Rails 4, Strong Parameters, and Deprecation of the attr_accessible Macro
The attr_accessible macro has long been a Rails mainstay, playing a major role in preventing malicious access of sensitive model attributes. However it (and its sibling attr_protected) was deprecated in Rails 4 in preference of a new approach known as “strong parameters”. In the latest Easy Active Record blog entry I introduce strong parameters, explaining why attr_accessible was inconvenient and demonstrating the advantages gained by the new strong parameters approach.
Post a comment