I''m using exception_notifier to get an email when a 500 error occurs in production. Lately I''m seeing a lot of nonsensical POSTs show up that cause an InvalidAuthenticityToken error. All the fields contain random characters. (For instance, "search_title"=>"BHQWTZpjGeb") Is there a way to detect them and not send the email, while still sending the email in all other cases? I don''t want to get used to these emails and miss one that is an actual bug in production. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
How about grabbing "HTTP_USER_AGENT" from the request? On Feb 17, 10:01 am, paul <p...-mzPrHiy5csbYtjvyW6yDsg@public.gmane.org> wrote:> Is there a way to detect them and not send the email, while still > sending the email in all other cases? I don''t want to get used to > these emails and miss one that is an actual bug in production.-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
HI Paul, On Thu, Feb 17, 2011 at 9:01 AM, paul <paul-mzPrHiy5csbYtjvyW6yDsg@public.gmane.org> wrote:> I''m using exception_notifier to get an email when a 500 error occurs > in production. Lately I''m seeing a lot of nonsensical POSTs show up > that cause an InvalidAuthenticityToken error. All the fields contain > random characters. (For instance, "search_title"=>"BHQWTZpjGeb") > > Is there a way to detect them and not send the email, while still > sending the email in all other cases? I don''t want to get used to > these emails and miss one that is an actual bug in production.I''m not sure what the interplay with the exception_notifier would be but a rescue_from before filter will let you specifically handle the InvalidAuthenticityToken exceptions. HTH, Bill -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Actually, I already have rescue_action_in_public. That''s how exception_notifier sends the email. But I just did a search and see a disturbing discussion: https://rails.lighthouseapp.com/projects/8994/tickets/5444-rescue_action_in_public-no-longer-works Anyway, it seems like rescue_action_in_public does work for me, so I''m not sure I understand that, but in any case, the error message I get from the bot reports the HTTP_USER_AGENT as "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)", so that isn''t a good indicator. I haven''t seen anything in the error message that I can use to filter on. On Thu, Feb 17, 2011 at 10:54 AM, Bill Walton <bwalton.im-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> HI Paul, > > On Thu, Feb 17, 2011 at 9:01 AM, paul <paul-mzPrHiy5csbYtjvyW6yDsg@public.gmane.org> wrote: >> I''m using exception_notifier to get an email when a 500 error occurs >> in production. Lately I''m seeing a lot of nonsensical POSTs show up >> that cause an InvalidAuthenticityToken error. All the fields contain >> random characters. (For instance, "search_title"=>"BHQWTZpjGeb") >> >> Is there a way to detect them and not send the email, while still >> sending the email in all other cases? I don''t want to get used to >> these emails and miss one that is an actual bug in production. > > I''m not sure what the interplay with the exception_notifier would be > but a rescue_from before filter will let you specifically handle the > InvalidAuthenticityToken exceptions. > > HTH, > Bill > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.