While I’m not insisting that everyone should use ActiveSupport::CurrentAttributes
, I want to convey that it’s a viable option for those times when it’s really necessary!
![](/static/efe64e9bb012329a8e3b7cd0dd8b6e2b/13cfa/sampo-2.jpg)
Sampo Kuokkanen
Head of Evil Martians Japan
Some people dislike ActiveSupport::CurrentAttributes, but it’s undeniably very convenient. It allows you to safely use the much-loved global variables within requests—a truly handy feature. I want to discuss why it might be disliked, touching on precautions and past security flaws, such as an instance where information leakage occurred with a Puma and Rails combination.
While I’m not insisting that everyone should use ActiveSupport::CurrentAttributes
, I want to convey that it’s a viable option for those times when it’s really necessary!
We're experts at helping developer products grow, with a proven track record in UI design, product iterations, cost-effective scaling, and much more. We'll lay out a strategy before our engineers and designers leap into action.