I thought most of the security in Rails is provided by the rack-security middlew... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jeltz on Sept 13, 2012 \| parent \| context \| favorite \| on: Why critics of Rails have it all wrong (and Ruby's... I thought most of the security in Rails is provided by the rack-security middleware? Or am I forgetting something which Rails provides here?

dcu on Sept 13, 2012 [–]

Escaping everything by default to avoid XSS attacks. that's a nice feature to have.

auxbuss on Sept 13, 2012 | [–]

This can be done in Sinatra: http://www.sinatrarb.com/faq.html#auto_escape_html

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact