What’s the most recommended technique for guarding Rails HTTP params?
For example, something like this can obviously be dangerous (e.g. SQL
user_account = UserAccount.find(:first, :conditions => [“username =
I am about to write a home-grown validation routine to check for string
lengths, data types (e.g. numeric versus string, depending on what I’m
expecting), etc. but I wasn’t sure if there are existing
plugins/libraries out there.
I was considering writing something like this:
id = validate_params(params[:id], “string”, 10) # 10 being