Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Not compatible with Rails 3 #4

Open
thibaudgg opened this Issue · 4 comments

4 participants

Thibaud Guillaume-Gentil Nicolas Blanco Preston Marshall Tyler Rick
Thibaud Guillaume-Gentil

:'(

Nicolas Blanco

+1, I like the trusted-params philosophy, also want it for rails 3. maybe will patch it later if got some time :).

Preston Marshall

+∞

Nicolas Blanco

http://guides.rubyonrails.org/security.html :

"A more paranoid technique to protect your whole project would be to enforce that all models whitelist their accessible attributes. This can be easily achieved with a very simple initializer:

ActiveRecord::Base.send(:attr_accessible, nil)

This will create an empty whitelist of attributes available for mass assignment for all models in your app. As such, your models will need to explicitly whitelist accessible parameters by using an attr_accessible declaration. "

Tyler Rick

I'm getting this error when I start my app:

/home/tyler/.rvm/gems/ruby-1.9.2-p180/gems/activerecord-3.0.9/lib/active_record/base.rb:1014:in `method_missing': undefined method `metaclass' for ActiveRecord::Base:Class (NoMethodError)
from /home/tyler/.rvm/gems/ruby-1.9.2-p180/bundler/gems/trusted-params-f9154144e64c/lib/trusted_params/active_record_additions.rb:21:in `extended'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.