From 36053ce92c7077a8061d34f938bd82c478ee44a3 Mon Sep 17 00:00:00 2001 From: Yves Senn Date: Tue, 26 Nov 2013 14:50:44 +0100 Subject: sync example and documentation for strong_parameters hash whitelisting. [ci skip] This is a follow up to #12609 and integrates #12158. Thanks @aspiers. Closes #12158. --- guides/source/action_controller_overview.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'guides/source') diff --git a/guides/source/action_controller_overview.md b/guides/source/action_controller_overview.md index de9ead78a6..4252b5ee9a 100644 --- a/guides/source/action_controller_overview.md +++ b/guides/source/action_controller_overview.md @@ -321,10 +321,12 @@ in mind. It is not meant as a silver bullet to handle all your whitelisting problems. However you can easily mix the API with your own code to adapt to your situation. -Imagine a scenario where you want to whitelist an attribute -containing a hash with any keys. Using strong parameters you can't -allow a hash with any keys but you can use a simple assignment to get -the job done: +Imagine a scenario where you have parameters representing a product +name and a hash of arbitrary data associated with that product, and +you want to whitelist the product name attribute but also the whole +data hash. The strong parameters API doesn't let you directly +whitelist the whole of a nested hash with any keys, but you can use +the keys of your nested hash to declare what to whitelist: ```ruby def product_params @@ -988,7 +990,7 @@ you should also note the following things: * Failing to close the response stream will leave the corresponding socket open forever. Make sure to call `close` whenever you are using a response stream. * WEBrick servers buffer all responses, and so including `ActionController::Live` - will not work. You must use a web server which does not automatically buffer + will not work. You must use a web server which does not automatically buffer responses. Log Filtering -- cgit v1.2.3