[LRUG] Exception notifier and bots

Matthew Rudy Jacobs matthewrudyjacobs at gmail.com
Thu Jul 31 07:00:56 PDT 2008


only if you use attr_allowed

>> User.new("this" => "doesnt have a writer")
NoMethodError: undefined method `this=' for #<User:0x37b0d38>
    from
/Users/matthew/code/aspire/vendor/rails/activerecord/lib/active_record/attribute_methods.rb:201:in
`method_missing'

will always happen otherwise.

and doing :attr_allowed everywhere is a big hassle!

2008/7/31 Tom Stuart <tom at experthuman.com>

> On 31 Jul 2008, at 14:44, Matthew Rudy Jacobs wrote:
>
>> We get quite a few errors from bots trying to inject random stuff.
>> So they pump in params that don't exist, and we barf on them.
>>
>
> What Pratik said. Ideally the app won't actually barf (i.e. 500 error) no
> matter what params you throw at it.
>
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20080731/b27dc9b3/attachment-0003.html>


More information about the Chat mailing list