Created
April 17, 2011 08:04
-
-
Save liwh/923839 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Make sure that you don't allow attributes to be mass assigned from Backbone saves -- always whitelist and validate your incoming attributes. We use a helper function like this: | |
| def pick(hash, *keys) | |
| filtered = {} | |
| hash.each do |key, value| | |
| filtered[key.to_sym] = value if keys.include?(key.to_sym) | |
| end | |
| filtered | |
| end | |
| model.update_attributes pick(params, :title, :description) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment