This repository has been archived by the owner on Aug 17, 2017. It is now read-only.

No exception raised for forbidden attributes. #247

Open

bigtunacan opened this issue Mar 17, 2017 · 0 comments

bigtunacan commented Mar 17, 2017

I'm not getting any exceptions raised for forbidden attributes and mass assignment is still allowed.

I have done the following

Added the strong_parameters gem
Created initializers/strong_parameters.rb

ActiveRecord::Base.class_eval do include ActiveModel::ForbiddenAttributesProtection end

Added config.action_controller.action_on_unpermitted_parameters = :raise for all environments.
Removed all attr_accessible calls from models

The text was updated successfully, but these errors were encountered:

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.