Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    Chapter 11. Simple CGI Forms > Locking Down Ruby

    Locking Down Ruby

    $SAFE = 2 unless $SAFE > 2


    Ruby has a handy security feature that tracks whether variables are tainted. A tainted variable is one that has received its data from some sort of external source (such as a CGI form field or an IO stream) or from copying the contents of another tainted variable. Then certain methods that are considered dangerous will refuse to run if they receive data marked as tainted. These features are turned on and off at varying levels through the use of the $SAFE variable.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial


      
    • Safari Books Online
    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint