While I’m not insisting that everyone should use ActiveSupport::CurrentAttributes, I want to convey that it’s a viable option for those times when it’s really necessary!
Active Support’s CurrentAttributes: a really useful but hated Rails feature?
At Kaigi on Rails 2023, in Tokyo, Japan
Topics
Share on
![Sampo Kuokkanen]()
Sampo Kuokkanen
Head of Evil Martians Japan
Some people dislike ActiveSupport::CurrentAttributes, but it’s undeniably very convenient. It allows you to safely use the much-loved global variables within requests—a truly handy feature. I want to discuss why it might be disliked, touching on precautions and past security flaws, such as an instance where information leakage occurred with a Puma and Rails combination.
Video
Slides
Explore more events
- Irina Nazarova at EuRuKo 2024
Irina Nazarova at EuRuKo 2024
EuRuKo 2024Sarajevo, Bosnia and Herzegovina![Cover for Irina Nazarova at EuRuKo 2024]()
