class ActiveRecord::Base

Private Instance Methods

write_attribute(attr_name, value) click to toggle source
# File lib/rails-security-backports/rails-cve-backports/cve-2013-0277.rb, line 4
def write_attribute(attr_name, value)
  attr_name = attr_name.to_s
  if (column = column_for_attribute(attr_name)) && column.number?
    @attributes[attr_name] = convert_number_column_value(value)
  else
    if self.class.serialized_attributes[attr_name] && value.is_a?(String) && value =~ /^---/
      raise ActiveRecordError, "You tried to assign already serialized content to #{attr_name}. This is disabled due to security issues."
    end
    @attributes[attr_name] = value
  end
end