How to prevent Unpermitted parameters

Question

How to prevent Unpermitted parameters

181 views Asked by Sig At 05 September 2023 at 13:29

On a Rails 7.1 app, I have the form below

<%= form_with model: @post do |form| %>
  <%= form.text_area :body %>
  <%= form.submit %>
<% end %>

And the related action.

def update
  @post = Post.find(params[:id])

  if @post.update(post_params)
    ...
  end
end

private

def post_params
  params.require(:post).permit(:body)
end

When I submit the form, the following parameters are sent to the controller.

Parameters: {"authenticity_token"=>"[FILTERED]", "post"=>{"body"=>""}, "commit"=>"Update Post", "id"=>"1"}

Is there a way to prevent Unpermitted parameter to be raised?

Unpermitted parameters: :_method, :authenticity_token, :button, :id. Context: { controller: PostsController, action: update, request: #ActionDispatch::Request:0x0000000110733988, params: {"_method"=>"patch", "authenticity_token"=>"[FILTERED]", "post"=>{"body"=>""}, "commit"=>"Update Post", "controller"=>"posts", "action"=>"update", "id"=>"1"} }

Am I missing something here?

Original Q&A

There are 1 answers

**mechnicov** · Answer 1 · 2023-09-05T13:54:43+00:00

There is config for unpermitted parameters

# To take no action:
config.action_controller.action_on_unpermitted_parameters = false

# To emit an `ActiveSupport::Notifications.instrument` event
# on the `unpermitted_parameters.action_controller` topic
# and log at the DEBUG level:
config.action_controller.action_on_unpermitted_parameters = :log

# To raise a ActionController::UnpermittedParameters exception:
config.action_controller.action_on_unpermitted_parameters = :raise

You can choose needed

TechQA.

How to prevent Unpermitted parameters

There are 1 answers

Related Questions in RUBY-ON-RAILS

Related Questions in STRONG-PARAMETERS

Popular Questions

Popular Tags

Trending Questions