public
Description: Ruby on Rails
Homepage: http://rubyonrails.org
Clone URL: git://github.com/rails/rails.git
Added notes to Routing documentation and routes.rb regarding defaults routes 
opening the whole application for GET requests

Signed-off-by: Michael Koziarski <michael@koziarski.com>
clemens (author)
Wed Jul 09 12:41:03 -0700 2008
NZKoz (committer)
Thu Jul 10 00:29:27 -0700 2008
commit  feb08984ea5517db5780a88584929feac1cafb59
tree    e763d94b44d5144d79a6fd8bd1c1de34bf567e73
parent  d37e6413366c9a3fafa02c4298a2946dc8327a42
...
88
89
90
 
 
 
 
91
92
93
...
88
89
90
91
92
93
94
95
96
97
0
@@ -88,6 +88,10 @@ module ActionController
0
   #
0
   #   map.connect ':controller/:action/:id', :action => 'show', :defaults => { :page => 'Dashboard' }
0
   #
0
+  # Note: The default routes, as provided by the Rails generator, make all actions in every
0
+  # controller accessible via GET requests. You should consider removing them or commenting
0
+  # them out if you're using named routes and resources.
0
+  #
0
   # == Named routes
0
   #
0
   # Routes can be named with the syntax <tt>map.name_of_route options</tt>,
...
36
37
38
 
 
39
40
41
...
36
37
38
39
40
41
42
43
0
@@ -36,6 +36,8 @@ ActionController::Routing::Routes.draw do |map|
0
   # See how all your routes lay out with "rake routes"
0
 
0
   # Install the default routes as the lowest priority.
0
+  # Note: These default routes make all actions in every controller accessible via GET requests. You should
0
+  # consider removing the them or commenting them out if you're using named routes and resources.
0
   map.connect ':controller/:action/:id'
0
   map.connect ':controller/:action/:id.:format'
0
 end

Comments