RailsCasts Pro episodes are now free!

Learn more or hide this

codeduffer's Profile

GitHub User: codeduffer

Comments by

Avatar
codeduffer on #258 Token Fields (revised) 2013-12-01 09:50:09

Well I'm a comparative newbie here but with my limited Rails4 work I would suggest whitelisting by doing this (using Ryan's example). In the private area of the books controller add the author_ids to the book_params:

rails 
def book_params
 params.require(:book).permit( ... many attributes...., :author_ids => [])
end