An issue for consideration
Brendan Taylor
whateley at gmail.com
Fri May 23 19:21:34 EDT 2008
On Fri, May 23, 2008 at 04:20:21PM +1000, Bluebie, Jenna wrote:
> This should help. include Camping::ControllerSecurity in your controllers
> module or your Camping (or whatever Camping.goes has turned it in to)
> module, after requiring this:
>
>> module Camping
>> module ControllerSecurity
>> def service(*a)
>> @method = 'get' unless ['get', 'post', 'delete',
>> 'head'].include?(@method.to_s.downcase)
>> super(*a)
>> end
>> end
>> end
>
>
> And the world should feel safe again, I think. I haven't really tested it
> properly, but what could go wrong? It certainly isn't making my app break.
You missed PUT :)
I can imagine situations where you'd want to be able to use more
esoteric HTTP methods (like OPTIONS, or any of WebDAV's many extension
methods). I don't have a better solution though, and this may be Good
Enough™.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://rubyforge.org/pipermail/camping-list/attachments/20080523/56d7b37e/attachment.bin>
More information about the Camping-list
mailing list