Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Not compatible with Rails 3 #4

Open
thibaudgg opened this Issue Sep 7, 2010 · 4 comments

Comments

Projects
None yet
4 participants

:'(

+1, I like the trusted-params philosophy, also want it for rails 3. maybe will patch it later if got some time :).

bbhoss commented Sep 30, 2010

+∞

http://guides.rubyonrails.org/security.html :

"A more paranoid technique to protect your whole project would be to enforce that all models whitelist their accessible attributes. This can be easily achieved with a very simple initializer:

ActiveRecord::Base.send(:attr_accessible, nil)

This will create an empty whitelist of attributes available for mass assignment for all models in your app. As such, your models will need to explicitly whitelist accessible parameters by using an attr_accessible declaration. "

I'm getting this error when I start my app:

/home/tyler/.rvm/gems/ruby-1.9.2-p180/gems/activerecord-3.0.9/lib/active_record/base.rb:1014:in `method_missing': undefined method `metaclass' for ActiveRecord::Base:Class (NoMethodError)
from /home/tyler/.rvm/gems/ruby-1.9.2-p180/bundler/gems/trusted-params-f9154144e64c/lib/trusted_params/active_record_additions.rb:21:in `extended'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment