Browse files

add AC::Parameters#permit_all_parameters config option [ci skip]

  • Loading branch information...
Francesco Rodriguez
Francesco Rodriguez committed Oct 5, 2012
1 parent 4b3377c commit 2154215940f8400ed85ffe988de89e12da2cce4a
Showing with 3 additions and 1 deletion.
  1. +3 −1 guides/source/
@@ -310,10 +310,12 @@ The schema dumper adds one additional configuration option:
* `config.action_controller.request_forgery_protection_token` sets the token parameter name for RequestForgery. Calling `protect_from_forgery` sets it to `:authenticity_token` by default.
-* `config.action_controller.allow_forgery_protection` enables or disables CSRF protection. By default this is false in test mode and true in all other modes.
+* `config.action_controller.allow_forgery_protection` enables or disables CSRF protection. By default this is `false` in test mode and `true` in all other modes.
* `config.action_controller.relative_url_root` can be used to tell Rails that you are deploying to a subdirectory. The default is `ENV['RAILS_RELATIVE_URL_ROOT']`.
+* `config.action_controller.permit_all_parameters` sets all the parameters for mass assignment to be permitted by default. The default value is `false`.
### Configuring Action Dispatch
* `config.action_dispatch.session_store` sets the name of the store for session data. The default is `:cookie_store`; other valid options include `:active_record_store`, `:mem_cache_store` or the name of your own custom class.

0 comments on commit 2154215

Please sign in to comment.