« Description of different types of web attacks
Security Now 85: Cross Site Scripting and Jikto »

Rails Plugins that help prevent CSRF attacks

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

There are two plugins that can help prevent CSRF attacks. I have not had a chance to take these for a test drive but I will soon and I blog about how they work. CSRF stands for Cross-site request forgery Attack (link) and is an upcoming type of attack used against web sites.

Security Extensions

The first plugin is called Security extensions and can be downloaded at http://svn.aviditybytes.com/rails/plugins/security_extensions/.

CSRF Killer

The second plugin is called CSRF Killer and it can be downloaded at http://activereload.net/2007/3/6/your-requests-are-safe-with-us

This one is made by Rick Olsen who has made a ton of popular plugins for rails. This page has a lot of information about CSRF attacks [link].

Conclusions

Neither of these will be silver bullets but they can help and do not add a lot of overhead to your development and it makes your job easier when it comes to securing your web apps.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • DZone
  • Wists
  • BlinkList
  • blogmarks
  • Ma.gnolia
  • NewsVine
  • Slashdot
  • StumbleUpon
  • Technorati

 

This entry was posted on Thursday, April 5th, 2007 at 11:38 am and is filed under Rails Plugins, security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

  • About Me

    A little something about you, the author. Nothing lengthy, just an overview.

  • Elkinsware

    Take a look at my company site to see the services I offer. Elkinsware

  • Biznik - Business Networking