diff options
Diffstat (limited to 'actionpack/lib/action_dispatch/http')
| -rw-r--r-- | actionpack/lib/action_dispatch/http/parameter_filter.rb | 2 | ||||
| -rw-r--r-- | actionpack/lib/action_dispatch/http/parameters.rb | 7 | ||||
| -rw-r--r-- | actionpack/lib/action_dispatch/http/request.rb | 12 |
3 files changed, 9 insertions, 12 deletions
diff --git a/actionpack/lib/action_dispatch/http/parameter_filter.rb b/actionpack/lib/action_dispatch/http/parameter_filter.rb index e826551f4b..01f1666b9b 100644 --- a/actionpack/lib/action_dispatch/http/parameter_filter.rb +++ b/actionpack/lib/action_dispatch/http/parameter_filter.rb @@ -1,3 +1,5 @@ +require 'active_support/core_ext/object/duplicable' + module ActionDispatch module Http class ParameterFilter diff --git a/actionpack/lib/action_dispatch/http/parameters.rb b/actionpack/lib/action_dispatch/http/parameters.rb index ff5031d7d5..3f0e51790c 100644 --- a/actionpack/lib/action_dispatch/http/parameters.rb +++ b/actionpack/lib/action_dispatch/http/parameters.rb @@ -44,7 +44,14 @@ module ActionDispatch def path_parameters=(parameters) #:nodoc: delete_header('action_dispatch.request.parameters') + + # If any of the path parameters has an invalid encoding then + # raise since it's likely to trigger errors further on. + Request::Utils.check_param_encoding(parameters) + set_header PARAMETERS_KEY, parameters + rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e + raise ActionController::BadRequest.new("Invalid path parameters: #{e.message}") end # Returns a hash with the \parameters used to form the \path of the request. diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb index b0ed681623..954dd4f354 100644 --- a/actionpack/lib/action_dispatch/http/request.rb +++ b/actionpack/lib/action_dispatch/http/request.rb @@ -66,24 +66,12 @@ module ActionDispatch def commit_cookie_jar! # :nodoc: end - def check_path_parameters! - # If any of the path parameters has an invalid encoding then - # raise since it's likely to trigger errors further on. - path_parameters.each do |key, value| - next unless value.respond_to?(:valid_encoding?) - unless value.valid_encoding? - raise ActionController::BadRequest, "Invalid parameter encoding: #{key} => #{value.inspect}" - end - end - end - PASS_NOT_FOUND = Class.new { # :nodoc: def self.action(_); self; end def self.call(_); [404, {'X-Cascade' => 'pass'}, []]; end } def controller_class - check_path_parameters! params = path_parameters if params.key?(:controller) |