class ActiveRecord::Base
Private Instance Methods
write_attribute(attr_name, value)
click to toggle source
# File lib/rails-security-backports/rails-cve-backports/cve-2013-0277.rb, line 4 def write_attribute(attr_name, value) attr_name = attr_name.to_s if (column = column_for_attribute(attr_name)) && column.number? @attributes[attr_name] = convert_number_column_value(value) else if self.class.serialized_attributes[attr_name] && value.is_a?(String) && value =~ /^---/ raise ActiveRecordError, "You tried to assign already serialized content to #{attr_name}. This is disabled due to security issues." end @attributes[attr_name] = value end end