Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rails 5 generating deprecation warning when using strong parameter #362

Open
cesarjr opened this issue Jul 3, 2016 · 12 comments
Open

Rails 5 generating deprecation warning when using strong parameter #362

cesarjr opened this issue Jul 3, 2016 · 12 comments

Comments

@cesarjr
Copy link

cesarjr commented Jul 3, 2016
edited by solnic
Loading

I'm using Rails 5 and this deprecation warning is been shown:

DEPRECATION WARNING: Method to_hash is deprecated and will be removed in Rails 5.1, as ActionController::Parameters no longer inherits from hash. Using this deprecated behavior exposes potential security problems. If you continue to use this method you may be creating a security vulnerability in your app that can be exploited. Instead, consider using one of these documented methods which are not deprecated: http://api.rubyonrails.org/v5.0.0/classes/ActionController/Parameters.html

This is my code:

track = API::Tracker::Track.new(track_params)

And this is my work around:

track = API::Tracker::Track.new(track_params.to_h)

Is there any permanent solution?
@cesarjr cesarjr changed the title Rails 5 generating warning when using strong parameter Rails 5 generating deprecation warning when using strong parameter Jul 3, 2016
@greenmindPDX
Copy link

@cesarjr are your track_params coming in as standard ActionController::Parameters before you run to_h?

@envygeeks
Copy link
Contributor

@solnic want to push a new version or add me to the gem so I can?

@solnic
Copy link
Owner

solnic commented Jul 13, 2016

@envygeeks just added you to rubygems.org as a new gem owner so you can push releases

@dgilperez
Copy link

Any fix for this?

@envygeeks
Copy link
Contributor

Ah I forgot about this issue, I'll add it to my todo for this week.

@jayceef jayceef mentioned this issue Sep 20, 2016
Open
@nbulaj
Copy link

nbulaj commented Dec 6, 2016

Sooo?

@zuzannast
Copy link

+1

1 similar comment
@antnettleship
Copy link

+1

@blakeperdue
Copy link

+1 I'm using this code:

<%= params.except(:controller, :action).merge(rating: i).to_param %>

but am getting the same deprecation warning on to_param method. But, I've read the link and googled for an hour and have found no alternatives to achieve what I want (add a new get param to existing params and putting them into this format:

param=value&param2=value&param3=value

@mgidea
Copy link

mgidea commented Jul 25, 2017

changing

def coerce(attributes)
      ::Hash.try_convert(attributes) or raise(
        NoMethodError, "Expected #{attributes.inspect} to respond to #to_hash"
      )
end

to

def coerce(attributes)
      (attributes.respond_to?(:permitted?) ? attributes.to_h : ::Hash.try_convert(attributes) or raise(
        NoMethodError, "Expected #{attributes.inspect} to respond to #to_hash"
      )
end

in AttributeSet

should fix the deprecation

@danielbecker
Copy link

danielbecker commented Aug 1, 2017
edited
Loading

+1
Created a pr for this: #382

@danielbecker danielbecker mentioned this issue Aug 1, 2017
Open
@krisleech
Copy link
Contributor

You can do this in your Virtus model:

def initialize(attributes)
  super(attributes.to_h)
end

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests