Ken Johnson
Ken Johnson
Go ahead and change the license file to something that isn't person specific and allows for total freedom in using the code.
See https://github.com/OWASP/railsgoat/issues/140 for reference but the basic gist is we want to change Railsgoat's current auth to use Devise and demonstrate weaknesses in configuration when using Devise. Ideally though, we...
🐞 **Problem** We don't want anyone off the internet editing the wiki. This requires write permissions. There is no default "built-in" ability to submit pull requests if you don't have...
Based on discussions with @nvisium-john-poulin this morning, it makes sense to have a fixed branch so that we can test unit-tests on fixes - not just functionality - in order...
This was a quick hack to make some sense of what you are supposed to do but I'm frankly embarrassed at how terrible it STILL is, lets make an effort...
Yeah, so, I confuse ppl and don't really show the problem well or the fix w/ regards to the _actual_ problems associated with constantize. Dir traversal is mixed in w/...
2 things, both can wait until we've performed the upgrade to Rails 4 1) Discuss with exception and... 2) Discuss/demo what is really happening when a CSRF token is is...
The credential check ideally only occurs if you are actually doing something meaning, working with a module. So that's the first change - moving that logic into the `if (args.module)`...
Making sure to leave a note re: @carnal0wnage and I's discussion last night re: conventions. Background: Now that we have both GCP and AWS functionality we might have a situation...
We should also add the ability to add ourselves as a subscriber to a topic. I'm thinking just email at first. Maybe later we expand to all available options.