Strong Parameters is a mechanism added from Rails 4 series to improve security. A security measure that prevents an attacker from executing unintended code by not receiving anything other than the specified value.
When submitting data from a form, there is a security issue called a "mass assignment vulnerability". Simply put, it is a vulnerability in which an unauthorized request changes an unexpected value when sending data. Rails provides a "Strong Parameters" mechanism to prevent this vulnerability.
It is like this. Be sure to write Strong parameters below private.
class UsersController < ApplicationController def create user = User.new(user_params) end private def user_params params.require(:user).permit(:name, :email) end end
Simply put, even if the value (parameter) related to user is sent, only "name" and "email" are allowed.