ca96df2549
* add section for host header attack prevention in rails security guide * Fix wrong rails setting key for HostAuthorization middleware The original documention was wrong, the rails configuration key is called host_authorization. * add a short intro on how dns rebinding attacks work * Apply suggestions from code review Co-authored-by: Rafael Mendonça França <rafael@franca.dev> Co-authored-by: Rafael Mendonça França <rafael@franca.dev> |
||
---|---|---|
.. | ||
assets | ||
bug_report_templates | ||
rails_guides | ||
source | ||
.document | ||
CHANGELOG.md | ||
rails_guides.rb | ||
Rakefile | ||
w3c_validator.rb |