Permalink
Browse files

Creating a Project here is unnecessary

  • Loading branch information...
1 parent d5123e0 commit d3a8929111b27edbe35924a771e2ff6ffd71cd44 @steerio steerio committed Jan 3, 2013
Showing with 0 additions and 1 deletion.
  1. +0 −1 spec/cancan/controller_resource_spec.rb
@@ -392,7 +392,6 @@ class Section
# CVE-2012-5664
it "should always convert id param to string" do
- project = Project.create!
@params.merge!(:action => "show", :the_project => { :malicious => "I am" })
resource = CanCan::ControllerResource.new(@controller, :id_param => :the_project)
resource.send(:id_param).class.should == String

0 comments on commit d3a8929

Please sign in to comment.