Hacker News new | ask | show | jobs
by masklinn 5003 days ago
> This isn't a Rails issue, it can affect any web framework.

Not exactly. Most web frameworks don't have a built-in "mass assignment", let alone enable it by default.
1 comments
untog 5003 days ago
Well, true. I wonder how many people pass their models straight into a schema-less database without any checks?
link