💎 Ruby on Rails Beginner

What is strong parameters in Rails?

Answer

Strong parameters (introduced in Rails 4) protect against mass assignment vulnerabilities by requiring explicit whitelisting of permitted attributes. In the controller, you use params.require(:user).permit(:name, :email, :password) before passing parameters to a model. Without strong parameters, an attacker could submit hidden fields (like admin: true) and modify any attribute. Strong parameters raise an ActionController::ForbiddenAttributesError if you try to pass unpermitted params directly to a model method like create or update.

Previous

What is the difference between render and redirect_to in Rails?

Next

What is ERB in Rails?

More Ruby on Rails Questions

View all →
All Ruby on Rails Questions Browse All Topics