Put 'ActionDispatch::ParamsParser::DEFAULT_PARSERS={}' in application.rb or otherwise mitigate ASAP

Reading:

https://news.ycombinator.com/item?id=5002898

https://homakov.blogspot.com/2013/01/rails-security-digest-eli5.html

https://twitter.com/homakov

https://twitter.com/charliesome