aboutsummaryrefslogtreecommitdiffstats
path: root/actionview
diff options
context:
space:
mode:
Diffstat (limited to 'actionview')
-rw-r--r--actionview/lib/action_view/helpers/url_helper.rb5
-rw-r--r--actionview/test/template/url_helper_test.rb6
2 files changed, 5 insertions, 6 deletions
diff --git a/actionview/lib/action_view/helpers/url_helper.rb b/actionview/lib/action_view/helpers/url_helper.rb
index 304db38060..70fc57c35f 100644
--- a/actionview/lib/action_view/helpers/url_helper.rb
+++ b/actionview/lib/action_view/helpers/url_helper.rb
@@ -621,11 +621,6 @@ module ActionView
# # => [{name: 'country[name]', value: 'Denmark'}]
def to_form_params(attribute, namespace = nil)
attribute = if attribute.respond_to?(:permitted?)
- unless attribute.permitted?
- raise ArgumentError, "Attempting to generate a button from non-sanitized request parameters!" \
- " Whitelist and sanitize passed parameters to be secure."
- end
-
attribute.to_h
else
attribute
diff --git a/actionview/test/template/url_helper_test.rb b/actionview/test/template/url_helper_test.rb
index 09454b32cc..a6444a1686 100644
--- a/actionview/test/template/url_helper_test.rb
+++ b/actionview/test/template/url_helper_test.rb
@@ -231,7 +231,11 @@ class UrlHelperTest < ActiveSupport::TestCase
end
def to_h
- { foo: :bar, baz: "quux" }
+ if permitted?
+ { foo: :bar, baz: "quux" }
+ else
+ raise ArgumentError
+ end
end
end