Permalink
Browse files

commented whitelist mode enforcement for mass assignment

  • Loading branch information...
1 parent 810837d commit f2fa4837a8a888ee86997be892d0aa5bbd2b5fd0 @lest lest committed Dec 13, 2011
Showing with 6 additions and 0 deletions.
  1. +6 −0 railties/lib/rails/generators/rails/app/templates/config/application.rb
@@ -54,6 +54,12 @@ class Application < Rails::Application
# like if you have constraints or database-specific column types
# config.active_record.schema_format = :sql
+ # Enforce whitelist mode for mass assignment.
+ # This will create an empty whitelist of attributes available for mass-assignment for all models
+ # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
+ # parameters by using an attr_accessible or attr_protected declaration.
+ # config.active_record.whitelist_attributes = true
+
<% unless options.skip_sprockets? -%>
# Enable the asset pipeline
config.assets.enabled = true

0 comments on commit f2fa483

Please sign in to comment.