team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mass assignment vulnerability, how it manifests in Rails 4

Browse Source
This commit is contained in:
cktricky
2015-08-18 20:23:35 -04:00
parent 5c62c1b021
commit cdbf2d7d92
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/controllers/users_controller.rb
+1 -1
View File
@@ -55,7 +55,7 @@ class UsersController < ApplicationController
private
def user_params
params.require(:user).permit(:email, :admin, :first_name, :last_name, :user_id, :password, :password_confirmation)
params.require(:user).permit!
end
# unpermitted attributes are ignored in production