Hacker News new | past | comments | ask | show | jobs | submit login

I like this better than my solution, which was to specific which params were allowed for each controller action and remove any that weren't allowed.



Applications are open for YC Winter 2021

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: