rack-devel archive mirror (unofficial) https://groups.google.com/group/rack-devel
 help / color / mirror / code / Atom feed
* Invalid query string handling
@ 2009-11-23 12:41 Maciej Lotkowski
  2009-11-24  9:18 ` James Tucker
  2009-11-24  9:25 ` Magnus Holm
  0 siblings, 2 replies; 5+ messages in thread
From: Maciej Lotkowski @ 2009-11-23 12:41 UTC (permalink / raw)
  To: Rack Development

Hi,

recently I stumbled upon a problem:

require 'rubygems'
require 'rack'
require 'rack/mock'


app = lambda { |env|
  Rack::Request.new(env).GET
}
app.call(Rack::MockRequest.env_for("/kiszka?foo=&foo[option]=kiszka"))

The call raises an exception due the invalid query string

TypeError: expected Hash (got String) for param `_REQUEST'
    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
rack-1.0.1/lib/rack/utils.rb:93:in `normalize_params'
    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
rack-1.0.1/lib/rack/utils.rb:62:in `parse_nested_query'
    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
rack-1.0.1/lib/rack/utils.rb:60:in `each'
    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
rack-1.0.1/lib/rack/utils.rb:60:in `parse_nested_query'
    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
rack-1.0.1/lib/rack/request.rb:119:in `GET'

As a workaround I've created a middleware which creates a
Rack::Request
instance, calls GET, catches TypeError if there is any and returns
BadRequest
if an error occured. What is the "right" way to handle this? I think
it would be
better to throw some InvalidQueryString exception from
Rack::Request#GET,
wouldn't it?

--
Maciej Lotkowski

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Invalid query string handling
  2009-11-23 12:41 Invalid query string handling Maciej Lotkowski
@ 2009-11-24  9:18 ` James Tucker
  2009-11-24  9:41   ` Maciej Lotkowski
  2009-11-24  9:25 ` Magnus Holm
  1 sibling, 1 reply; 5+ messages in thread
From: James Tucker @ 2009-11-24  9:18 UTC (permalink / raw)
  To: rack-devel

[-- Attachment #1: Type: text/plain, Size: 1439 bytes --]


On 23 Nov 2009, at 12:41, Maciej Lotkowski wrote:

> Hi,
> 
> recently I stumbled upon a problem:
> 
> require 'rubygems'
> require 'rack'
> require 'rack/mock'
> 
> 
> app = lambda { |env|
>  Rack::Request.new(env).GET
> }
> app.call(Rack::MockRequest.env_for("/kiszka?foo=&foo[option]=kiszka"))

remove foo=<empty string> from the front of your query string.

> 
> The call raises an exception due the invalid query string
> 
> TypeError: expected Hash (got String) for param `_REQUEST'
>    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
> rack-1.0.1/lib/rack/utils.rb:93:in `normalize_params'
>    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
> rack-1.0.1/lib/rack/utils.rb:62:in `parse_nested_query'
>    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
> rack-1.0.1/lib/rack/utils.rb:60:in `each'
>    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
> rack-1.0.1/lib/rack/utils.rb:60:in `parse_nested_query'
>    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
> rack-1.0.1/lib/rack/request.rb:119:in `GET'
> 
> As a workaround I've created a middleware which creates a
> Rack::Request
> instance, calls GET, catches TypeError if there is any and returns
> BadRequest
> if an error occured. What is the "right" way to handle this? I think
> it would be
> better to throw some InvalidQueryString exception from
> Rack::Request#GET,
> wouldn't it?
> 
> --
> Maciej Lotkowski


[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 3679 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Invalid query string handling
  2009-11-23 12:41 Invalid query string handling Maciej Lotkowski
  2009-11-24  9:18 ` James Tucker
@ 2009-11-24  9:25 ` Magnus Holm
  1 sibling, 0 replies; 5+ messages in thread
From: Magnus Holm @ 2009-11-24  9:25 UTC (permalink / raw)
  To: rack-devel

Maybe we should have a Rack::BadRequest, which can be raised when needed?

