This repository is private.
All pages are served over SSL and all pushing and pulling is done over SSH.
No one may fork, clone, or view it unless they are added as a member.
Every repository with this icon (
) is private.
Every repository with this icon (
) is private.
This repository is public.
Anyone may fork, clone, or view it.
Every repository with this icon () is public.
Every repository with this icon (
) is public.
Gwyn Morfey (author)
Wed Apr 16 03:58:11 -0700 2008
commit 13beef0e31151c7121baa3f8df595e174ed7e80b
tree f5722b8af97db1ab24cc40bdd2295e5c7e611ae6
parent f35d84c0b5b971ded6c0b698884d2d71707ee091
tree f5722b8af97db1ab24cc40bdd2295e5c7e611ae6
parent f35d84c0b5b971ded6c0b698884d2d71707ee091
merb-plugins / merb_param_protection
merb_param_protection/README
merb_param_protection
=================
This plugin exposes two new controller methods which allow us to simply and flexibly filter the parameters available
within the controller.
Setup:
The request sets:
params => { :post => { :title => "ello", :body => "Want it", :status => "green", :author_id => 3, :rank => 4 } }
Example 1: params_accessable
MyController < Application
params_accessible :post => [:title, :body]
end
params.inspect # => { :post => { :title => "ello", :body => "Want it" } }
So we see that params_accessible removes everything except what is explictly specified.
Example 2: params_protected
MyOtherController < Application
params_protected :post => [:status, :author_id]
end
params.inspect # => { :post => { :title => "ello", :body => "Want it", :rank => 4 } }
We also see that params_protected removes ONLY those parameters explicitly specified.
