Permalink
Browse files

Use less hyperbole in the language re: allowed parameters

  • Loading branch information...
1 parent b1dee8c commit 3f9baeb2ec08138a0da09870ae60fd6b8165c07f @czarneckid czarneckid committed Feb 26, 2013
@@ -56,7 +56,7 @@ def set_<%= singular_table_name %>
@<%= singular_table_name %> = <%= orm_class.find(class_name, "params[:id]") %>
end
- # Never trust parameters from the scary internet, only allow the white list through.
+ # Only allow a trusted parameter "white list" through.
def <%= "#{singular_table_name}_params" %>
<%- if attributes_names.empty? -%>
params[<%= ":#{singular_table_name}" %>]

0 comments on commit 3f9baeb

Please sign in to comment.