19 Mar '12, 6pm

blogged about TaintedHash, 1 more step to prevent mass assignment bugs:

Having a common pattern is a great idea, as well as other organizational patterns in use (testing, code review, etc). But, we felt like we needed something that would force compliance with safe handling of user input in web controllers. Something that works with what we're already doing, but can't be thwarted by someone writing lazy code. Keep in mind, this person may be someone from the past, that already shipped the code long before common patterns were in place.

Full article: http://techno-weenie.net/2012/3/19/ending-the-mass-assign...

Tweets

Episode 26: Hackers Love Mass Assignment (revised)

railscasts.com 09 Mar '12, 1am

#26 Hackers Love Mass Assignment (revised) Mar 08, 2012 | 6 minutes | Security , Active Record , Models One of the most co...

A different approach to Rails mass-assignment s...

rubyflow.com 10 Mar '12, 10pm

A different approach to Rails mass-assignment security Posted by jordoh on March 10, 2012 — 0 comments Read this blog post...