I designed this repo to create some bite-sized demonstrations of common server-side vulnerabiltiies for my web development students at Dev Bootcamp Chicago. This is meant to be demoed in person in early phase 3. Students have used Sinatra for weeks, and have just been exposed to Rails concepts such as CSRF tokens and strong params. This is meant to put those problems in Sinatra terms.
This repo includes an example of Cross-Site Request Forgery (CSRF) and exploiting HTTP request parameters with Active Record object initialization.