Hacker News new | past | comments | ask | show | jobs | submit login

This is true. We actually don't use mass assignment that often. He happened to catch 2 our of 3 spots that still used it. Everywhere else is explicit about what to accept.



Ok, that is good to hear. Trust restored :) I was fearing you were using unsafe mass assignment everywhere...

Would you mind sharing any patters you use to DRY up explicit assignment?


We use this (posted by @dhh) https://gist.github.com/1975644 in some spots, or simply just Hash#slice. We have some other thoughts on making params access more explicit. The problem with explicit patterns is they can get left out if a developer forgets.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: