| CARVIEW |
Select Language
HTTP/2 302
server: nginx
date: Mon, 25 Aug 2025 15:59:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
x-archive-redirect-reason: found capture at 20180610232554
location: https://web.archive.org/web/20180610232554/https://github.com/nateware/accept_params
server-timing: captures_list;dur=0.826534, exclusion.robots;dur=0.028115, exclusion.robots.policy;dur=0.013588, esindex;dur=0.013242, cdx.remote;dur=128.576143, LoadShardBlock;dur=553.120045, PetaboxLoader3.datanode;dur=244.015932, PetaboxLoader3.resolve;dur=98.746479
x-app-server: wwwb-app203
x-ts: 302
x-tr: 744
server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0
set-cookie: wb-p-SERVER=wwwb-app203; path=/
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
server-timing: MISS
x-nid: DigitalOcean
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
HTTP/2 200
server: nginx
date: Mon, 25 Aug 2025 15:59:28 GMT
content-type: text/html; charset=utf-8
x-archive-orig-server: GitHub.com
x-archive-orig-date: Sun, 10 Jun 2018 23:25:54 GMT
x-archive-orig-transfer-encoding: chunked
x-archive-orig-status: 200 OK
x-archive-orig-cache-control: no-cache
x-archive-orig-vary: X-PJAX
x-archive-orig-set-cookie: logged_in=no; domain=.github.com; path=/; expires=Thu, 10 Jun 2038 23:25:54 -0000; secure; HttpOnly
x-archive-orig-set-cookie: _gh_sess=Q3h0YkxpcGs1aEFXUWNOY3lzWXlKR2lLM0xVbEgxTi9GdWV2WElZYVVmQjB2UEZOZ3I1QmYyL2lCaGF4WUYyZ2s5aks4N3NSWHBsODBYUEFFdkcweGlkK290NURGRS9rMzZEVTYvT0U3OU1qYU14cXBTY3RwQ2d0OXRXeHc4MHBxcU5PTE9DVFlsOUlnU082NTVIVmZuSkFhYzJVeWJIaFR2N3M1bSs4Q01HNHdiUkxrWHF6cWFNbGtOTkp4UzFFc0pLUlhIR1Z5QmNVVW1mckVwQmNiVU81OVF3bTUzVnVhRHJPRkFBNXBuMGtlam9RYW04UStvS1hDY1EvNzdMbWVGSkJlUW90TDY4Vk43QU5mWkZTV3EwYm01UG9DVCs3bjRNRGx2dGp6WUJCV3h5UXk5SjgwVE1lbDRLQW5QMXlXZWZlLzQ0WDNiNDJwQUdaMlR4QUh1QmhwVi9TZnB0dDBDdE5NS0N3STFrMHVvQUVpOWJyd0ZZaFJMa24wWXE0MndKWHlsZzhVdWFJTmJQOXVkdUtDb052bldSblY5dUJybU5iaVNuM2lQZz0tLXgrSDJ4TXJqbVhEUnFlTmNPdVExNEE9PQ%3D%3D--88e165b62c509da3162b6033e1dc470a73852685; path=/; secure; HttpOnly
x-archive-orig-x-request-id: 08294202-2d0e-4c02-bba4-d2146c9c8878
x-archive-orig-x-runtime: 0.250593
x-archive-orig-strict-transport-security: max-age=31536000; includeSubdomains; preload
x-archive-orig-x-frame-options: deny
x-archive-orig-x-content-type-options: nosniff
x-archive-orig-x-xss-protection: 1; mode=block
x-archive-orig-expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
x-archive-orig-content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com status.github.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src assets-cdn.github.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: assets-cdn.github.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src assets-cdn.github.com; style-src 'unsafe-inline' assets-cdn.github.com
x-archive-orig-x-runtime-rack: 0.259460
x-archive-orig-x-github-request-id: 9946:57BE:4393CEC:7DD7287:5B1DB382
x-archive-guessed-content-type: text/html
x-archive-guessed-charset: utf-8
memento-datetime: Sun, 10 Jun 2018 23:25:54 GMT
link: ; rel="original", ; rel="timemap"; type="application/link-format", ; rel="timegate", ; rel="first memento"; datetime="Sun, 10 Jun 2018 23:25:54 GMT", ; rel="memento"; datetime="Sun, 10 Jun 2018 23:25:54 GMT", ; rel="next memento"; datetime="Thu, 26 Nov 2020 16:56:15 GMT", ; rel="last memento"; datetime="Thu, 26 Nov 2020 16:56:15 GMT"
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org athena.archive.org analytics.archive.org pragma.archivelab.org wwwb-events.archive.org
x-archive-src: archiveteam_github_20180704062559/archiveteam_github_20180704062559.megawarc.warc.gz
server-timing: captures_list;dur=0.793993, exclusion.robots;dur=0.026349, exclusion.robots.policy;dur=0.011727, esindex;dur=0.019787, cdx.remote;dur=155.293092, LoadShardBlock;dur=325.268915, PetaboxLoader3.datanode;dur=401.368195, load_resource;dur=287.331151, PetaboxLoader3.resolve;dur=157.969205
x-app-server: wwwb-app203
x-ts: 200
x-tr: 885
server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
server-timing: MISS
x-nid: DigitalOcean
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
content-encoding: gzip
GitHub - nateware/accept_params: Rails parameter whitelisting for controllers to increase security
Fetching latest commit…
Permalink
Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Rails parameter whitelisting for controllers to increase security
https://github.com/nateware/accept_params
Ruby
Clone or download
Launching GitHub Desktop...
If nothing happens, download GitHub Desktop and try again.
Launching GitHub Desktop...
If nothing happens, download GitHub Desktop and try again.
Launching Xcode...
If nothing happens, download Xcode and try again.
Launching Visual Studio...
If nothing happens, download the GitHub extension for Visual Studio and try again.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
| Failed to load latest commit information. | |||
|
lib | ||
|
|
spec | ||
|
|
tasks | ||
|
|
MIT-LICENSE | ||
|
|
README | ||
|
|
Rakefile | ||
|
|
init.rb | ||
|
|
install.rb | ||
|
|
uninstall.rb | ||
README
AcceptParams
============
This plugin adds parameter whitelisting, type checking, and validation at the controller level
to a Rails application. While model-level validations are good for some situations, in most
cases there are input parameters which are either not part or a model, or which you want to
verify before executing lots of (potentially unsafe) code just to have your model raise an
error. Examples include:
* page numbers for pagination
* search strings
In addition, this plugin provides several extended capabilities which come in handy:
* type checking of parameters (eg, integers vs strings)
* automatic type casting of parameters (helps with plugins such as +will_paginate+)
Example
=======
# GET /channels
# GET /channels.xml
def index
accept_params do |p|
p.integer :page, :default => 1, :minvalue => 1
p.integer :per_page, :default => 50, :minvalue => 1
end
end
# POST /rating
# POST /rating.xml
def create
accept_params do |p|
p.namespace :rating do |p|
p.integer :user_id, :required => true, :minvalue => 1
p.integer :rating, :required => true
p.string :comments, :process => Proc.new(value){ my_value_cleaner(value) }
end
end
@rating = Rating.new(params[:rating])
@rating.save
# format/response code
end
# GET /players/1
# GET /players/1.xml
def show
accept_only_id
@player = Player.find(params[:id])
respond_to do |format|
format.html # show.html.erb
format.xml { render :xml => @player }
end
end
Copyright (c) 2008 Nate Wiger, https://drunkgenius.com. All Rights Reserved.
This code is released under the Artistic License.
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.