diff options
author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2017-04-11 21:45:39 -0400 |
---|---|---|
committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2017-04-18 17:33:23 -0400 |
commit | fd88ccc905549c61e0e4525fcb68b91d20b9afe9 (patch) | |
tree | bdb5f528a4e317cab9d810161dae2498a38928fe /actionpack/test/controller/mime | |
parent | 1396b05e5a36859a9730e7a4a56abba02c41c0d6 (diff) | |
download | rails-fd88ccc905549c61e0e4525fcb68b91d20b9afe9.tar.gz rails-fd88ccc905549c61e0e4525fcb68b91d20b9afe9.tar.bz2 rails-fd88ccc905549c61e0e4525fcb68b91d20b9afe9.zip |
Raise exception when calling to_h in a unfiltered Parameters
Before we returned either an empty hash or only the always permitted
parameters (:controller and :action by default).
The previous behavior was dangerous because in order to get the
attributes users usually fallback to use to_unsafe_h that could
potentially introduce security issues.
The to_unsafe_h API is also not good since Parameters is a object that
quacks like a Hash but not in all cases since to_h would return an empty
hash and users were forced to check if to_unsafe_h is defined or if the
instance is a ActionController::Parameters in order to work with it.
This end up coupling a lot of libraries and parts of the application
with something that is from the controller layer.
Diffstat (limited to 'actionpack/test/controller/mime')
0 files changed, 0 insertions, 0 deletions