@@ -88,6 +88,10 @@ module ActionController # # map.connect ':controller/:action/:id', :action => 'show', :defaults => { :page => 'Dashboard' } # + # Note: The default routes, as provided by the Rails generator, make all actions in every + # controller accessible via GET requests. You should consider removing them or commenting + # them out if you're using named routes and resources. + # # == Named routes # # Routes can be named with the syntax <tt>map.name_of_route options</tt>, actionpack/lib/action_controller/routing.rb @@ -36,6 +36,8 @@ ActionController::Routing::Routes.draw do |map| # See how all your routes lay out with "rake routes" # Install the default routes as the lowest priority. + # Note: These default routes make all actions in every controller accessible via GET requests. You should + # consider removing the them or commenting them out if you're using named routes and resources. map.connect ':controller/:action/:id' map.connect ':controller/:action/:id.:format' end railties/configs/routes.rb d37e6413366c9a3fafa02c4298a2946dc8327a42 Clemens Kofler clemens@railway.at http://github.com/rails/rails/commit/feb08984ea5517db5780a88584929feac1cafb59 feb08984ea5517db5780a88584929feac1cafb59 2008-07-10T00:29:27-07:00 2008-07-09T12:41:03-07:00 Added notes to Routing documentation and routes.rb regarding defaults routes opening the whole application for GET requests Signed-off-by: Michael Koziarski <michael@koziarski.com> e763d94b44d5144d79a6fd8bd1c1de34bf567e73 Michael Koziarski michael@koziarski.com