Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor the files_controller.rb to use the strong parameters pattern. #4190

Open
4 tasks done
euler-room opened this issue Feb 27, 2025 · 0 comments
Open
4 tasks done

Refactor the files_controller.rb to use the strong parameters pattern. #4190

euler-room opened this issue Feb 27, 2025 · 0 comments
Milestone
Backlog

Comments

@euler-room
Copy link
Contributor

euler-room commented Feb 27, 2025
edited
Loading

The Files controller is not vetting incoming parameters. They are accessed throughout the file using params[:my_param]. This raises a some security concerns.

Acceptance Criteria:

  • Creates an action specific strong parameter method for each action:
def my_action_params
  params.permit(:id, :path, :etc)
end
  • Removes all instances of params[:blah_blah]
  • Loads params into the appropriate variable type for its use case (instance, local, etc)
  • Passes variables into shared methods
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
2 participants
@euler-room @osc-bot