Changeset 1276
- Timestamp:
- 01/10/08 17:29:25 (9 months ago)
- Files:
-
- plugins/merb_param_protection/README (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
plugins/merb_param_protection/README
r1275 r1276 7 7 The request sets: 8 8 9 9 params => { :post => { :title => "ello", :body => "Want it", :status => "green", :author_id => 3, :rank => 4 } } 10 10 11 11 Example 1: params_accessable … … 14 14 end 15 15 16 16 params.inspect # => { :post => { :title => "ello", :body => "Want it" } } 17 17 18 18 So we see that params_accessible removes everything except what is explictly specified. 19 19 20 21 22 23 20 Example 2: params_protected 21 MyOtherController < Application 22 params_protected :post => [:status, :author_id] 23 end 24 24 25 25 params.inspect # => { :post => { :title => "ello", :body => "Want it", :rank => 4 } } 26 26 27 27 We also see that params_protected removes ONLY those parameters explicitly specified.
