Thanks for the feedback Maxime! I’ll try this tutorial again on a clean OS and see if I run into those same issues. Re: CSRF and XSS, better than me attempting to explain the possible vulnerabilities and missing 90% of the obscure-yet-not-so-uncommon ones, check out the security considerations for Ruby on Rails here: http://guides.rubyonrails.org/security.html. The out-of-the-box security considerations they implemented are pretty mind-blowing if you ask me.