Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "Mass Assignment"
From NetSec
GertieUbpgdd (Talk | contribs) |
|||
| Line 5: | Line 5: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| − | There have been [[RoR_Patching#Params_Injection_.26_Mass_Assignment_Abuse|problems]] with RoR in the past with [[RoR_Patching#Params_Injection_.26_Mass_Assignment_Abuse|mass assignment]]. | + | There have been [[RoR_Patching#Params_Injection_.26_Mass_Assignment_Abuse|problems]] with RoR in the past with [[RoR_Patching#Params_Injection_.26_Mass_Assignment_Abuse|mass assignment]]. |
| − | + | ||
Revision as of 03:43, 16 May 2012
Typically used in Ruby on Rails, sometimes people will use the following code to create an ActiveRecord object to add a database entry:
<syntaxhighlight lang=ruby>
@user=User.new(params[:user])
</syntaxhighlight>
There have been problems with RoR in the past with mass assignment.
