12/03/30 08:20:23.45 8zaEmJo9
Railsのmass assignment対策 - うんたらかんたら日記
URLリンク(d.hatena.ne.jp)
config.active_record.whitelist_attributes will create
an empty whitelist of attributes available for mass-assignment
security for all models in your app.
URLリンク(guides.rubyonrails.org)
As such, your models will need to explicitly whitelist or blacklist
accessible parameters by using an attr_accessible or attr_protected declaration.
URLリンク(guides.rubyonrails.org)