Permalink
Browse files

Return a 405 response for unknown HTTP methods

  • Loading branch information...
1 parent 07acf7b commit ec462b4de7904e0e55a312940e88b9e825bf955c Lewis Marshall committed Apr 22, 2013
View
@@ -1,5 +1,10 @@
## Rails 4.0.0 (unreleased) ##
+* Return a 405 Method Not Allowed response when a request contains an unknown
+ HTTP method.
+
+ *Lewis Marshall*
+
* Add support for extracting the port from the `:host` option passed to `url_for`.
*Andrew White*
@@ -9,6 +9,7 @@ class ExceptionWrapper
'ActionController::RoutingError' => :not_found,
'AbstractController::ActionNotFound' => :not_found,
'ActionController::MethodNotAllowed' => :method_not_allowed,
+ 'ActionController::UnknownHttpMethod' => :method_not_allowed,
'ActionController::NotImplemented' => :not_implemented,
'ActionController::UnknownFormat' => :not_acceptable,
'ActionController::InvalidAuthenticityToken' => :unprocessable_entity,
@@ -29,6 +29,8 @@ def call(env)
raise RuntimeError
when "/method_not_allowed"
raise ActionController::MethodNotAllowed
+ when "/unknown_http_method"
+ raise ActionController::UnknownHttpMethod
when "/not_implemented"
raise ActionController::NotImplemented
when "/unprocessable_entity"
@@ -113,6 +115,10 @@ def setup
assert_response 405
assert_match(/ActionController::MethodNotAllowed/, body)
+ get "/unknown_http_method", {}, {'action_dispatch.show_exceptions' => true}
+ assert_response 405
+ assert_match(/ActionController::UnknownHttpMethod/, body)
+
get "/bad_request", {}, {'action_dispatch.show_exceptions' => true}
assert_response 400
assert_match(/ActionController::BadRequest/, body)
@@ -10,6 +10,8 @@ def call(env)
raise AbstractController::ActionNotFound
when "/method_not_allowed"
raise ActionController::MethodNotAllowed
+ when "/unknown_http_method"
+ raise ActionController::UnknownHttpMethod
when "/not_found_original_exception"
raise ActionView::Template::Error.new('template', AbstractController::ActionNotFound.new)
else
@@ -41,6 +43,10 @@ def call(env)
get "/method_not_allowed", {}, {'action_dispatch.show_exceptions' => true}
assert_response 405
assert_equal "", body
+
+ get "/unknown_http_method", {}, {'action_dispatch.show_exceptions' => true}
+ assert_response 405
+ assert_equal "", body
end
test "localize rescue error page" do

0 comments on commit ec462b4

Please sign in to comment.