bad query params to #range_limit action should not result in uncaught exception#305
Merged
bad query params to #range_limit action should not result in uncaught exception#305
Conversation
jrochkind
force-pushed
the
bad_range_limit_params
branch
from
1455ed9 to
e285ad4
Compare
… exception Note that raising these specific excpetions will be automatically turned by rails into BadRequest => http 400, and NotFound => http 404 response.
jrochkind
force-pushed
the
bad_range_limit_params
branch
from
e285ad4 to
4f74fe3
Compare
Member
Author
|
Sadly too late for beta2! |
Member
Author
|
Aha, requires some extra logic to work in BL 7.x too, forthcoming. This is why we have CI! |
jrochkind
added a commit
to sciencehistory/scihist_digicoll
that referenced
this pull request
Dec 4, 2024
seanaery
approved these changes
Dec 6, 2024
jrochkind
added a commit
to sciencehistory/scihist_digicoll
that referenced
this pull request
Jan 6, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Note that raising these specific excpetions will be automatically turned by rails into BadRequest => http 400, and NotFound => http 404 response.
The basic goal is that there should be no URL you can construct that will reuslt in an uncaught exception.
Because I hate it when my exception monitor alerts me for things that were random non-working URLs that some bot looking for vulnerabilities or malfunctioning came up with. They didn't find vulnerabilities, but they did find something that caused the logic to raise unexpectedly.
These are all cases seen in the exception monitor in my actual deployed production app; I've been catching/ignoring them locally.