It encourages and facilitates the use of web standards such as JSON or XML for data transfer and HTML, CSS and JavaScript for user interfacing.
David Heinemeier Hansson extracted Ruby on Rails from his work on the project management tool Basecamp at the web application company 37signals.
[citation needed] In August 2006, the framework reached a milestone when Apple announced that it would ship Ruby on Rails with Mac OS X v10.5 "Leopard",[9] which was released in October 2007.
Rails version 2.3 was released on 15 March 2009, with major new developments in templates, engines, Rack and nested model forms.
Engines give developers the ability to reuse application pieces complete with routes, view paths and models.
The Rack web server interface and Metal allow one to write optimized pieces of code that route around Action Controller.
[12][13] Rails 3.1 was released on 31 August 2011, featuring Reversible Database Migrations, Asset Pipeline, Streaming, jQuery as default JavaScript library and newly introduced CoffeeScript and Sass into the stack.
[19] Rails 4.2 was released on 19 December 2014, introducing Active Job, asynchronous emails, Adequate Record, Web Console, and foreign keys.
While developers are free to ignore this convention and choose differing names for their models, files, and database table, this is not common practice and is usually discouraged in accordance with the "convention-over-configuration" philosophy.
[47] A controller is a server-side component of Rails that responds to external requests from the web server to the application, by determining which view file to render.
For example, in an airline reservation system, a controller implementing a flight-search function would need to query a model representing individual flights to find flights matching the search, and might also need to query models representing airports and airlines to find related secondary data.
In Ruby on Rails, an action is typically a basic unit that describes how to respond to a specific external web-browser request.
Rails encourages developers to use RESTful routes, which include actions such as create, new, edit, update, destroy, show, and index.
over WEBrick in the early days,[citation needed] but it can also run on Lighttpd, Apache, Cherokee, Hiawatha, Nginx (either as a module – Phusion Passenger for example – or via CGI, FastCGI or mod ruby), and many others.
Prior to version 2.0, Ruby on Rails also included the Action Web Service package that is now replaced by Active Resource.
Earlier Rails supported plugins within their own custom framework; version 3.2 deprecates these in favor of standard Ruby "gems".
HTML Over The Wire (Hotwire),[56][57] Conceptual compression,[58][59] and robust security[60] mark Rails 7.0's approach to the One person framework.
[68][69] The user interface aspects of the site continued to run Ruby on Rails[70] until 2011 when it was replaced due to concerns over performance.
[71] On the other hand, many Rails business application developers relied on system architecture design, including choices of database engine, cache configuration, and servers, to tackle scalability issues.
Some of the largest sites running Ruby on Rails include Airbnb, Cookpad, GitHub, GitLab,[73] Scribd, Shopify, and Basecamp.
[75][76] In March 2012, security researcher Egor Homakov discovered a mass assignment vulnerability that allowed certain Rails applications to be remotely exploited, and demonstrated it by non-maliciously hacking GitHub after his earlier attempts at responsible disclosure were dismissed.
On 15 April 2016, Near reported that an analysis of 50 popular Web applications using Space uncovered 23 previously unknown security flaws.