I think I can intercept any packet from my app and change the url, and the params such that the users' account would de delete / other stuff could be deleted.
How do I protect against this? since the auth_token, and cookie are passed i开发者_C百科n every packet?
The standard protection agains packet sniffing is to secure your connections with HTTPS.
Here is some info:
http://collectiveidea.com/blog/archives/2010/11/29/ssl-with-rails/
Here's a ton of resources on protecting your app: http://guides.rubyonrails.org/security.html
I don't think it's really about securing rails if you are concerned about packet sniffing. You need to use SSL to encrypt the communication between client and your web server.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论