diff options
| author | Egor Homakov <homakov@gmail.com> | 2012-04-24 17:05:26 +0400 |
|---|---|---|
| committer | Egor Homakov <homakov@gmail.com> | 2012-04-24 17:05:26 +0400 |
| commit | f70d95ebd5b1389f1a308ae1e5b02179f87cd599 (patch) | |
| tree | 399c9a799ecffc01c9ba4cb849f411a6bbd9cde3 /railties | |
| parent | 481ed89305cb3ae6051c7198169f6fdd814e9d6c (diff) | |
| download | rails-f70d95ebd5b1389f1a308ae1e5b02179f87cd599.tar.gz rails-f70d95ebd5b1389f1a308ae1e5b02179f87cd599.tar.bz2 rails-f70d95ebd5b1389f1a308ae1e5b02179f87cd599.zip | |
Deleting insecure and "bad practice" code. related: http://homakov.blogspot.com/2012/04/whitelist-your-routes-match-is-evil.html
Diffstat (limited to 'railties')
| -rw-r--r-- | railties/lib/rails/generators/rails/app/templates/config/routes.rb | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/railties/lib/rails/generators/rails/app/templates/config/routes.rb b/railties/lib/rails/generators/rails/app/templates/config/routes.rb index ea81748464..24026cf324 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/routes.rb +++ b/railties/lib/rails/generators/rails/app/templates/config/routes.rb @@ -3,11 +3,11 @@ # first created -> highest priority. # Sample of regular route: - # match 'products/:id' => 'catalog#view' + # get 'products/:id' => 'catalog#view' # Keep in mind you can assign values other than :controller and :action # Sample of named route: - # match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase + # get 'products/:id/purchase' => 'catalog#purchase', :as => :purchase # This route can be invoked with purchase_url(:id => product.id) # Sample resource route (maps HTTP verbs to controller actions automatically): @@ -52,7 +52,4 @@ # See how all your routes lay out with "rake routes" - # This is a legacy wild controller route that's not recommended for RESTful applications. - # Note: This route will make all actions in every controller accessible via GET requests. - # match ':controller(/:action(/:id))(.:format)' end |