Merge pull request #28734 from rafaelfranca/strong-parameters

Improve the upgrade path of Strong Parameters

2 files changed, 5 insertions, 6 deletions

diff --git a/actionview/lib/action_view/helpers/url_helper.rb b/actionview/lib/action_view/helpers/url_helper.rb
index 304db38060..70fc57c35f 100644
--- a/actionview/lib/action_view/helpers/url_helper.rb
+++ b/actionview/lib/action_view/helpers/url_helper.rb
@@ -621,11 +621,6 @@ module ActionView
         #   # => [{name: 'country[name]', value: 'Denmark'}]
         def to_form_params(attribute, namespace = nil)
           attribute = if attribute.respond_to?(:permitted?)
-            unless attribute.permitted?
-              raise ArgumentError, "Attempting to generate a button from non-sanitized request parameters!" \
-                " Whitelist and sanitize passed parameters to be secure."
-            end
-
             attribute.to_h
           else
             attribute
diff --git a/actionview/test/template/url_helper_test.rb b/actionview/test/template/url_helper_test.rb
index 09454b32cc..a6444a1686 100644
--- a/actionview/test/template/url_helper_test.rb
+++ b/actionview/test/template/url_helper_test.rb
@@ -231,7 +231,11 @@ class UrlHelperTest < ActiveSupport::TestCase
     end
 
     def to_h
-      { foo: :bar, baz: "quux" }
+      if permitted?
+        { foo: :bar, baz: "quux" }
+      else
+        raise ArgumentError
+      end
     end
   end