There are many a folk who want to bring apps built upon Rails into the realm of the ever increasingly popular iPhone yet not too many tools may be available for use on the said platform. One that caught developer’s eyes is the rails-iphone-helper library that generates iPhone specific html tags that would allow you to go and tinker around with your iPhone.
The library download available here can be used free but apps must conform to widely accepted standards (whether from the community or Apple) for them to work properly. iPhones have captivated the world and with Apple seemingly trying their best to open their doors to the world they may have done so with the release of some secrets that have allowed the development of these extensions.

Developers should be aware of the most common forms of cross site problems that can weaken an apps security namely CSRF(Cross-Site Request Forgery) and XSS(Cross-Site Scripting) both of which can lead to infiltration or even hijacking of sessions by unauthorized people or programs that are designed to do just that. SQL injection is another way by which malware enters sites to hijack them, injecting code and doing stuff such as obtaining user information for use later. Robust security is key and should be taken seriously.

The internet is a very wide place to move through but that very movement poses serious threat to users and developers alike who aim to secure data from those who aim to use it for no good.

Security is the first priority when it comes to ruby apps for without it, however robust and well thought of a program is, it’s bound to fail. Many developers have had recommendations on how to get about this but here are some of the most important points to consider when building and deploying Ruby Apps.

Authorization is two things, one is to allow people to get into the site/app and the other is to let people do things within the said app. Such is a case such as in WP which has different user levels, admin allowing you to do almost anything. Users can log-in and modify their profiles but other than that they are given no other rights. More tips in upcoming posts so do check back for more.