Sign in through GitHub

Please read for an updated status on RailsCasts:

Learn more or hide this

Federico M. Iachetti's Profile

GitHub User: iachettifederico

Comments by Federico M. Iachetti

Avatar

Thanks Mike ang Nik for your responses...

Nik's first interpretation was what I was reffering to, but I didn't consider the security of the controller (that I actually do in my projects). Feeling such a fool now! haha

Thanks

Avatar

Nice episode, but I have a doubt. If I have the Edit|Destroy links available at all times, but hidden using CSS, doesn't it mean that if I disable CSS from my browser I'll be able to "at as an admin"? (I mean, see the full page, including those links and all the other hidden "actions").