Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Update README.rdoc #100

Merged
merged 2 commits into from

2 participants

@bryanrite

Add a note about securing ActiveRecord resources by default, as an alternative to having to make sure each model is protected.

@bryanrite bryanrite Update README.rdoc
Add a note about securing ActiveRecord resources by default, as an alternative to having to make sure each model is protected.
40fd0a7
@fxn
Owner

Good, could you please edit "ActiveRecord" -> "Active Record"?

@bryanrite bryanrite Update README.rdoc
As requested, spelling Active Record as a word, not the model.
1db7d98
@bryanrite

@fxn Should be good now!

@fxn
Owner

Thanks!

@fxn fxn merged commit 1fddb10 into rails:master

1 check failed

Details default The Travis build failed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Feb 16, 2013
  1. @bryanrite

    Update README.rdoc

    bryanrite authored
    Add a note about securing ActiveRecord resources by default, as an alternative to having to make sure each model is protected.
  2. @bryanrite

    Update README.rdoc

    bryanrite authored
    As requested, spelling Active Record as a word, not the model.
This page is out of date. Refresh to see the latest.
Showing with 4 additions and 0 deletions.
  1. +4 −0 README.rdoc
View
4 README.rdoc
@@ -72,6 +72,10 @@ every model you want protected.
include ActiveModel::ForbiddenAttributesProtection
end
+Alternatively, you can protect all Active Record resources by default by creating an initializer and pasting the line:
+
+ ActiveRecord::Base.send(:include, ActiveModel::ForbiddenAttributesProtection)
+
If you want to now disable the default whitelisting that occurs in later versions of Rails, change the +config.active_record.whitelist_attributes+ property in your +config/application.rb+:
config.active_record.whitelist_attributes = false
Something went wrong with that request. Please try again.