Help with whitelisting in rails

I'm clueless a开发者_StackOverflowbout whitelisting. Where do I put the

if %w(some valid input).include?(params[:input])
  # proceed with action
else
  # not in whitelist, throw error
end

and how do I call it from the submit action of a form?

I don't really know what you expect but this could be the job of a before_filter.

It'd keep your controller dry. See doc.

In your controller, try this:

before_filter :check_params, :only => [:index, :whatever_action_name]

def check_params
  raise ActionController::RoutingError.new('Missing params') unless %w(some valid input).include?(params[:input])
end