On 23 April 2011 09:02, Matt Harrison <[email protected]> wrote: > Yes you're correct. However from the way he put it, and the specific line > numbers he > referenced in the email to files in my old project, even something like this > is > dangerous:
How are you defining "dangerous"? As far as I can see, the worst is that some of the application's code will be run through, which isn't as bad as a user being able to execute their own code. > def some_action > if ... > *do stuff* > redirect_to '...' > else > *more stuff* > redirect_to '...' > end > > *somehow something here will be executed even though it doesn't exist and > should > never be reached unless the code is modified* > end So if there's a situation that this could be a *problem* use an explicit return: > redirect_to '...' and return Not exactly a huge problem IMO. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
