Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Update README.rdoc

Add a note about securing ActiveRecord resources by default, as an alternative to having to make sure each model is protected.
  • Loading branch information...
commit 40fd0a70e18191f19d4249c79b9edc7b2b0d6034 1 parent 368141d
@bryanrite bryanrite authored
Showing with 4 additions and 0 deletions.
  1. +4 −0 README.rdoc
View
4 README.rdoc
@@ -72,6 +72,10 @@ every model you want protected.
include ActiveModel::ForbiddenAttributesProtection
end
+Alternatively, you can protect all ActiveRecord resources by default by creating an initializer and pasting the line:
+
+ ActiveRecord::Base.send(:include, ActiveModel::ForbiddenAttributesProtection)
+
If you want to now disable the default whitelisting that occurs in later versions of Rails, change the +config.active_record.whitelist_attributes+ property in your +config/application.rb+:
config.active_record.whitelist_attributes = false
Please sign in to comment.
Something went wrong with that request. Please try again.