Chris Kampmeier
2007-Jun-23 13:10 UTC
Raising a more approprriate error when rescuing RoutingError
Hello,
I''d like to rescue ActionController::RoutingError and, depending on
context, raise a more appropriate error.
A slightly contrived example: I''ve been seeing a lot of requests for
.php files. There''s no PHP on my server, and all of these requests are
script kiddie scans looking for known-exploitable scripts. So, in this
special case, I want to raise something like Ruby''s built-in
SecurityError instead. This would make my logged exceptions more useful.
So I tried this:
# in application.rb
def rescue_action_in_public(e)
case e
when ActionController::RoutingError
if request.path =~ /\.php$/
raise SecurityError, "PHP request"
else
super
end
# [snip: handle more exceptions here]
else
super
end
end
Unfortunately, this blows up and I get the failsafe 500:> DISPATCHER FAILSAFE RESPONSE (has cgi) Sat Jun 23 04:51:28 -0700 2007
> Status: 500 Internal Server Error
> No route matches "/test.php" with {:method=>:get}
> [snip: usual stack trace for a RoutingError]
The strange thing is, if I try this with an error other than
RoutingError, it works as expected. (For example, substituting in
ActiveRecord::RecordNotFound, and a request like /users/99999.php, with
routing to match ''/users/:id.:format''.)
I suppose this might have something to do with how early a RoutingError
gets raised in the request cycle. But, I can confirm that
rescue_action_in_public is getting called (log.debug statement in there
works as expected).
Thoughts? Thanks for reading, I know that was long.
Chris Kampmeier
http://kampers.net
--
Posted via http://www.ruby-forum.com/.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---