following a RoR security tutorial (here), i wrote something along the lines of
@@private_re = //
def secure?
action_name =~ @@private_re
end
the idea is that in the base case, this shouldn't match anything, and return nil. problem is that it doesn't. i've worked around for the time being by using a nonsensical string, but i'd like to know the answer.
The empty regular expression successfully matches every string.
Examples of regular expressions that will always fail to match:
/(?=a)b//\Zx\A//[^\s\S]/It is meant to not change the behavior of the controller in any way, as // will match every string.
The idea is that @@private is meant to be set in the controller to match things you DO want to be private. Thus, that code is meant to do nothing, but when combined with
@@private = /.../ in the controller, gives you a nice privacy mechanism.