Skip to content
This repository

ArgumentError: invalid %-encoding on invalid post data #520

Closed
knusul opened this Issue February 18, 2013 · 1 comment

2 participants

Jakub Nieznalski James Tucker
Jakub Nieznalski

When you send a post with data which will be invalid percent-encoded string(e.g. 'curl --data 'param1=value1%' localhost:3000' ) rack will brake with message:
Rack app error: #, but should respond with 400(or strip invalid chars?)
This is reproducible with rack 1.4.5, webrick, puma, unicorn, apache+modrails.

ref: #337

James Tucker
Owner
raggi commented April 22, 2013

Please see my comment on the thread you mentioned:

Puma, Thin, Webrick, Unicorn all return a 400 Bad Request before this hits Rack.

The SPEC says that PATH_INFO may be percent encoded, but it is expected to be valid. This may not be 100% clear in the spec at this time.

If an invalid PATH_INFO hits rack, then 500 is the correct response, as this is a server error, that has been caused by an invalid request.

Rack does not create response tuples for you in these cases. When you call Rack helpers, you should handle any exceptions raised from them in the manner that you want.

When servers allow through invalid data in segments that should be validated, this is a server error.

Here's a working config.ru:

class App
  def call env
    [200, {'Content-Type' => 'text/plain'}, ["hello world"]]
  end
end

run App.new

And the resultant response:

% curl --data 'param1=value1%' http://localhost:9292/
hello world
James Tucker raggi closed this April 22, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.