I started getting exception notifications recently from the server
just about the time I upgraded to Rails 3.2. I don’t know if that is a
coincidence or not. Evidently some robot is hitting my site with:
and that is throwing an exception.
I have two questions:
-
First, just out of curiosity, who puts
“iframe=true&width=100%&height=100%” on their requests, and why? -
Second, obviously I don’t want a 500 error. How can I filter out
the parameters before it crashes?
Thanks!
A ArgumentError occurred in home#index:
invalid %-encoding (100%)
/home/xxxxx/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/1.9.1/uri/common.rb:911:in
`decode_www_form_component’
The top part of the stack is:
/home/xxxxxx/.rvm/rubies/ruby-1.9.3-p0/lib/ruby/1.9.1/uri/common.rb:911:in
decode_www_form_component' rack (1.4.1) lib/rack/utils.rb:39:in unescape’
rack (1.4.1) lib/rack/utils.rb:88:in block (2 levels) in parse_nested_query' rack (1.4.1) lib/rack/utils.rb:88:in map’
rack (1.4.1) lib/rack/utils.rb:88:in block in parse_nested_query' rack (1.4.1) lib/rack/utils.rb:87:in each’
rack (1.4.1) lib/rack/utils.rb:87:in parse_nested_query' rack (1.4.1) lib/rack/request.rb:334:in parse_query’
rack (1.4.1) lib/rack/request.rb:186:in GET' actionpack (3.2.0) lib/action_dispatch/http/request.rb:225:in GET’
actionpack (3.2.0) lib/action_dispatch/http/parameters.rb:10:in
parameters' actionpack (3.2.0) lib/action_dispatch/http/filter_parameters.rb:33:in filtered_parameters’
actionpack (3.2.0)
lib/action_controller/metal/instrumentation.rb:21:in process_action' actionpack (3.2.0) lib/action_controller/metal/params_wrapper.rb:205:in process_action’
activerecord (3.2.0)
lib/active_record/railties/controller_runtime.rb:18:in
`process_action’