Why don't we validate controller parameters?

07-Mar-2019 1830
Strong parameters have their supporters and critics. Whether you use them or not, you still should remember about validating values. params.require(:user).permit(:first_name, :last_name) is usually not enough to make Ruby on Rails application secure enough.My reflections came from an issue that happened to me recently. I made a silly typo and it was enough to cause an avalanche of 500 errors which could have been easily avoided. A microservice I was working on made synchronous HTTP POST requests to Ruby on Rails application. One of the required parameters was class name. After receiving a request it was converted to a concrete instance of a class:.
Use coupon code:

RUBYONRAILS

to get 30% discount on our bundle!
Prepare for your next tech interview with our comprehensive collection of programming interview guides. Covering JavaScript, Ruby on Rails, React, and Python, these highly-rated books offer thousands of essential questions and answers to boost your interview success. Buy our 'Ultimate Job Interview Preparation eBook Bundle' featuring 2200+ questions across multiple languages. Ultimate Job Interview Preparation eBook Bundle