aboutsummaryrefslogtreecommitdiffstats
path: root/guides
diff options
context:
space:
mode:
authorXavier Noria <fxn@hashref.com>2013-11-11 07:33:38 -0800
committerXavier Noria <fxn@hashref.com>2013-11-11 07:33:38 -0800
commitb31b6e669935cfa7e88e75c02dbd0892d1b9853e (patch)
treebacd0e7116ea11f61060118699e1e8f0a343400d /guides
parent0bb6b432d03bc2bf29c2d7076e059deffe18f4c8 (diff)
parent336caf9114f71bb09f0be61f4270fd2bedef5812 (diff)
downloadrails-b31b6e669935cfa7e88e75c02dbd0892d1b9853e.tar.gz
rails-b31b6e669935cfa7e88e75c02dbd0892d1b9853e.tar.bz2
rails-b31b6e669935cfa7e88e75c02dbd0892d1b9853e.zip
Merge pull request #12815 from Adam89/patch-1
Update security.md [ci skip]
Diffstat (limited to 'guides')
-rw-r--r--guides/source/security.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/guides/source/security.md b/guides/source/security.md
index d7a41497f8..595cf7c62c 100644
--- a/guides/source/security.md
+++ b/guides/source/security.md
@@ -17,7 +17,7 @@ After reading this guide, you will know:
Introduction
------------
-Web application frameworks are made to help developers building web applications. Some of them also help you with securing the web application. In fact one framework is not more secure than another: If you use it correctly, you will be able to build secure apps with many frameworks. Ruby on Rails has some clever helper methods, for example against SQL injection, so that this is hardly a problem. It's nice to see that all of the Rails applications I audited had a good level of security.
+Web application frameworks are made to help developers build web applications. Some of them also help you with securing the web application. In fact one framework is not more secure than another: If you use it correctly, you will be able to build secure apps with many frameworks. Ruby on Rails has some clever helper methods, for example against SQL injection, so that this is hardly a problem. It's nice to see that all of the Rails applications I audited had a good level of security.
In general there is no such thing as plug-n-play security. Security depends on the people using the framework, and sometimes on the development method. And it depends on all layers of a web application environment: The back-end storage, the web server and the web application itself (and possibly other layers or applications).