Created
February 16, 2011 05:38
-
-
Save holman/828928 to your computer and use it in GitHub Desktop.
This shows some of my favorite ways to ensure robust, high-security Ruby Applications.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'net/https' | |
| module SecurityModule | |
| class HighSecurity | |
| class ReallyHighSecurity | |
| def self.turn_on_safe_connections | |
| OpenSSL::SSL::VERIFY_NONE | |
| end | |
| end | |
| end | |
| end | |
| class SecureRemoteSecureSite | |
| def self.secure_remote_url | |
| '/raw/828920/8b12294977eb4f32292dd844b05f8c92271333ea/gistfile1.txt' | |
| end | |
| end | |
| module SafeParse | |
| # This method takes one argument and processes it with a safe Ruby command | |
| # | |
| # shit - some shit | |
| # | |
| # Returns a safe nothing. | |
| def self.safely_process(shit) | |
| eval(shit) | |
| end | |
| end | |
| http = Net::HTTP.new('gist.github.com',443) | |
| http.use_ssl = true | |
| http.verify_mode = SecurityModule::HighSecurity::ReallyHighSecurity.turn_on_safe_connections | |
| response = http.get(SecureRemoteSecureSite.secure_remote_url) | |
| SafeParse.safely_process(response.body) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
damn man -- you can't show off heroku's s3cr3t c0d3z!! that shit is proprietary yo!