The second version of the popular Web applications framework Ruby on Rails has been released.
In the security space, Rails 2.0 makes it easier to protect against phishing, with provisions to guard against CRSF (cross-site request forgery) intrusions. Safeguards against XSF (cross-site forgery) attacks are included as well.
“We tried to make it really easy for people to deal with both of the scenarios,” said Hansson.
Also featured in Rails 2.0 is improved testing support and backing for Atom feeds. “We’re making it really easy for applications to emit feeds,” which is critical to application updates, Hansson said.
Another new feature in version 2.0 is a framework called ActiveResource, which encapsulates Web services and makes them as easy to use as databases, Hansson said. This is similar to the ActiveRecord feature for encapsulating database calls in Rails, he said.
A guide to Ruby on Rails for Java developers is available at SYS-CON.
There are a number of application development platforms emerging for the Web, and all of them have their own problems and applicabilities. However, it is the security perspective and the quickness of the delivery of products that is of paramount importance, and these are the two areas that Ruby on Rails addresses.