Is it safe to accept URL parameters for populating the `url_for` method?

Question

I am using Ruby on Rails 4.1.1 and I am thinking to accept parameters (through URL query strings) that are passed directly to the url_for method, this way:

Answer 1

It's not exactly an answer, just wanted to point out that you shouldn't use something like

url_for(params)

because one could pass host and port as params and thus the url could lead to another site and it can get worse if it gets cached or something.

Don't know if it threatens anything, but hey, it's worth pointing out