Mass Assignment, Rails, and You
By Arun Srinivasan Early in 2012, a developer, named Egor Homakov, took advantage of a security hole at Github (a Rails app) to gain commit access to the Rails project. His intent was mostly to point out a common security issue with many Rails apps that results from a feature, known as mass assignment (and […]