[LRUG] Exception notifier and bots
Matthew Rudy Jacobs
matthewrudyjacobs at gmail.com
Thu Jul 31 07:01:45 PDT 2008
attr_accessible, rather
2008/7/31 Matthew Rudy Jacobs <matthewrudyjacobs at gmail.com>
> only if you use attr_allowed
>
> >> User.new("this" => "doesnt have a writer")
> NoMethodError: undefined method `this=' for #<User:0x37b0d38>
> from
> /Users/matthew/code/aspire/vendor/rails/activerecord/lib/active_record/attribute_methods.rb:201:in
> `method_missing'
>
> will always happen otherwise.
>
> and doing :attr_allowed everywhere is a big hassle!
>
> 2008/7/31 Tom Stuart <tom at experthuman.com>
>
>> On 31 Jul 2008, at 14:44, Matthew Rudy Jacobs wrote:
>>
>> We get quite a few errors from bots trying to inject random stuff.
>>> So they pump in params that don't exist, and we barf on them.
>>>
>>
>> What Pratik said. Ideally the app won't actually barf (i.e. 500 error) no
>> matter what params you throw at it.
>>
>> _______________________________________________
>> Chat mailing list
>> Chat at lists.lrug.org
>> http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20080731/2040b801/attachment.html>
More information about the Chat
mailing list