New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle param-parsing errors from Rack that happen low down the stack #19632
Conversation
@rafaelfranca - I'm not sure who to ask to review this. Any advice? Doesn't look like anyone's touched the default middleware stack since 2013! |
👎 If we do this, the exception handlers now exist outside the logger, and are not going to see the correctly overridden method. (And miss out on the request ID, which at least some error reporting mechanisms surely use.) An application can obviously choose to make this trade-off locally, but I think it's fairer to default to invoking the error handler in a more realistic-looking environment. (I also suspect you'd need to be Rather Careful Indeed to write a handler that would function normally on a request so badly-formed that Rack::MethodOverride chokes.) |
@matthewd - since the |
Also, |
Actually, there's no reason @matthewd - does any of the above change your opinion? |
Relying on the "it's all just a big hash" situation to allow invoked-later middleware to munge the request out from under us makes me feel dirty. I also wouldn't count on it working with any future "rack 2", though that's not a direct concern today. I think I'd rather treat Rack::MethodOverride as too low-level to be allowed to raise such an error: call it a bug that it doesn't rescue and silently continue processing. But I'll back off to neutral. And I'm 👍 on the ExceptionWrapper change. |
It appears Team Rack has kindly merged your PR (and backported to 1-6-stable). If you want to trim this down to just the ExceptionWrapper change, this should be good to go too. 💙 |
@matthewd - updated, thanks! ❤️ |
Handle param-parsing errors from Rack that happen low down the stack
❤️ 💚 💙 💛 💜 |
Move
ActionDispatch::ShowExceptions
andActionDispatch::DebugExceptions
lower down the default middleware stack so they can catch Rack errors raised fromRack::MethodOverride
. Also adds the two errors Rack recommends integrators serve 400s for (Rack::Utils::ParameterTypeError
andRack::Utils::InvalidParameterError
) to the rescue_responses hash inExceptionWrapper
.We've been seeing some
Rack::Utils::InvalidParameterError
s coming fromRack::MethodOverride
(spec included), and it feels like they should be handled by Rails' exception handling, or by any customexception_app
s.