OWASP, Ruby on Rails, security
TL;DR Mass assignment is security risk where user can create/update data attributes that is not allowed to update. Here is an example. Imagine application that registers your employees working hours….
heuristic, learn testing, oracle
TL;DR This post is example how to apply oracle heuristic to identify is there a problem. Disclaimer: this blog post is not about some fancy new software testing framework. Pure…
TL;DR This blog post is my experience about UI test automation applied in various projects. First disclaimer, this post is not against UI check automation. If not used as a…
TL;DR This post explains how to check your Rails application source code for cross site scripting (XSS) attack. Cross site scripting means that your application accepts html code as user…
TL;DR Using this excellent post by Marcel Gehlen , I am learning about exploratory software testing. I created github wiki where I put notes about every resource listed in that post. This…
Ruby on Rails, security, security testing
TL;DR This post is about checking “The Gates” of your Rails application. Every web application is a set of urls. Some of them are publically available and some are available…
BBST, learn testing, Uncategorized
TL;DR After taking state of the art software learning courses, I concluded that best way to comprehend knowledge is to learn by using examples of presented materials. How to measure…
Ruby on Rails, security, security testing, Uncategorized
TL;DR This post will explain how to check your Ruby on Rails code base against sql injections [Wikipedia]. After you have read Wikipedia source link about sql injections, you are…
