app/models/choice_mapping.rb
Mass assignment is not restricted using attr_accessible Open
Open
class ChoiceMapping < ActiveRecord::Base
- Read upRead up
- Exclude checks
This warning comes up if a model does not limit what attributes can be set through mass assignment.
In particular, this check looks for attr_accessible
inside model definitions. If it is not found, this warning will be issued.
Brakeman also warns on use of attr_protected
- especially since it was found to be vulnerable to bypass. Warnings for mass assignment on models using attr_protected
will be reported, but at a lower confidence level.
Note that disabling mass assignment globally will suppress these warnings.
Avoid using rescue
in its modifier form. Open
Open
choice.label rescue super
- Read upRead up
- Exclude checks
This cop checks for uses of rescue in its modifier form.
Example:
# bad
some_method rescue handle_error
# good
begin
some_method
rescue
handle_error
end