Chapter 11Testing for Security
Web security is a very scary topic. All of our applications depend on cryptography and programming that is beyond our immediate control. Despite that, certain parts of web security are in our controlâall the logins and access checks and injection errors that happen on our site as a result of programming choices we make.
When it comes to security and testing, thereâs good news and bad news. The good news is that all kinds of access and injection bugs are amenable to automated developer testing. Sometimes unit testing will do the trick; other times end-to-end testing is the correct tool, but the effects of a security problem are often easily reproducible in a test environment. The bad news is that you need to ...
Get Rails 4 Test Prescriptions now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
