WRITE FOR US

Ruby on Rails Information Leaks

Information leaks

Is the target application a Rails application?

Default setup for static files:

/javascripts/application.js
/stylesheets/application.css
/images/foo.png

Pretty URLs

/project/show/12
/message/create
/folder/delete/43
/users/83

Rails provides default templates for 404 and 500 status pages
Different Rails versions use different default pages
422.html only present in applications generated with Rails 2.0

Information Leaks

Learn Ruby on Rails - Ruby on Rails tutorial - Information Leaks - Ruby on Rails examples - Ruby On Rails programs

Sample Status Pages

Sample Status page

Learn Ruby on Rails - Ruby on Rails tutorial - Sample Status page - Ruby on Rails examples - Ruby On Rails programs

Server Header

server header

Learn Ruby on Rails - Ruby on Rails tutorial - server header - Ruby on Rails examples - Ruby On Rails programs

Subversion metadata

Typically Rails applications are deployed with Capistrano / Webistrano
This will push .svn directories to the servers

meta data

Learn Ruby on Rails - Ruby on Rails tutorial - meta data - Ruby on Rails examples - Ruby On Rails programs

Related Searches to Ruby on Rails Information Leaks

rails serverruby on rails examplesruby debuggerruby findrails srails update_allruby collectserver railsruby memory profilerrails memory leakruby memory leakruby profilerail profilememory profilerleak memoryruby garbage collectionruby performancerails debugmemory leak toolrails performanceruby detectrails performance testingrails herokuruby uses