Lernplattform fur Interviewvorbereitung, Online-Tests, Tutorials und Live-Ubungen

Baue deine Fahigkeiten mit fokussierten Lernpfaden, Probetests und interviewreifem Inhalt aus.

WithoutBook vereint themenbezogene Interviewfragen, Online-Ubungstests, Tutorials und Vergleichsleitfaden in einem responsiven Lernbereich.

Bibliothek durchsuchen

Interview vorbereiten

Ruby On Rails Interviewfragen und Antworten

Frage 51. What are the key deployment challenges in Ruby on Rails?

heroku makes deployment easy.

Things that I sometimes run into are:

> Mismatched gem versions between local and production environment

> Some lessons learned:

»» Use image_tag helper each time

»» Specify root path in ENV variable

»» Configure assets pipeline by setting: config.assets.enabled = true in the config/application.rb file

Configure Capistrano script to precompile assets

Ist das hilfreich? Ja Nein Kommentar hinzufugen Kommentare ansehen

Frage 52. HOW CAN YOU SAFEGUARD A RAILS APPLICATION FROM SQL INJECTION ATTACK?

Rails already has the logic built into it to prevent SQL injection attacks if you follow the right syntax.

Say you are trying to authenticate a user based on their login and password you might be tempted to use a syntax as below:

User.first("login = '#{params[:name]}' AND password = '#{params[:password]}'")

If an attacker enters ’ OR ‘1’=‘1 as the name, and ’ OR ’2’>’1 as the password, the resulting SQL query will be:

 SELECT * FROM users WHERE login = '' OR '1'='1' AND password = '' OR '2'>'1' LIMIT 1

This will simply find the first record in the database, and grants access to this user.

To prevent this type of SQL injection simply use the following format.

  User.where("login = ? AND password = ?", entered_user_name, entered_password).first

User.where(:login => entered_user_name, :password => entered_password).first

Ist das hilfreich? Ja Nein Kommentar hinzufugen Kommentare ansehen

Frage 53. How can you secure a Rails Application?

Rails has a lot of in-built capabilities to deal with common web-security issues.

> SQL Injection

> Cross-Site

> Session fixation and Session hijacking

> Captcha

Ist das hilfreich? Ja Nein Kommentar hinzufugen Kommentare ansehen

Frage 54. What is Ruby On Rails?

Ruby on Rails is an open source full-stack web application framework written in the Ruby Programming Language. Rails is capable of gathering information using pages and applications from the web server and can interact with a database and can retrieve information from the database.

Ist das hilfreich? Ja Nein Kommentar hinzufugen Kommentare ansehen

Frage 55. Why Ruby on Rails?

1.CRUD (convention over configuration)
2. DRY Principal (Do not repeat Your self )
3. Gems and Plugins
4. Pure OOP Concept
5. Scaffolding
6.. Rest Support
7.Action Mailer
8. Rake support
9. open source
10.Rpsec Suppot for testing

Ist das hilfreich? Ja Nein Kommentar hinzufugen Kommentare ansehen

Am hilfreichsten laut Nutzern: