-
Notifications
You must be signed in to change notification settings - Fork 21.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rails 5: Looping through params before sanitizing causes permitted hashes to be thrown out #23701
Comments
Could this have anything to do with AC::Parameters not inheriting from Hash anymore? cc @sikachu |
It shouldn't be. I'll need to look at this further and report back. Thanks for your report. |
@sikachu not sure if this helps, but I forked Rails so I could do a bit of stepping through as the request came in. I put a
And since calling |
Hi, I think I fixed this. Since I don't have your exact repro, I had to guess. I think I guessed correctly, but can you please give master a try and see if my commit fixed this? Thank you! |
@tenderlove Yep! Well done :) |
Using Rails 5.0.0.beta2
Originally I thought this was a nested parameter sanitization issue, but I'm not so sure now.
If I loop through a nested hash as follows:
The keys of the nested hashes are considered unpermitted all of a sudden, and the keys and their values are thrown out. For instance, if these are the passed in parameters:
This shows up in console:
But if I don't loop through the parameters before sanitizing, this doesn't happen (commented out the suspect lines below):
Why is that? I need to loop through to do some conversion on those parameters as they come in, but before they're sanitized. This worked fine in 4.2.5.1.
The text was updated successfully, but these errors were encountered: