commented whitelist mode enforcement for mass assignment

railties/lib/rails/generators/rails/app/templates/config/application.rb

@@ -54,6 +54,12 @@ class Application < Rails::Application
     # like if you have constraints or database-specific column types
     # config.active_record.schema_format = :sql
 
+    # Enforce whitelist mode for mass assignment.
+    # This will create an empty whitelist of attributes available for mass-assignment for all models
+    # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
+    # parameters by using an attr_accessible or attr_protected declaration.
+    # config.active_record.whitelist_attributes = true
+
 <% unless options.skip_sprockets? -%>
     # Enable the asset pipeline
     config.assets.enabled = true