Skip to content
Browse files

sync example and documentation for strong_parameters hash whitelisting.

[ci skip]

This is a follow up to #12609 and integrates #12158.

Thanks @aspiers.
Closes #12158.
  • Loading branch information...
1 parent c7f1bcd commit 36053ce92c7077a8061d34f938bd82c478ee44a3 @senny senny committed Nov 26, 2013
Showing with 7 additions and 5 deletions.
  1. +7 −5 guides/source/action_controller_overview.md
View
12 guides/source/action_controller_overview.md
@@ -321,10 +321,12 @@ in mind. It is not meant as a silver bullet to handle all your
whitelisting problems. However you can easily mix the API with your
own code to adapt to your situation.
-Imagine a scenario where you want to whitelist an attribute
-containing a hash with any keys. Using strong parameters you can't
-allow a hash with any keys but you can use a simple assignment to get
-the job done:
+Imagine a scenario where you have parameters representing a product
+name and a hash of arbitrary data associated with that product, and
+you want to whitelist the product name attribute but also the whole
+data hash. The strong parameters API doesn't let you directly
+whitelist the whole of a nested hash with any keys, but you can use
+the keys of your nested hash to declare what to whitelist:
```ruby
def product_params
@@ -988,7 +990,7 @@ you should also note the following things:
* Failing to close the response stream will leave the corresponding socket open
forever. Make sure to call `close` whenever you are using a response stream.
* WEBrick servers buffer all responses, and so including `ActionController::Live`
- will not work. You must use a web server which does not automatically buffer
+ will not work. You must use a web server which does not automatically buffer
responses.
Log Filtering

0 comments on commit 36053ce

Please sign in to comment.
Something went wrong with that request. Please try again.