Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Posted November 24, 2013 10:01am by

Rails 4 - Strong Params not working

Hi there,

I've had a browse through the forums and seen that since Rails 4, strong params have been implemented as the security feature to prevent mass assignment, superseding attr_accessible, and that it should be configured in controllers within the app directory.

However, in my statuses_controller.rb file, my code is as follows:

private # Use callbacks to share common setup or constraints between actions. def set_status @status = Status.find(params[:id]) end

# Never trust parameters from the scary internet, only allow the white list through.
def status_params
  params.require(:status).permit( :content)
end

And yet, I don't get any method errors when going through the tutorials, such as Creating Relationships. Why are the params such as user_id passing even though they're not explicitly whitelisted?

Thanks,

Amir

Posting to the forum is only allowed for members with active accounts.
Please sign in or sign up to post.

Welcome to the Treehouse Community

Looking to learn something new?

Amir Moosavi

Amir Moosavi

Rails 4 - Strong Params not working