Hello frnds
Is there a way out by which we can determine that a site is made in RoR?
like looking @ the source code or some other method…that we adopt for
other techs like php…
Thanks a lot
dhaval parikh
No other framework provides 404.html at the root so if you find
http://example.com/4004.html and http://example.com/500.html be assured
that it’s ROR. Also the URL at the top can indicate too.
If you look at the form and see person[name] then it’s ROR.
Raj S. wrote:
No other framework provides 404.html at the root so if you find
http://example.com/4004.html and http://example.com/500.html be assured
that it’s ROR. Also the URL at the top can indicate too.If you look at the form and see person[name] then it’s ROR.
thanks a lot but i think there should be some concrete way out…to find
the same…as url can be made to look like ror even in php
applications(url aliasing)
…500.html is most of the time modified by companies launching sites
…there is no guarantee that a form will be there in a site…
On Jan 16, 11:54 am, Dhaval P. [email protected]
wrote:
Raj S. wrote:
No other framework provides 404.html at the root so if you find
http://example.com/4004.htmlandhttp://example.com/500.htmlbe assured
that it’s ROR. Also the URL at the top can indicate too.If you look at the form and see person[name] then it’s ROR.
thanks a lot but i think there should be some concrete way out…to find
the same…as url can be made to look like ror even in php
applications(url aliasing)
Do a curl call to the the URL. In the response you can see come of the
Information like server, Content type etc etc.
If the server is mongrel , its definitely RoR.
–
Procrastinx
Frederick C. wrote:
On 16 Jan 2008, at 07:02, Procrastinx wrote:
thanks a lot but i think there should be some concrete way out…to
find
the same…as url can be made to look like ror even in php
applications(url aliasing)Do a curl call to the the URL. In the response you can see come of the
Information like server, Content type etc etc.
If the server is mongrel , its definitely RoR.
or merb, or nitro or camping etc… Mongrel most commonly hides behind
some sort of load balancer anyway
I doubt there is a foolproof way of doing this (especially if the
person running the server wants to make it look like rails isn’t being
used)
Fred
yes thats wat i m looking for…this is possible in most of the techs
like php or .net as there is an extension to it…even if we bypass
that…we can determine that from the code.which is not possible in
ror…i m finding a solution to this since long bt not able to do it 
append
/images/rails.png
to the url is a “not certain” yet optional way to check
s
On 16 Jan 2008, at 07:02, Procrastinx wrote:
thanks a lot but i think there should be some concrete way out…to
find
the same…as url can be made to look like ror even in php
applications(url aliasing)Do a curl call to the the URL. In the response you can see come of the
Information like server, Content type etc etc.
If the server is mongrel , its definitely RoR.
or merb, or nitro or camping etc… Mongrel most commonly hides behind
some sort of load balancer anyway
I doubt there is a foolproof way of doing this (especially if the
person running the server wants to make it look like rails isn’t being
used)
Fred
Nobody’s asked this yes, so I will: why does it matter what something’s
written in? Is there something you want to hack? Do you want to hide
Rails
from the bosses? I’m just interested, that’s all.
Brian H. wrote:
Nobody’s asked this yes, so I will: why does it matter what something’s
written in? Is there something you want to hack? Do you want to hide
Rails
from the bosses? I’m just interested, that’s all.
Well basically being in the field of technology i would certainly like
to know that a particular thing is made using wat technology…as thru
that we can come to know that what is new thing in market…what r
people and companies doing and y in terms of technology…
so I feel that knowing about the fact that the site is made using wat
tech is an important aspect for all tech ppl…we can even come to know
that wat features can be made using with language…and find out the adv
of using one instead of other…also its a matter of pride that being
working in one particular lang and when big ppl/companies make their
sites using that lang u can visualize the future of it…
Its something to boast about and gives u a confidence of working in the
same…
Again wat i have written is wat i feel…
thanks
On 16 Jan 2008, at 14:30, Dhaval P. wrote:
Well basically being in the field of technology i would certainly like
to know that a particular thing is made using wat technology…as
thru
that we can come to know that what is new thing in market…what r
people and companies doing and y in terms of technology…
There are sites out there that make an educated guess on the
underlying framework (i don’t recall the url and can’t seem to find
it in a hurry), but it’s always an educated guess.
Examples:
http://mydomain.com/contacts;addresses/ will probably be a Rails 1.2
RESTful routes app
http://mydomain.com/javascripts/application.js?15454365 will probably
be a Rails app too
There are some indicators on which language/framework has been used
and the more can be found in one page, the more probably it will be
to guess the technology used. But it is and stays an educated guess
in the end.
Best regards
Peter De Berdt
I had this same thought, and wondered if anything like wordpress’ meta
tag existed for rails .
previous discussion here -
http://groups.google.com/group/rubyonrails-talk/browse_thread/thread/b594be4b937d7e01/dbb85644cf293f1f?hl=en#dbb85644cf293f1f
On 1/16/08, Brian H. [email protected] wrote:
Nobody’s asked this yes, so I will: why does it matter what something’s
written in? Is there something you want to hack? Do you want to hide Rails
from the bosses? I’m just interested, that’s all.
I realize that the use of the word “hack” here is ambiguous, but.
There are often good security reasons to configure a server so as to
hide how it’s implemented, particularly when using a widely used
framework.
Imagine that someone is trying to exploit a security exposure which
has become public. One valuable tool in the evil-doer’s kit is to
scan sites to find likely victims.
So while there are clues like the server header in http responses,
there are also countermeasures such as configuring a stack component
(e.g. Apache) to either withhold or obfuscate them. And security
conscious sites are likely to use these countermeasures.
–
Rick DeNatale
My blog on Ruby
http://talklikeaduck.denhaven2.com/
On 1/16/08, Raj S. [email protected] wrote:
If you look at the form and see person[name] then it’s ROR.
Wrong. Array-based form elements existed long before Rails did.
–
Greg D.
http://destiney.com/
In my opinion, the reason meta tags like that are terrible is that it
tells
someone what version of something you are using, so they can then see if
they can exploit it. I’ve always found it beneficial to hide the
technology
you’re using.