diff options
author | Pablo Torres <tn.pablo@gmail.com> | 2012-12-02 16:27:13 -0500 |
---|---|---|
committer | Pablo Torres <tn.pablo@gmail.com> | 2012-12-02 16:57:46 -0500 |
commit | 25e75153b4a8f395bded7c82e63e2e188e7acea2 (patch) | |
tree | 233cccd227fbbb6b3a3f048b01b1cfaa72c8cad5 | |
parent | 51b26298e699e039a78651452ec5f5a46d570d24 (diff) | |
download | rails-25e75153b4a8f395bded7c82e63e2e188e7acea2.tar.gz rails-25e75153b4a8f395bded7c82e63e2e188e7acea2.tar.bz2 rails-25e75153b4a8f395bded7c82e63e2e188e7acea2.zip |
Convert parragraph about security to a NOTE [ci skip]
-rw-r--r-- | guides/source/routing.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/guides/source/routing.md b/guides/source/routing.md index 5728a17c04..81eb1e141b 100644 --- a/guides/source/routing.md +++ b/guides/source/routing.md @@ -624,7 +624,7 @@ You can match all verbs to a particular route using `via: :all`: match 'photos', to: 'photos#show', via: :all ``` -You should avoid routing all verbs to an action unless you have a good reason to, as routing both `GET` requests and `POST` requests to a single action has security implications. +NOTE: Routing both `GET` and `POST` requests to a single action has security implications. In general, you should avoid routing all verbs to an action unless you have a good reason to. ### Segment Constraints |