Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Very

  • Loading branch information...
commit 4227d614304f7ec57cf0c6c0efae65eae1d15e08 1 parent 4854fa4
@jcasimir jcasimir authored
Showing with 1 addition and 1 deletion.
  1. +1 −1  source/topics/fundamental_security.markdown
View
2  source/topics/fundamental_security.markdown
@@ -159,7 +159,7 @@ Based on the second controller snippet, a not-found `order` will result in a saf
### Things to Remember
-* Be vary suspicious of any class method in a controller.
+* Be very suspicious of any class method in a controller.
* Nefarious users can access any public action and pass in any combination of parameters they want. Just because there's no link or form doesn't mean an action can't be exploited.
* Scope all queries off of a domain object, like the current user.
* Be careful with your order of operations -- don't change any data until you've successfully found the specified record.
Please sign in to comment.
Something went wrong with that request. Please try again.