#27947 was intended to address Post.order(params[:order]) which leading to SQL injection. But the protection caused very annoying warnings, especially for calling by a string literal which invoke a...