Akshay's Blog on programming for fun and profit...

Rails Internals

A collection of 4 issues

How Rails Authenticity Tokens Protect Against CSRF Vulnerability

Rails protects your web application from CSRF attack by including an authenticity token in the HTML forms. This token is also stored in the user's session. Upon receiving a request, Rails compares these two tokens to decide if the request is verified.

What Happens When You Call render? Let's Understand the Rails Rendering Process

This article explains the Rails rendering process in the context of returning JSON data from the controller. Hopefully, it will make it clear what really happens when you call the render method from the controller.

Hiding Sensitive Information from Logs Using Parameter Filtering in Rails

This article explains why you shouldn't log confidential or user-identifiable information and how to filter it using parameter filtering in Rails. We'll also learn how Rails implements this feature internally.

A Brief Introduction to Rails Initializers

After loading the framework and any gems in your application, Rails runs the initializers under the `config/initializers` directory. This article explains how initializers work and how they're implemented.