ActionController::Parameters
Action Controller Parameters Allows you to choose which attributes should be whitelisted for mass updating and thus prevent accidentally exposing that which shouldn't be exposed. Provides two methods for this purpose: require and permit. The former is used to mark parameters as required. The latter is used to set the parameter as permitted and limit which attributes should be allowed for mass upda
ActionController::API (Ruby on Rails edge)
API Controller is a lightweight version of ActionController::Base, created for applications that don’t require all functionalities that a complete Rails controller provides, allowing you to create controllers with just the features that you need for API only applications. An API Controller is different from a normal controller in the sense that by default it doesn’t include a number of features th
Ruby on Rails 脆弱性解説 - CVE-2016-2098
はじめに 先日、HASHコンサルティング株式会社の徳丸浩氏のブログにて CVE-2016-2098 の解説記事が公開されました。 Ruby on Railsの潜在的なリモートスクリプトインジェクション脆弱性CVE-2016-2098 記事の元になったのは GitHub で公開された CVE-2016-2098 の PoC です。 GitHub - hderms/dh-CVE_2016_2098: Proof of concept showing how CVE-2016-2098 leads to remote code execution この PoC(dh-CVE_2016_2098) には不可解な点が見受けられました。(現在質問中、未回答) dh-CVE_2016_2098 と CVE-2016-2098 に関して調査を行い、以下の結論に至りました。 dh-CVE_2016_2098
Rails: Undefined method `flash' for ActionDispatch::Request
I'm trying to write an Ember application in Rails 4, and have decided to go with rails-api for the api controllers, while keeping the application controller intact for a few pages that aren't part of the single-page app. To put it in more concrete terms, here are my controllers: app/controllers/application_controller.rb: class ApplicationController < ActionController::Base protect_from_forgery end
Building a tested, documented and versioned JSON API using Rails 4 - Emil Soman's blog
Coder at Codemancers, Bangalore. GardenCityRubyConf organizer. Works with Ruby, JS, C++, AWS, Chef and Vim. Plays the guitar and sketches other times. Goals Use the leaner rails-api. This removes a lot of stuff Rails that you don't need for an API. This ensures that the API works for non-browser clients which do not support cookies. Also, there is no "View" layer that renders an HTML view for ever
ActionController::Redirecting
redirect_back(fallback_location:, allow_other_host: _allow_other_host, **args) Link Soft deprecated alias for redirect_back_or_to where the fallback_location location is supplied as a keyword argument instead of the first positional argument. # File actionpack/lib/action_controller/metal/redirecting.rb, line 122 def redirect_back(fallback_location:, allow_other_host: _allow_other_host, **args) red
ActionController::HttpAuthentication::Token
Ruby on Rails 8.0.2 Module ActionController::HttpAuthentication::Token actionpack/lib/action_controller/metal/http_authentication.rb HTTP Token authentication Simple Token example class PostsController < ApplicationController TOKEN = "secret" before_action :authenticate, except: [ :index ] def index render plain: "Everyone can see me!" end def edit render plain: "I'm only accessible if you know th
ActionController::ConditionalGet
Sets the Cache-Control header, overwriting existing directives. This method will also ensure an HTTP Date header for client compatibility. Defaults to issuing the private directive, so that intermediate caches must not cache the response. Options :public If true, replaces the default private directive with the public directive. :must_revalidate If true, adds the must-revalidate directive. :stale_w
Remove ActionController::TestCase from documentation · rails/rails@4414c5d
In Rails 5.1 `ActionController::TestCase` will be moved out of Rails into it's own gem. Please use `ActionDispatch::IntegrationTest` going foward. Because this will be moved to a gem I used `# :stopdoc:` instead of deleting the documentation. This will remove it from the Rails documentation but still leave the method documented for when we move it to a gem. Guides have been updated to use the rout
action_controller_overview.html#routing-parameters
In this guide, you will learn how controllers work and how they fit into the request cycle in your application. After reading this guide, you will know how to: Follow the flow of a request through a controller. Access parameters passed to your controller. Use Strong Parameters and permit values. Store data in the cookie, the session, and the flash. Work with action callbacks to execute code during
1
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
ActionController::StatusCodes - APIdock
Automating a redirect_to / flash cleanup ·
【Rails】パラメータからcreateするときにはまったところメモ - Qiita
Episode 36 - ActionController::Renderer | Drifting Ruby
undefined method `dig' for {}:ActionController::Parameters · Issue #23104 · rails/rails
GitHub - rails/strong_parameters: Taint and required checking for Action Pack and enforcement in Active Model