

In addition, you can play with injecting code into the same examples by cloning the code repo and running it locally.

Post a comment

You can use basic HTML markup (e.g. <a>) or Markdown.

As you are not logged in, you will be
directed via GitHub to signup or sign in