New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Potential bug in routes #1788

Closed
cyclotron3k opened this Issue Oct 14, 2014 · 2 comments

Comments

Projects
None yet
2 participants
@cyclotron3k

cyclotron3k commented Oct 14, 2014

I'm not sure if this is a padrino issue, something with the underlying sinatra, or even just a problem with my understanding, but I'll describe the steps I took to recreate the problem.

After creating a fresh padrino project following the steps listed on the padrino landing page, update app.rb to include:

enable :sessions
set :protection, true
set :protect_from_csrf, false
set :allow_disabled_csrf, true

get '/' do
    "Hello World"
end

put '/b/:b/:c', :csrf_protection => false do
    logger.warn params.inspect
    "Hello World"
end

get %r{/b/(?<aa>\w+)/(?<bb>\w+)} do
    logger.warn params.inspect
    "Hello World"
end

Once that's done, you should notice that:

GET localhost:3000/b/x/y HTTP/1.1
..will succeed

and
PUT localhost:3000/b/x/y HTTP/1.1
...will also succeed

The next step is to reverse the order of the get and the put: e.g.

enable :sessions
set :protection, true
set :protect_from_csrf, false
set :allow_disabled_csrf, true

get '/' do
    "Hello World"
end

get %r{/b/(?<aa>\w+)/(?<bb>\w+)} do
    logger.warn params.inspect
    "Hello World"
end

put '/b/:b/:c', :csrf_protection => false do
    logger.warn params.inspect
    "Hello World"
end

Now...

GET localhost:3000/b/x/y HTTP/1.1
..will succeed

and
PUT localhost:3000/b/x/y HTTP/1.1
...will fail with the following error message and stack trace:

NameError - undefined local variable or method `params' for #<HttpRouter::Node::Root:0x007f8b172fa298>:
(eval):184:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/http_router-0.11.1/lib/http_router.rb:288:in `raw_call'
/usr/local/lib/ruby/gems/2.0.0/gems/http_router-0.11.1/lib/http_router.rb:142:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/padrino-core-0.11.2/lib/padrino-core/application/routing.rb:1014:in `route!'
/usr/local/lib/ruby/gems/2.0.0/gems/padrino-core-0.11.2/lib/padrino-core/application/routing.rb:999:in `block in dispatch!'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:1058:in `block in invoke'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:1058:in `catch'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:1058:in `invoke'
/usr/local/lib/ruby/gems/2.0.0/gems/padrino-core-0.11.2/lib/padrino-core/application/routing.rb:997:in `dispatch!'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:898:in `block in call!'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:1058:in `block in invoke'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:1058:in `catch'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:1058:in `invoke'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:898:in `call!'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:886:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-protection-1.5.3/lib/rack/protection/xss_header.rb:18:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-protection-1.5.3/lib/rack/protection/base.rb:49:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-protection-1.5.3/lib/rack/protection/base.rb:49:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-protection-1.5.3/lib/rack/protection/path_traversal.rb:16:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-protection-1.5.3/lib/rack/protection/json_csrf.rb:18:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-protection-1.5.3/lib/rack/protection/base.rb:49:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-protection-1.5.3/lib/rack/protection/base.rb:49:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-protection-1.5.3/lib/rack/protection/frame_options.rb:31:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-1.5.2/lib/rack/head.rb:11:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-1.5.2/lib/rack/methodoverride.rb:21:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/padrino-core-0.11.2/lib/padrino-core/reloader.rb:337:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/padrino-core-0.11.2/lib/padrino-core/logger.rb:405:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/show_exceptions.rb:21:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-1.5.2/lib/rack/session/abstract/id.rb:225:in `context'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-1.5.2/lib/rack/session/abstract/id.rb:220:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:2014:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:1478:in `block in call'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:1788:in `synchronize'
/usr/local/lib/ruby/gems/2.0.0/gems/sinatra-1.4.5/lib/sinatra/base.rb:1478:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/padrino-core-0.11.2/lib/padrino-core/router.rb:83:in `block in call'
/usr/local/lib/ruby/gems/2.0.0/gems/padrino-core-0.11.2/lib/padrino-core/router.rb:76:in `each'
/usr/local/lib/ruby/gems/2.0.0/gems/padrino-core-0.11.2/lib/padrino-core/router.rb:76:in `call'
/usr/local/lib/ruby/gems/2.0.0/gems/rack-1.5.2/lib/rack/handler/webrick.rb:60:in `service'
/usr/local/lib/ruby/2.0.0/webrick/httpserver.rb:138:in `service'
/usr/local/lib/ruby/2.0.0/webrick/httpserver.rb:94:in `run'
/usr/local/lib/ruby/2.0.0/webrick/server.rb:295:in `block in start_thread'

@namusyaka namusyaka added the bug label Oct 14, 2014

@namusyaka namusyaka self-assigned this Oct 14, 2014

@namusyaka namusyaka closed this in 75c0f93 Oct 14, 2014

@namusyaka

This comment has been minimized.

Show comment
Hide comment
@namusyaka

namusyaka Oct 14, 2014

Member

@cyclotron3k Thanks for the report! Fixed. Please use edge version of padrino.

Member

namusyaka commented Oct 14, 2014

@cyclotron3k Thanks for the report! Fixed. Please use edge version of padrino.

@cyclotron3k

This comment has been minimized.

Show comment
Hide comment
@cyclotron3k

cyclotron3k Oct 14, 2014

Wow, that was fast!

cyclotron3k commented Oct 14, 2014

Wow, that was fast!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment