Skip to main content

Return to Answer

The slice! method takes keys that are to be kept in the modified hash. In this case, the original author was explaining how slice will help define an approve list instead of a deny list. I changed the argument names to reflect that.
Source Link
edit approved Oct 16, 2020 at 0:03
Fralcon
edit approved Oct 16, 2020 at 0:03
Fralcon
  • 489
  • 6
  • 15

While using Hash#except handles your problem, be aware that it introduces potential security issues. A good rule of thumb for handling any data from visitors is to use a whitelist approach. In this case, using Hash#slice instead.

params.slice!(:param_to_remove_1param_to_keep_1, :param_to_remove_2param_to_keep_2) redirect_to my_path(params)

While using Hash#except handles your problem, be aware that it introduces potential security issues. A good rule of thumb for handling any data from visitors is to use a whitelist approach. In this case, using Hash#slice instead.

params.slice!(:param_to_remove_1, :param_to_remove_2) redirect_to my_path(params)

While using Hash#except handles your problem, be aware that it introduces potential security issues. A good rule of thumb for handling any data from visitors is to use a whitelist approach. In this case, using Hash#slice instead.

params.slice!(:param_to_keep_1, :param_to_keep_2) redirect_to my_path(params)
clarified parameters by improving names and added code block
Source Link
edit approved Jan 24, 2017 at 14:55
jsa
edit approved Jan 24, 2017 at 14:55
jsa
  • 1.2k
  • 11
  • 24

While using Hash#exceptHash#except handles your problem, be aware that it introduces potential security issues. A good rule of thumb for handling any data from visitors is to use a whitelist approach. In this case, using Hash#sliceHash#slice instead.

params.slice!(:desired_param_1, :desired_param_2)

redirect_to my_path(params)

params.slice!(:param_to_remove_1, :param_to_remove_2) redirect_to my_path(params)

While using Hash#except handles your problem, be aware that it introduces potential security issues. A good rule of thumb for handling any data from visitors is to use a whitelist approach. In this case, using Hash#slice instead.

params.slice!(:desired_param_1, :desired_param_2)

redirect_to my_path(params)

While using Hash#except handles your problem, be aware that it introduces potential security issues. A good rule of thumb for handling any data from visitors is to use a whitelist approach. In this case, using Hash#slice instead.

params.slice!(:param_to_remove_1, :param_to_remove_2) redirect_to my_path(params)
Source Link
user190125
user190125

While using Hash#except handles your problem, be aware that it introduces potential security issues. A good rule of thumb for handling any data from visitors is to use a whitelist approach. In this case, using Hash#slice instead.

params.slice!(:desired_param_1, :desired_param_2)

redirect_to my_path(params)