Created
December 8, 2015 18:39
-
-
Save evanleck/1a09456364e205d12038 to your computer and use it in GitHub Desktop.
Simple Strong Parameters in Sinatra
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# A way to whitelist parameters. | |
# | |
# get '/', allows: [:id, :action] do | |
# erb :index | |
# end | |
# | |
# Modifies the parameters available in the request scope. | |
# Stashes unmodified params in @_params | |
# | |
app.set(:allows) do |*passable| | |
condition do | |
unless @params.empty? | |
@_params = @_params || @params # for safety | |
globals = settings.globally_allowed_parameters | |
passable = (globals | passable).map(&:to_sym) # make sure it's a symbol | |
# trim the params down | |
@params = @params.select do |param, _value| | |
passable.include?(param.to_sym) | |
end | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment