From mboxrd@z Thu Jan 1 00:00:00 1970 Delivered-To: chneukirchen@gmail.com Received: by 10.142.191.1 with SMTP id o1cs28612wff; Tue, 24 Nov 2009 01:18:33 -0800 (PST) Received: from mr.google.com ([10.90.190.16]) by 10.90.190.16 with SMTP id n16mr3091074agf.19.1259054312090 (num_hops = 1); Tue, 24 Nov 2009 01:18:32 -0800 (PST) Received: by 10.90.190.16 with SMTP id n16mr276976agf.19.1259054310706; Tue, 24 Nov 2009 01:18:30 -0800 (PST) X-BeenThere: rack-devel@googlegroups.com Received: by 10.213.77.68 with SMTP id f4ls129939ebk.2.p; Tue, 24 Nov 2009 01:18:29 -0800 (PST) Received: by 10.213.27.1 with SMTP id g1mr851130ebc.16.1259054309051; Tue, 24 Nov 2009 01:18:29 -0800 (PST) Received: by 10.213.27.1 with SMTP id g1mr851129ebc.16.1259054309024; Tue, 24 Nov 2009 01:18:29 -0800 (PST) Return-Path: Received: from mail-ew0-f227.google.com (mail-ew0-f227.google.com [209.85.219.227]) by gmr-mx.google.com with ESMTP id 12si523733ewy.2.2009.11.24.01.18.27; Tue, 24 Nov 2009 01:18:28 -0800 (PST) Received-SPF: pass (google.com: domain of jftucker@gmail.com designates 209.85.219.227 as permitted sender) client-ip=209.85.219.227; Received: by ewy27 with SMTP id 27so3071588ewy.36 for ; Tue, 24 Nov 2009 01:18:27 -0800 (PST) Received: by 10.216.90.141 with SMTP id e13mr2051131wef.166.1259054307707; Tue, 24 Nov 2009 01:18:27 -0800 (PST) Return-Path: Received: from ?192.168.1.107? (bb-87-81-237-21.ukonline.co.uk [87.81.237.21]) by mx.google.com with ESMTPS id n12sm11724630gve.14.2009.11.24.01.18.26 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 24 Nov 2009 01:18:26 -0800 (PST) From: James Tucker Mime-Version: 1.0 (Apple Message framework v1077) Content-Type: multipart/signed; boundary=Apple-Mail-3--573252380; protocol="application/pkcs7-signature"; micalg=sha1 Subject: Re: Invalid query string handling Date: Tue, 24 Nov 2009 09:18:25 +0000 In-Reply-To: <4f56a124-ba2c-4336-989b-7a8336dc98f4@v37g2000vbb.googlegroups.com> To: rack-devel@googlegroups.com References: <4f56a124-ba2c-4336-989b-7a8336dc98f4@v37g2000vbb.googlegroups.com> Message-Id: <8253528E-60BA-4C08-AB8D-3FDA8E65E223@gmail.com> X-Mailer: Apple Mail (2.1077) X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of jftucker@gmail.com designates 209.85.219.227 as permitted sender) smtp.mail=jftucker@gmail.com; dkim=pass (test mode) header.i=@gmail.com Reply-To: rack-devel@googlegroups.com Precedence: list Mailing-list: list rack-devel@googlegroups.com; contact rack-devel+owners@googlegroups.com List-ID: List-Post: , List-Help: , List-Archive: X-Thread-Url: http://groups.google.com/group/rack-devel/t/72a3361c049286ac X-Message-Url: http://groups.google.com/group/rack-devel/msg/d46d936044509c0c List-Unsubscribe: , List-Subscribe: , --Apple-Mail-3--573252380 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=us-ascii On 23 Nov 2009, at 12:41, Maciej Lotkowski wrote: > Hi, > > recently I stumbled upon a problem: > > require 'rubygems' > require 'rack' > require 'rack/mock' > > > app = lambda { |env| > Rack::Request.new(env).GET > } > app.call(Rack::MockRequest.env_for("/kiszka?foo=&foo[option]=kiszka")) remove foo= from the front of