Forum: Ruby on Rails Question on routes and default routes

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
Rails D. (Guest)
on 2009-03-15 18:25
Say I have a destroy action configured as the following '/foos/:id', :controller => 'foos', :action => 'show',
:conditions => { :method => :get } '/foos/:id', :controller => 'foos', :action => 'destroy',
:conditions => { :method => :delete }

Get on foos/:id goes to show and delete on foos/:id goes to destroy.
Nice and restful so all good so far.

But now say if i have the following default route in my routes.rb

map.connect ':controller/:action/:id'

Now someone can explicitly type in the url http://.../foos/destroy/123
and it will go to my destroy action in controller foos although this
action should only be accessed by a POST/DELETE not a GET.

Is there anyway to prevent a get on that action other than checking
within the controller itself?

def destroy
  return home_url unless method.delete?

Brandon O. (Guest)
on 2009-03-15 22:15
(Received via mailing list)

I'm kind of new to rails, but I'm pretty sure it is suggested that you
remove those defaults, and only create routes explicitly.

Bob M. (Guest)
on 2009-03-15 22:35
(Received via mailing list)
If you are going to go with a Restful design, why not just you

On Mar 15, 11:25 am, Rails D. <removed_email_address@domain.invalid>
"Wolas!" (Guest)
on 2009-03-16 13:20
(Received via mailing list)
It is NOT suggested that the defaults be removed like Brandond says.

It IS suggested that you use map.resources :foos. Which will give you
what you want.

if you, however, want to check explicitely for the method of and
action you can do things like:

def some_action
    render(:text => "you shouldnt be trying this") and return unless
This topic is locked and can not be replied to.