Hi rails people,
I have been experiencing a problem lately with my rails app. I send xml
documents to a rails server through POST requests from a curl client.
The request contains an XML document that has been properly escaped
using entity escapement rules from the XML definition: each escaped
entity is replaced by “&nn;”.
The documents POST to the server just fine unless the entities are
contiguous; that is, two or more escaped entities appear directly
together. In that case, rails (1.0.0) reports nothing in the
development log and returns a 500 Internal Server error to my client.
results are the same with both webrick and apache/fastcgi.
After much searching of rails and other ruby code, I found where the
error was occurring. The problem crops up in the ActionController
(ActionPack-1.11.2) in the cgi_methods.rb file. When
CGIMethods.parse_request_parameters() calls build_deep_hash, things can
apparently go terribly wrong.
The problem is that the cgi object’s parameters get parsed from stdin
according to the rules of the URL query string. This includes breaking
on “&” and looking for key/value pairs. thus the problem with escaped
build_deep_hash apparently wants to create a parameter hash that honors
embedded parameter lists. No sweat, except that my XML document got
parsed into parameters erroneously and causes build_deep_hash to loose
My solution is simple and works for me. I added a ‘rescue’ clause to
CGIMethods.parse_request_parameters() which allows the method to recover
from the error. In the handler, I clear the erroneous hashes so that
they dont cause other problems downstream.
So now I have a patch. I read that patches require tests… I am
relatively new to ruby and rails (I didnt write the server, just the
client part of the app).
Which tests should I modify? or add? where can I find out some more
about the test framework so I can write a non-broken test? I want to
submit the patch, and I have thoroughly tested it with my client, I just
want to submit it in the way that is easiest for the committers to
Thanks for any advice,