L slothelle

## zoo.js
//------------------------------------------------------------------------------------------------------------------
// YOUR CODE: Create your Zoo "object literal" and Animal "constructor" and "prototypes" here.
//------------------------------------------------------------------------------------------------------------------

var Zoo = {
  init : function(animals) {
    this.animals = animals;
    },
  bipeds : function() {
    return this.animals.filter(function(eachAnimal) {

## web_security.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                slothelle
                / web_security.md
            
            
              Created
              June 27, 2013 18:23
            
          
    Web Security

This post outlines three common web security vulnerabilities with specific examples in Rails. For a more complete list, I highly recommend the OWASP Rails security cheatsheet.
Cross-Site Scripting (XSS)

A cross-site scripting attack is when malicious scripts are injected into a web site in order to compromise it.
For example, let's say we want to allow html tags such as <strong> in our blog comments, so we render raw output using the Rails method #html_safe:


## uninstall_homebrew.sh
#!/bin/sh
# Just copy and paste the lines below (all at once, it won't work line by line!)
# MAKE SURE YOU ARE HAPPY WITH WHAT IT DOES FIRST! THERE IS NO WARRANTY!

function abort {
  echo "$1"
  exit 1
}

set -e

## capybara cheat sheet
=Navigating=
    visit('/projects')
    visit(post_comments_path(post))

=Clicking links and buttons=
    click_link('id-of-link')
    click_link('Link Text')
    click_button('Save')
    click('Link Text') # Click either a link or a button
    click('Button Value')

## generate_big_quiz.rb
COURSE_ID = 5  # replace this with id of course with many (>=500) students
               # generating a large course is left as an exercise to the reader

course = Course.find(COURSE_ID)

# generate quiz
q = course.quizzes.create! :title => "Big Quiz"

eval(File.read 'quiz_questions.txt').each_with_index do |(question, as), i|
  answers = as.map.with_index { |a, j|

## quiz_questions.txt
[
  ["The main function of myelin is to",
    ["form a protective coating over nerve axons.",
      "affect the speed of nerve impulses.",
      "block the reception of acetylcholine.",
      "aid a nerve's receptivity to neurotransmitters by increasing the number of receptor sites available."]],

  ["The part of the nerve cell specialized for conducting information is the",
    ["axon.",
      "cell body.",

## jsbin.untitled.html
<!DOCTYPE html>
<html>
<head>
<script src="http://code.jquery.com/jquery-1.11.0.min.js"></script>
  <meta charset="utf-8">
  <title>JS Bin</title>
</head>
<body>

</body>

## SassMeister-input-HTML.html
<!DOCTYPE html>
<html>
  <head></head>
  <body>
    <h1>Taco!</h1>
  </body>
</html>

## Gemfile
# and whatever other gems you need

gem 'resque', '~> 1.24.1'
gem 'unicorn', '~> 4.6.2'

## gist:d7338648e031f8930249
{
	"bold_folder_labels": true,
	"caret_extra_width": 1,
	"caret_style": "phase",
	"color_scheme": "Packages/Color Scheme - Default/Solarized (Light).tmTheme",
	"draw_indent_guides": true,
	"fade_fold_buttons": false,
	"file_exclude_patterns":
	[
		".gitkeep",
	//------------------------------------------------------------------------------------------------------------------
	// YOUR CODE: Create your Zoo "object literal" and Animal "constructor" and "prototypes" here.
	//------------------------------------------------------------------------------------------------------------------

	var Zoo = {
	init : function(animals) {
	this.animals = animals;
	},
	bipeds : function() {
	return this.animals.filter(function(eachAnimal) {
	#!/bin/sh
	# Just copy and paste the lines below (all at once, it won't work line by line!)
	# MAKE SURE YOU ARE HAPPY WITH WHAT IT DOES FIRST! THERE IS NO WARRANTY!

	function abort {
	echo "$1"
	exit 1
	}

	set -e
	=Navigating=
	visit('/projects')
	visit(post_comments_path(post))

	=Clicking links and buttons=
	click_link('id-of-link')
	click_link('Link Text')
	click_button('Save')
	click('Link Text') # Click either a link or a button
	click('Button Value')
	COURSE_ID = 5 # replace this with id of course with many (>=500) students
	# generating a large course is left as an exercise to the reader

	course = Course.find(COURSE_ID)

	# generate quiz
	q = course.quizzes.create! :title => "Big Quiz"

	eval(File.read 'quiz_questions.txt').each_with_index do \|(question, as), i\|
	answers = as.map.with_index { \|a, j\|
	[
	["The main function of myelin is to",
	["form a protective coating over nerve axons.",
	"affect the speed of nerve impulses.",
	"block the reception of acetylcholine.",
	"aid a nerve's receptivity to neurotransmitters by increasing the number of receptor sites available."]],

	["The part of the nerve cell specialized for conducting information is the",
	["axon.",
	"cell body.",
	<!DOCTYPE html>
	<html>
	<head>
	<script src="http://code.jquery.com/jquery-1.11.0.min.js"></script>
	<meta charset="utf-8">
	<title>JS Bin</title>
	</head>
	<body>

	</body>
	<!DOCTYPE html>
	<html>
	<head></head>
	<body>
	<h1>Taco!</h1>
	</body>
	</html>
	# and whatever other gems you need

	gem 'resque', '~> 1.24.1'
	gem 'unicorn', '~> 4.6.2'
	{
	"bold_folder_labels": true,
	"caret_extra_width": 1,
	"caret_style": "phase",
	"color_scheme": "Packages/Color Scheme - Default/Solarized (Light).tmTheme",
	"draw_indent_guides": true,
	"fade_fold_buttons": false,
	"file_exclude_patterns":
	[
	".gitkeep",