your query string. > > The call raises an exception due the invalid query string > > TypeError: expected Hash (got String) for param `_REQUEST' > /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/ > rack-1.0.1/lib/rack/utils.rb:93:in `normalize_params' > /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/ > rack-1.0.1/lib/rack/utils.rb:62:in `parse_nested_query' > /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/ > rack-1.0.1/lib/rack/utils.rb:60:in `each' > /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/ > rack-1.0.1/lib/rack/utils.rb:60:in `parse_nested_query' > /opt/ruby-enterprise-1.8.7-2009.10/lib/ruby/gems/1.8/gems/ > rack-1.0.1/lib/rack/request.rb:119:in `GET' > > As a workaround I've created a middleware which creates a > Rack::Request > instance, calls GET, catches TypeError if there is any and returns > BadRequest > if an error occured. What is the "right" way to handle this? I think > it would be > better to throw some InvalidQueryString exception from > Rack::Request#GET, > wouldn't it? > > -- > Maciej Lotkowski --Apple-Mail-3--573252380 Content-Disposition: attachment; filename=smime.p7s Content-Type: application/pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJljCCBEYw ggOvoAMCAQICEGb9R+PCGeToms2Z3fU6yyQwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCVVMx FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5 IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA1MTAyODAwMDAwMFoXDTE1MTAyNzIzNTk1OVow gd0xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp Z24gVHJ1c3QgTmV0d29yazE7MDkGA1UECxMyVGVybXMgb2YgdXNlIGF0IGh0dHBzOi8vd3d3LnZl cmlzaWduLmNvbS9ycGEgKGMpMDUxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDE3MDUG A1UEAxMuVmVyaVNpZ24gQ2xhc3MgMSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0EgLSBHMjCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMnfrOfq+PgDFMQAktXBfjbCPO98chXLwKuMPRyV zm8eECw/AO2XJua2x+atQx0/pIdHR0w+VPhs+Mf8sZ69MHC8l7EDBeqV8a1AxUR6SwWi8mD81zpl Yu//EHuiVrvFTnAt1qIfPO2wQuhejVchrKaZ2RHp0hoHwHRHQgv8xTTq/ea6JNEdCBU3otdzzwFB L2OyOj++pRpu9MlKWz2VphW7NQIZ+dTvvI8OcXZZu0u2Ptb8Whb01g6J8kn+bAztFenZiHWcec5g J925rXXOL3OVekA6hXVJsLjfaLyrzROChRFQo+A8C67AClPN1zBvhTJGG+RJEMJs4q8fef/btLUC AwEAAaOB/zCB/DASBgNVHRMBAf8ECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHFwEw KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTALBgNVHQ8EBAMCAQYw EQYJYIZIAYb4QgEBBAQDAgEGMC4GA1UdEQQnMCWkIzAhMR8wHQYDVQQDExZQcml2YXRlTGFiZWwz LTIwNDgtMTU1MB0GA1UdDgQWBBQRfV4ZfTwE32ps1qKKGj8x2DuUUjAxBgNVHR8EKjAoMCagJKAi hiBodHRwOi8vY3JsLnZlcmlzaWduLmNvbS9wY2ExLmNybDANBgkqhkiG9w0BAQUFAAOBgQA8o9oC YzrEk6qrctPcrVA4HgyeFkqIt+7r2f8PjZWg1rv6aguuYYTYaEeJ70+ssh9JQZtJM3aTi55uuUMc YL3C3Ioth8FFwBFyBBprJCpsb+f8BxMp0Hc6I+f1wYVoGb/GAVQgGa41gsxiPGEJxvTV67APpp8z hZrTcY5Qj5ndYjCCBUgwggQwoAMCAQICECeMlak0fpR8Io4+aS7PnaswDQYJKoZIhvcNAQEFBQAw gd0xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp Z24gVHJ1c3QgTmV0d29yazE7MDkGA1UECxMyVGVybXMgb2YgdXNlIGF0IGh0dHBzOi8vd3d3LnZl cmlzaWduLmNvbS9ycGEgKGMpMDUxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDE3MDUG A1UEAxMuVmVyaVNpZ24gQ2xhc3MgMSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0EgLSBHMjAeFw0w