|
|
|
|
|
|
by soveran
5218 days ago
|
|
|
> I always felt that "it's up to the developer to do the right thing" violates the normal Rails convention over configuration principles, but I also weigh breaking a large % of existing Rails apps in a way that is not easy to quickly fix heavily. It can be argued that those apps were already broken. Nobody should complain against a security fix. |
|
|