Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
c3
on June 13, 2012
|
parent
|
context
|
favorite
| on:
Ruby on Rails SQL Injection
It's only a security problem if you're using the Model#where form. If you're doing Model#all or #each or whatever, you're fine.
omgsean
on June 13, 2012
[–]
Are you sure? That's what I thought at first, but was the .where form even available in versions before 3.0?
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
