A very useful plugin by Scott A. Woods.
validate_request plugin allows us to check the request method and parameters that are used to call your action.
For Example consider an add_to_cart action as:
def add_to_cart @product = Product.find(params[:id]) @cart.add_product(@product) end
The link to add an item to our cart should like store/add_to_cart/nnn, where nnn is an integer. There will be an error if some one intentionaly enter store/add_to_cart/some_string_here.
ValidateRequest allows us to double check these things, and act appropriately. For instance, we could solve the above problem by adding one line to our action:
def add_to_cart validate_request(:get, :id => :integer) or return @product = Product.find(params[:id]) @cart.add_product(@product) end
The validate_request method will now verify that incoming requests are via the GET method, and that they contain one argument called â€˜idâ€™ whose value is an integer. If any of these conditions arenâ€™t true, the requester is redirected to the siteâ€™s home page (configurable, of course), and flash[:error] is set with a polite message (also configurable).
Install the plugin by running the following commands from your rails applicationâ€™s directory:
./script/plugin source svn://rubyforge.org//var/svn/validaterequest/plugins ./script/plugin install validate_request
For more details visit http://rubyforge.org/projects/validaterequest/