开发者

Help with whitelisting in rails

开发者 https://www.devze.com 2023-03-19 09:59 出处:网络
I\'m clueless a开发者_StackOverflowbout whitelisting. Where do I put the if %w(some valid input).include?(params[:input])

I'm clueless a开发者_StackOverflowbout whitelisting. Where do I put the

if %w(some valid input).include?(params[:input])
  # proceed with action
else
  # not in whitelist, throw error
end

and how do I call it from the submit action of a form?


I don't really know what you expect but this could be the job of a before_filter.

It'd keep your controller dry. See doc.

In your controller, try this:

before_filter :check_params, :only => [:index, :whatever_action_name]

def check_params
  raise ActionController::RoutingError.new('Missing params') unless %w(some valid input).include?(params[:input])
end
0

精彩评论

暂无评论...
验证码 换一张
取 消