Update changelogs to add entries about strong_parameters integration
This commit is contained in:
parent
7c2d33bd86
commit
1f4c89fbde
@ -1,5 +1,19 @@
|
||||
## Rails 4.0.0 (unreleased) ##
|
||||
|
||||
* Add `ActionController::StrongParameters`, this module converts `params` hash into
|
||||
an instance of ActionController::Parameters that allows whitelisting of permitted
|
||||
parameters. Non-permitted parameters are forbidden to be used in Active Model by default
|
||||
For more details check the documentation of the module or the
|
||||
[strong_parameters gem](https://github.com/rails/strong_parameters)
|
||||
|
||||
*DHH + Guillermo Iguaran*
|
||||
|
||||
* Remove Integration between `attr_accessible`/`attr_protected` and
|
||||
`ActionController::ParamsWrapper`. ParamWrapper now wraps all the parameters returned
|
||||
by the class method attribute_names
|
||||
|
||||
*Guillermo Iguaran*
|
||||
|
||||
* Fix #7646, the log now displays the correct status code when an exception is raised.
|
||||
|
||||
*Yves Senn*
|
||||
|
@ -1,5 +1,16 @@
|
||||
## Rails 4.0.0 (unreleased) ##
|
||||
|
||||
* Add `ActiveModel::ForbiddenAttributesProtection`, a simple module to
|
||||
protect attributes from mass assignment when non-permitted attributes are passed.
|
||||
|
||||
*DHH + Guillermo Iguaran*
|
||||
|
||||
* `ActiveModel::MassAssignmentSecurity` has been extracted from Active Model and the
|
||||
`protected_attributes` gem should be added to Gemfile in order to use
|
||||
`attr_accessible` and `attr_protected` macros in your models.
|
||||
|
||||
*Guillermo Iguaran*
|
||||
|
||||
* Due to a change in builder, nil values and empty strings now generates
|
||||
closed tags, so instead of this:
|
||||
|
||||
|
@ -1,5 +1,19 @@
|
||||
## Rails 4.0.0 (unreleased) ##
|
||||
|
||||
* `ActiveModel::ForbiddenAttributesProtection` is included by default
|
||||
in Active Record models. Check the docs of `ActiveModel::ForbiddenAttributesProtection`
|
||||
for more details.
|
||||
|
||||
*Guillermo Iguaran*
|
||||
|
||||
* Remove integration between Active Record and
|
||||
`ActiveModel::MassAssignmentSecurity`, `protected_attributes` gem
|
||||
should be added to use `attr_accessible`/`attr_protected`. Mass
|
||||
assignment options has been removed from all the AR methods that
|
||||
used it (ex. AR::Base.new, AR::Base.create, AR::Base#update_attributes, etc)
|
||||
|
||||
*Guillermo Iguaran*
|
||||
|
||||
* Fix the return of querying with an empty hash.
|
||||
Fix #6971.
|
||||
|
||||
|
@ -1,5 +1,16 @@
|
||||
## Rails 4.0.0 (unreleased) ##
|
||||
|
||||
* Add `config.action_controller.permit_all_parameters` to disable
|
||||
StrongParameters protection, it's false by default.
|
||||
|
||||
*Guillermo Iguaran*
|
||||
|
||||
* Remove `config.active_record.whitelist_attributes` and
|
||||
`config.active_record.mass_assignment_sanitizer` from new applications since
|
||||
MassAssignmentSecurity has been extracted from Rails.
|
||||
|
||||
*Guillermo Iguaran*
|
||||
|
||||
* Change `rails new` and `rails plugin new` generators to name the `.gitkeep` files
|
||||
as `.keep` in a more SCM-agnostic way.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user