I'd like to let you know that my book is finally done and if you want to learn about how to avoid security issues during code review, you should read it: Secure code review for Rails Developers.
Did you know that you can create a single-file Rails application?
You shouldn't unless you are experimenting with something, but regardless, let me show you how it's done.
Let's create a file and call it "app.ru", the "ru" extension means it will be a rackup file. Then we need to use bundler inline to install the dependencies:
Next, we require Rails and configure Active Record to use a sqlite database and we define the database schema and create a model:
Next step is to create an "App" class, and set the necessary configuration. We also set the root route to point to the WelcomeController's index action:
Final step is to add a controller, initialize the app and run it.
Then from a terminal, you can run "rackup app.ru" and you have a single file Rails application.
Hire me for a penetration test
Let's find the security holes before the bad guys do.