//Magnus Holm



On Mon, Nov 23, 2009 at 13:41, Maciej Lotkowski
<maciej.lotkowski@gmail.com> wrote:
> Hi,
>
> recently I stumbled upon a problem:
>
> require 'rubygems'
> require 'rack'
> require 'rack/mock'
>
>
> app = lambda { |env|
>  Rack::Request.new(env).GET
> }
> app.call(Rack::MockRequest.env_for("/kiszka?foo=&foo[option]=kiszka"))
>
> The call raises an exception due the invalid query string
>
> TypeError: expected Hash (got String) for param `_REQUEST'
>    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
> rack-1.0.1/lib/rack/utils.rb:93:in `normalize_params'
>    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
> rack-1.0.1/lib/rack/utils.rb:62:in `parse_nested_query'
>    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
> rack-1.0.1/lib/rack/utils.rb:60:in `each'
>    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
> rack-1.0.1/lib/rack/utils.rb:60:in `parse_nested_query'
>    /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/
> rack-1.0.1/lib/rack/request.rb:119:in `GET'
>
> As a workaround I've created a middleware which creates a
> Rack::Request
> instance, calls GET, catches TypeError if there is any and returns
> BadRequest
> if an error occured. What is the "right" way to handle this? I think
> it would be
> better to throw some InvalidQueryString exception from
> Rack::Request#GET,
> wouldn't it?
>
> --
> Maciej Lotkowski
>

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Invalid query string handling
  2009-11-24  9:18 ` James Tucker
@ 2009-11-24  9:41   ` Maciej Lotkowski
  2009-11-24 10:22     ` James Tucker
  0 siblings, 1 reply; 5+ messages in thread
From: Maciej Lotkowski @ 2009-11-24  9:41 UTC (permalink / raw)
  To: rack-devel

On Tue, Nov 24, 2009 at 10:18 AM, James Tucker <jftucker@gmail.com> wrote:
> On 23 Nov 2009, at 12:41, Maciej Lotkowski wrote:
>
>> Hi,
>>
>> recently I stumbled upon a problem:
>>
>> require 'rubygems'
>> require 'rack'
>> require 'rack/mock'
>>
>>
>> app = lambda { |env|
>>  Rack::Request.new(env).GET
>> }
>> app.call(Rack::MockRequest.env_for("/kiszka?foo=&foo[option]=kiszka"))
>
> remove foo=<empty string> from the front of your query string.

It's not my query string, smeone just tries to flood my app with
strange requests.
But that's not the point.


On Tue, Nov 24, 2009 at 10:25 AM, Magnus Holm <judofyr@gmail.com> wrote:
> Maybe we should have a Rack::BadRequest, which can be raised when needed?

That's what I mean. TypeError isn't an exception which you can expect to raised
because of invalid request.

-- 
Maciej Lotkowski

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Invalid query string handling
  2009-11-24  9:41   ` Maciej Lotkowski
@ 2009-11-24 10:22     ` James Tucker
  0 siblings, 0 replies; 5+ messages in thread
From: James Tucker @ 2009-11-24 10:22 UTC (permalink / raw)
  To: rack-devel

[-- Attachment #1: Type: text/plain, Size: 1133 bytes --]


On 24 Nov 2009, at 09:41, Maciej Lotkowski wrote:

> On Tue, Nov 24, 2009 at 10:18 AM, James Tucker <jftucker@gmail.com> wrote:
>> On 23 Nov 2009, at 12:41, Maciej Lotkowski wrote:
>> 
>>> Hi,
>>> 
>>> recently I stumbled upon a problem:
>>> 
>>> require 'rubygems'
>>> require 'rack'
>>> require 'rack/mock'
>>> 
>>> 
>>> app = lambda { |env|
>>>  Rack::Request.new(env).GET
>>> }
>>> app.call(Rack::MockRequest.env_for("/kiszka?foo=&foo[option]=kiszka"))
>> 
>> remove foo=<empty string> from the front of your query string.
> 
> It's not my query string, smeone just tries to flood my app with
> strange requests.
> But that's not the point.
> 
> 
> On Tue, Nov 24, 2009 at 10:25 AM, Magnus Holm <judofyr@gmail.com> wrote:
>> Maybe we should have a Rack::BadRequest, which can be raised when needed?
> 
> That's what I mean. TypeError isn't an exception which you can expect to raised
> because of invalid request.

Combine this with the other issues in various request parsing discussions, I'm starting to think this wants to be pushed right into middleware.

> 
> -- 
> Maciej Lotkowski


[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 3679 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2009-11-24 10:22 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-11-23 12:41 Invalid query string handling Maciej Lotkowski
2009-11-24  9:18 ` James Tucker
2009-11-24  9:41   ` Maciej Lotkowski
2009-11-24 10:22     ` James Tucker
2009-11-24  9:25 ` Magnus Holm

Code repositories for project(s) associated with this inbox:

	https://80x24.org/mirrors/rack.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).