Mark M.


60 Experience
0 Lessons Completed
0 Questions Solved


Posted in Go Rails' Stripe lesson and strong params

Thanks for such a detailed response, Chris!

Posted in Go Rails' Stripe lesson and strong params


I recently watched the Go Rails Stripe tutorial. In it, Chris creates subscriptions like this:

def create_subscription
  customer = # set customer...
  subscription = # create subscription...

  # Set initial subscription information
    card_last4:     params[:last4],
    card_exp_month: params[:exp_month],
    card_exp_year:  params[:exp_year],
    card_brand:     params[:card_brand],
    # ...

Is this a secure approach for Rails 5 since we're not using strong params? I'm initially thinking yes (since we're explicitly setting which params can be updated by user.update) but I wanted to double-check with all of you since I'm new to Rails.


logo Created with Sketch.

Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more. Icons by Icons8

© 2022 GoRails, LLC. All rights reserved.