***Strong parameters** ([commit](https://github.com/rails/rails/commit/a8f6d5c6450a7fe058348a7f10a908352bb6c7fc)) - Only allow allowlisted parameters to update model objects (`params.permit(:title, :text)`).
***Strong parameters** ([commit](https://github.com/rails/rails/commit/a8f6d5c6450a7fe058348a7f10a908352bb6c7fc)) - Only allow trusted parameters to update model objects (`params.permit(:title, :text)`).
***Routing concerns** ([commit](https://github.com/rails/rails/commit/0dd24728a088fcb4ae616bb5d62734aca5276b1b)) - In the routing DSL, factor out common subroutes (`comments` from `/posts/1/comments` and `/videos/1/comments`).
***ActionController::Live** ([commit](https://github.com/rails/rails/commit/af0a9f9eefaee3a8120cfd8d05cbc431af376da3)) - Stream JSON with `response.stream`.
***Declarative ETags** ([commit](https://github.com/rails/rails/commit/ed5c938fa36995f06d4917d9543ba78ed506bb8d)) - Add controller-level etag additions that will be part of the action etag computation.
All these configuration options are delegated to the `I18n` library.
*`config.i18n.available_locales`allowlists the available locales for the app. Defaults to all locale keys found in locale files, usually only `:en` on a new application.
*`config.i18n.available_locales`defines the available locales for the app. Defaults to all locale keys found in locale files, usually only `:en` on a new application.
*`config.i18n.default_locale` sets the default locale of an application used for i18n. Defaults to `:en`.
...
...
@@ -444,7 +444,7 @@ The schema dumper adds two additional configuration options:
*`config.action_controller.action_on_unpermitted_parameters` enables logging or raising an exception if parameters that are not explicitly permitted are found. Set to `:log` or `:raise` to enable. The default value is `:log` in development and test environments, and `false` in all other environments.
*`config.action_controller.always_permitted_parameters` sets a list of allowlisted parameters that are permitted by default. The default values are `['controller', 'action']`.
*`config.action_controller.always_permitted_parameters` sets a list of allowed parameters that are permitted by default. The default values are `['controller', 'action']`.
*`config.action_controller.enable_fragment_cache_logging` determines whether to log fragment cache reads and writes in verbose format as follows: