Security

Latest Posts

Prevent logging sensitive information in Rails, and beyond

The Rails defaults are a good foundation, but it's still your responsibility to filter sensitive information from logs when using external APIs, services, and tools.

Read More

Rails advanced routing constraints

Learn how to authorize requests at the routing layer to improve security and ergonomics.

Read More

Are you absolutely sure your Rails caching strategy isn't leaking sensitive information?

Rails writes a new cache entry based on the first request. But what happens when that request is from an admin?

Read More

How to encrypt files with Ruby and Active Support

Password managers aren't the only way to store and share sensitive information. Learn how to create a simple CLI for encrypting files.

Read More