OTExMjAwMDAwMDBaFw0xMDExMjAyMzU5NTlaMIIBETEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4x HzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5j b20vcmVwb3NpdG9yeS9SUEEgSW5jb3JwLiBieSBSZWYuLExJQUIuTFREKGMpOTgxHjAcBgNVBAsT FVBlcnNvbmEgTm90IFZhbGlkYXRlZDEzMDEGA1UECxMqRGlnaXRhbCBJRCBDbGFzcyAxIC0gTmV0 c2NhcGUgRnVsbCBTZXJ2aWNlMRUwEwYDVQQDFAxKYW1lcyBUdWNrZXIxITAfBgkqhkiG9w0BCQEW EmpmdHVja2VyQGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOAB6yX/ 8ziknn0eW8pEvxNyz16y+pkpvHXtm09QNWS9UpWuyq2j1HDDW91sLqcla79IxYDGjRuuerfVLuFw 16lvZyENeb+NoajnA1Paow+taYqKuSQMNVjVFiy2ZPcZREKFOUUB+GkYLz6ErZ/2CB8esdB11Xya r/S2/8Qm3VM4xwaAf0Thq5zKimnkM+yXZEicYV8Ny+IxnxDMEvzolqJVdfMGnlbhcv1LFj96Rt9v kuV/J4lpmDTP1SXlIqprPFD4rC8Q54ktnhBjZt4jQkQ/RRE3f4GhnACpomSzjmw99Com6gT1/YaL tT00yCMwCxrGxgYT8em2XZ79HaIpW20CAwEAAaOBzDCByTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDsw OQYLYIZIAYb4RQEHFwEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3Jw YTALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMEoGA1UdHwRDMEEw P6A9oDuGOWh0dHA6Ly9JbmRDMURpZ2l0YWxJRC1jcmwudmVyaXNpZ24uY29tL0luZEMxRGlnaXRh bElELmNybDANBgkqhkiG9w0BAQUFAAOCAQEALH+Csg+lKzykCtckS9T/1M/b2LYbn1egArQeg1WN cj2xWet7/4eM+nnswKcQNYgDOI8hb6dwkB/aPPR/D9buUyQZzSeCoXFEpnAMFGcp5q2mxELBjHiu toKCBAKYjV9X8kcJYnW6ypJG+9UOL8JXEYU42i16UAQCizljT+lubYefVudNKNzpcTPbGJ0lF0zh q/HN5lEPBAhJsj8P79zMy96YQdLNli0ulVDwdv761+kyCtZlV3bBtQM9YHXBArUDC0Dr3ByzkrBG rKvVf+VmRXf82ytatHKNGantVZ51jhKTBylmm0OqVI/ZIS/IzGtKcTlakp91R5EuLI4NY6RKgjGC BIswggSHAgEBMIHyMIHdMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAd BgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBo dHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTA1MR4wHAYDVQQLExVQZXJzb25hIE5vdCBW YWxpZGF0ZWQxNzA1BgNVBAMTLlZlcmlTaWduIENsYXNzIDEgSW5kaXZpZHVhbCBTdWJzY3JpYmVy IENBIC0gRzICECeMlak0fpR8Io4+aS7PnaswCQYFKw4DAhoFAKCCAm0wGAYJKoZIhvcNAQkDMQsG CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDkxMTI0MDkxODI1WjAjBgkqhkiG9w0BCQQxFgQU Ds0qJTTCq2wU4zQv/4I5d+5bUlYwggEDBgkrBgEEAYI3EAQxgfUwgfIwgd0xCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29y azE7MDkGA1UECxMyVGVybXMgb2YgdXNlIGF0IGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEg KGMpMDUxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDE3MDUGA1UEAxMuVmVyaVNpZ24g Q2xhc3MgMSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0EgLSBHMgIQJ4yVqTR+lHwijj5pLs+dqzCC AQUGCyqGSIb3DQEJEAILMYH1oIHyMIHdMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24s IEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9m IHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTA1MR4wHAYDVQQLExVQZXJz b25hIE5vdCBWYWxpZGF0ZWQxNzA1BgNVBAMTLlZlcmlTaWduIENsYXNzIDEgSW5kaXZpZHVhbCBT dWJzY3JpYmVyIENBIC0gRzICECeMlak0fpR8Io4+aS7PnaswDQYJKoZIhvcNAQEBBQAEggEAwg0C e1dB+pRNVtYgGskegTrX2gZXIRgmDTJQ2O83fvfjjfqcLL0tlCVDwMQwgrR85IqF/GOAbgsLJC0h Cie2nKVuawXAbNIHoRyNH8oeBqpGYB+hDrVCCEvqZLV7JyNqO2T5GFNF2xta2FUiFKlqUflqMWst P/3a1zxanPtU8jkUAUQy/6IF2yNGpCUkS+qtSwnI8V6FANPoS+6bKOCdsizGwcFuJzAFR8tZmkkd mL7UGD4P41FTTWxxLfKjs4E5ikL2EldI1OLXigtow4xB3/DugeQ72axw9b9wsKTYysnhNpqv6o6n iypMWBgCvX4Y3fKcT7i0C3UMZWbINj7+IQAAAAAAAA== --Apple-Mail-3--573252380--