Skip to content
WebRebels talk and code
JavaScript Ruby
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.

  • Presentation is the slides
  • nodeapp is a small insecure node.js app
  • railsapp is a insecure single page webapp built with poorly written rails and backbone.js code

nodeapp and railsapp are two really insecure webapps. Do NOT use the code for anything except show how poorly code can be written and how insecure an app can be.

Some details on the singlepage app. It lacks proper server side security controls, meaning you can manipulate the client side to become admin etc. You can also do mass assignments, and mess around with the API.

Something went wrong with that request. Please try again.