Thanks Fred Looks like strict sanitizer option is only available in 3.2 (I'm on 3.1 for now).
On Monday, January 7, 2013 11:43:13 AM UTC-5, Ilya Katz wrote: > > I just wanted to get everyone's opinion on this before attempting a pull > request. > > When mass-assignment is disallowed by default with > > config.active_record.whitelist_attributes = true > > Two things happen > > 1. A message is logged "WARNING: Can't mass-assign protected attributes: > blah" (which is the case even if whitelist_attributes is not set to true > 2. Mass assignment is not allowed without explicite declaration but there > is no error, the same application fails to save/update a model that > produces some other error which isn't easily apparent as to why it happened > > I found it useful for my development to make 2 changes > > 1. Update log message to be more explicit such as "WARNING: Can't > mass-assign *in SomeModel* protected attributes: blah" > 2. Thrown an exception - this would only make sense if > whitelist_attributes is set to true > > Any opinion if this would be a good suggestion for the rails feature > request, specifically #2? > > Thanks > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/6sIvbhKz4BUJ. For more options, visit https://groups.google.com/groups/opt_out.
