rubyonrails security issues??????

i don't understand what you're asking... do you not want the id '5' to
appear in the url?

Unless you use those params in yr method [and you'd have to write code
to use them, so you'd know it] they're not being used anyhow.


Allow me to reiterate: Unless you specifically use them in your
controller methods, extra params on the url will _not_ be used and do
_not_ pose a security threat. Hope that clears things up.


Yah, but: (Sorry, I have to say this.) A dev who's unclear on how his
routes/URLs are generated, that's a security issue.

Let me try to actually be helpful, since I can't figure out where the
param's coming from either: I started David Black's PDF mini-book on
routing, it's quite good, tho i forgot to bring it with me :