From f1e86a051f5f170c3ab8153f7875269c3395d34b Mon Sep 17 00:00:00 2001
From: Kir Shatrov <shatrov@me.com>
Date: Tue, 30 Aug 2016 11:51:19 -0400
Subject: Do not allow to_param on AC::Parameters

---
 actionpack/lib/action_controller/metal/strong_parameters.rb | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'actionpack/lib')

diff --git a/actionpack/lib/action_controller/metal/strong_parameters.rb b/actionpack/lib/action_controller/metal/strong_parameters.rb
index d62e01d185..f315d93939 100644
--- a/actionpack/lib/action_controller/metal/strong_parameters.rb
+++ b/actionpack/lib/action_controller/metal/strong_parameters.rb
@@ -2,6 +2,7 @@ require "active_support/core_ext/hash/indifferent_access"
 require "active_support/core_ext/hash/transform_values"
 require "active_support/core_ext/array/wrap"
 require "active_support/core_ext/string/filters"
+require "active_support/core_ext/object/to_query"
 require "active_support/rescuable"
 require "action_dispatch/http/upload"
 require "rack/test"
@@ -410,6 +411,8 @@ module ActionController
       convert_hashes_to_parameters(key, @parameters[key])
     end
 
+    undef_method :to_param
+
     # Assigns a value to a given +key+. The given key may still get filtered out
     # when +permit+ is called.
     def []=(key, value)
-- 
cgit v1.2.3