Another Reason to Avoid constantize in Rails

Backstory Recently, a friend asked me if just calling constantize on user input was dangerous, even if subsequent code did not use the result: 1 … The constantize method in Rails turns a string into a constant. If the constant does not exist then a NameError will be raised.However, it is possible to hook into the constant lookup process in Ruby by defining a const_missing method. If a constant cannot be found in a given module, and that module has const_missing defined, then const_missing will be invoked.
Another Reason to Avoid constantize in Rails #ruby #rails #rubyonrails #bosnia #programming #tutorials #rubydeveloper #railsdeveloper

Nezir Zahirovic

Freelance software developer Ruby On Rails (4 years) / MCPD .Net / C# / Asp.Net / CSS / SQL / (11 years)

related articles