Delete insecure and "bad practice" code. #5960

homakov · Apr 24, 2012

related: http://homakov.blogspot.com/2012/04/whitelist-your-routes-match-is-evil.html

josevalim · Apr 24, 2012

Agreed. It is 2012, it is fine to remove that code.

homakov · Apr 24, 2012

:( it was too easy
@josevalim kudos bro

leehambley · Apr 24, 2012

That's an awesome pull req. about time that went away, great work both of you.

homakov Deleting insecure and "bad practice" code. related: http://homakov.bl… …
…ogspot.com/2012/04/whitelist-your-routes-match-is-evil.html
f70d95e

josevalim merged commit 10540e2 into rails:master from unknown repository Apr 24, 2012

josevalim closed this Apr 24, 2012

@@ @@ -3,11 +3,11 @@ @@
    # first created -> highest priority.
    # Sample of regular route:
--  #   match 'products/:id' => 'catalog#view'
++  #   get 'products/:id' => 'catalog#view'
    # Keep in mind you can assign values other than :controller and :action
    # Sample of named route:
--  #   match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
++  #   get 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
    # This route can be invoked with purchase_url(:id => product.id)
    # Sample resource route (maps HTTP verbs to controller actions automatically):
@@ @@ -52,7 +52,4 @@ @@
    # See how all your routes lay out with "rake routes"
--  # This is a legacy wild controller route that's not recommended for RESTful applications.
--  # Note: This route will make all actions in every controller accessible via GET requests.
--  # match ':controller(/:action(/:id))(.:format)'
  end

rails/rails

HTTPS clone URL

Subversion checkout URL

Delete insecure and "bad practice" code. #5960

Labels

Milestone

Assignee

3 participants