team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

turning off whitelisting and entities encoding

Browse Source
This commit is contained in:
Mike McCabe
2013-11-12 16:11:30 -05:00
parent c06140659c
commit 108c8d2e2a
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config/application.rb
+2 -2
View File
@@ -40,7 +40,7 @@ module Railsgoat
config.filter_parameters += [:password] config.filter_parameters += [:password]
# Enable escaping HTML in JSON. # Enable escaping HTML in JSON.
config.active_support.escape_html_entities_in_json = true config.active_support.escape_html_entities_in_json = false
# Use SQL instead of Active Record's schema dumper when creating the database. # Use SQL instead of Active Record's schema dumper when creating the database.
# This is necessary if your schema can't be completely dumped by the schema dumper, # This is necessary if your schema can't be completely dumped by the schema dumper,
@@ -51,7 +51,7 @@ module Railsgoat
# This will create an empty whitelist of attributes available for mass-assignment for all models # This will create an empty whitelist of attributes available for mass-assignment for all models
# in your app. As such, your models will need to explicitly whitelist or blacklist accessible # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
# parameters by using an attr_accessible or attr_protected declaration. # parameters by using an attr_accessible or attr_protected declaration.
config.active_record.whitelist_attributes = true config.active_record.whitelist_attributes = false
# Enable the asset pipeline # Enable the asset pipeline
config.assets.enabled = true config.assets.enabled = true