Security: What Rails Will And Won’t Do For You

There are a number of areas where rails can help web application developers ensure that their applications are appropriately secured (eg, CSRF protection and encoding of output) but there are others which can never really be addressed by frameworks alone. Additionally it’s very easy when developing an application to make …