Skip to content
No description or website provided.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.

This gem protects you against most opportunistic attacks and is at the same time as simple as possible.

Goes well with almost-sinatra, almost-rack or Ruby on Rails. Should work with any Rack-compatible application and most other apps, too.


require 'almost-rack-protection'

use Almost::Rack::Protection
run MyApp

Protects against:

  • SQL injection
  • NoSQL injection
  • Cross Site Scripting
  • Broken Authentication / Session Management
  • Insecure Direct Object References
  • Login spoofing
  • Cross Site Request Forgery
  • Security Misconfiguration
  • Insecure Cryptographic Storage
  • Failure to Restrict URL Access
  • Race condition (except in your Rack handler)
  • Insufficient Transport Layer Protection
  • Unvalidated Redirects and Forwards
  • Windows Metafile vulnerability
  • Password cracking
  • Malicious File Execution
  • Reflection attack
  • Mass-Assignment Bugs
  • Arbitrary code execution
  • Buffer overflow
  • Metasploit
  • Data breach
  • Frame injection
  • Y2K bug
  • Timing Attacks
  • Remote file inclusion
  • Some DoS attacks
  • Off-by-one error
  • Shoulder surfing
  • Most other CVEs
Something went wrong with that request. Please try again.