diff options
author | Simone Carletti <weppos@weppos.net> | 2019-07-26 21:27:32 +0200 |
---|---|---|
committer | Rafael França <rafael@franca.dev> | 2019-07-26 15:27:32 -0400 |
commit | 6ea09841f26bd3f247706641e635ac853265f62a (patch) | |
tree | deca3f5045c2a6f623745c86b2dbac60e377484a /activesupport/test/security_utils_test.rb | |
parent | 0eff6956a55882817f67c8d471d32ed3e4b109ee (diff) | |
download | rails-6ea09841f26bd3f247706641e635ac853265f62a.tar.gz rails-6ea09841f26bd3f247706641e635ac853265f62a.tar.bz2 rails-6ea09841f26bd3f247706641e635ac853265f62a.zip |
Fix error 500 caused by ActionController::RoutingError (via fail-safe) when POST parameters are invalid (#29985)
* Reproduce error caused by malformed parameters
Error:
RequestFormat#test_format_does_not_throw_exceptions_when_invalid_POST_parameters:
ActionDispatch::Http::Parameters::ParseError: 765: unexpected token at '{record:{content:24.12.1.146}}'
/Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/parameters.rb:113:in `rescue in parse_formatted_parameters'
/Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/parameters.rb:107:in `parse_formatted_parameters'
/Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/request.rb:360:in `block in POST'
/Users/weppos/.rvm/gems/ruby-2.3.3/gems/rack-2.0.3/lib/rack/request.rb:57:in `fetch'
/Users/weppos/.rvm/gems/ruby-2.3.3/gems/rack-2.0.3/lib/rack/request.rb:57:in `fetch_header'
/Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/request.rb:359:in `POST'
/Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/parameters.rb:53:in `parameters'
/Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/mime_negotiation.rb:62:in `block in formats'
/Users/weppos/.rvm/gems/ruby-2.3.3/gems/rack-2.0.3/lib/rack/request.rb:57:in `fetch'
/Users/weppos/.rvm/gems/ruby-2.3.3/gems/rack-2.0.3/lib/rack/request.rb:57:in `fetch_header'
/Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/mime_negotiation.rb:60:in `formats'
/Users/weppos/Mirrors/rails/actionpack/test/dispatch/request_test.rb:891:in `block in <class:RequestFormat>'
See GH-29983
* Capture parameter parsing error output and test it
This change prevents the log to be displayed in the tests.
Moreover, the assertion against the debug ensures that
the test effectively triggers the parsing error as expected.
* Use a generic value in the test
* Switch to assert_match
[Simone Carletti + Rafael Mendonça França]
Diffstat (limited to 'activesupport/test/security_utils_test.rb')
0 files changed, 0 insertions, 0 deletions