Difference between revisions of "Mass Assignment"

Revision as of 22:14, 19 May 2012

Typically used in Ruby on Rails, sometimes people will use the following code to create an ActiveRecord object to add a database entry:

@user=User.new(params[:user])

</syntaxhighlight>

There have been problems with RoR in the past with mass assignment.

This article contains too little information, it should be expanded or updated.
Things you can do to help: add more content. update current content.

Revision as of 08:43, 19 May 2012 (view source) User (Talk \| contribs) ← Older edit		Revision as of 22:14, 19 May 2012 (view source) LashawnSeccombe (Talk \| contribs) Newer edit →
Line 7:		Line 7:
	There have been [[RoR_Patching#Params_Injection_.26_Mass_Assignment_Abuse\|problems]] with RoR in the past with [[RoR_Patching#Params_Injection_.26_Mass_Assignment_Abuse\|mass assignment]].		There have been [[RoR_Patching#Params_Injection_.26_Mass_Assignment_Abuse\|problems]] with RoR in the past with [[RoR_Patching#Params_Injection_.26_Mass_Assignment_Abuse\|mass assignment]].

−	~~[[Category:Exploitation]]~~	+	{{expand}}