Shouldn't everything in the application controller be protected by default?
I just realized that my app can be called like this: www.myapp.com/application/method and it actually tries to run that method inside my application controller.
Is everyone else just adding "protected" at the top?
Thanks, Chad
Shouldn't everything in the application controller be protected by default?
I just realized that my app can be called like this: www.myapp.com/application/method and it actually tries to run that method inside my application controller.
Is everyone else just adding "protected" at the top?
I agree I handle things the same way, but the application controller public by default? That seems like a potential security risk for rails web applications since EVERYONE has an application controller out of the box.
cheers
Yes! Public/protected/private method visibility is a natural way to distinguish actions from their supporting methods. No need to introduce a special case here to sully that consistency.
jeremy
fair enough. done.
Keep up to date with Rails on Twitter and This Week in Rails
Policies: Conduct, License, Maintenance, Security, Trademarks