Submitted by Kevin on Sat 13-09-2014, 15.22
In Ruby on Rails it is common to use a (collection) select field to set the value for a belongs_to association. However, using Rails' default form builder, validation errors on the association field are usually not correctly displayed. They are either shown on the form's label or the field, while you usually want both. In this blogpost I show a simple patch to fix this problem and make sure validation errors for associations are shown both on the label and the field itself.
Submitted by Kevin on Tue 20-05-2014, 19.01
At IADA we often use the Ruby on Rails web framework for developing the more complex web applications. Ruby on Rails, like any other web framework, eases the development of these applications, usually by proving many common functionalities that developers can directly put to use. Part of these functionalities are security functionalities that help protect the application against common web attacks, such as SQL injections and Cross Site Scripting (XSS) vulnerabilities. However, a question that now arises is whether these web frameworks and the protection mechanisms they offer are secure themselves. I developed a methodology to analyse the security of (arbitrary) web frameworks, as part of my master thesis research.