Rails 1.1.5: routing issue

tgreiser · August 9, 2006, 10:40pm

Most of my rails sites are working fine on 1.1.5, but I have one site
that has lost it’s route to UserController.

ActionController::RoutingError (Recognition failed for “/user/login”):
/vendor/rails/actionpack/lib/action_controller/routing.rb:526:in
recognition_failed' /vendor/rails/actionpack/lib/action_controller/routing.rb:516:in recognize!’
/vendor/rails/railties/lib/dispatcher.rb:38:in `dispatch’
/opt/rails/manageor_devel/public/dispatch.cgi:10

Engines I am using:

engines http://svn.rails-engines.org/engines/branches/rb_1.1
login_engine http://svn.rails-engines.org/plugins/login_engine

When I ./script/console I can run through the sequence of commands and
it finds the route correctly, but if I breakpoint in
action_controller/routing.rb it is failing on line 515:

hash = recognize_path(path)

recognize_path is being generated by some code I don’t have time to grok
ATM, but both environments seem to be generating the same code (except
for the order of some Hash elements).

When I roll back to 1.1.4, all is fine. I’m not doing anything fancy
with routes.rb, only setting a default route:

map.connect ‘’, :controller => ‘work’

Any ideas?

Tim.

tgreiser · August 10, 2006, 12:27pm

Tim Greiser wrote:

When I roll back to 1.1.4, all is fine. I’m not doing anything fancy
with routes.rb, only setting a default route:

Yeah, we’re having the same issue here with a stock install of user- and
login engines and then upgrading to 1.1.5. We’re rolling back to 1.1.4
for the moment, since I don’t have time to investigate this.

d

tgreiser · August 10, 2006, 3:26pm

When I roll back to 1.1.4, all is fine. I’m not doing anything fancy
with routes.rb, only setting a default route:

Same here, hope someone find a solution for this.
Somebody suggested commenting out two lines from
vendor\plugins\engines\lib\engines.rb

require ‘logger’

load this before doing ANYTHING freaky with the reloading.

begin

require ‘rails_version’ # Rails 1.0, 1.1.0

#rescue LoadError, Gem::Exception
require ‘rails/version’ # renamed as of Rails 1.1.1
end

But it doesn’t work for me.
CU

tgreiser · August 10, 2006, 3:36pm

Dewet D. wrote:

We’re rolling back to 1.1.4 for the moment

Hmm, maybe not the best idea; one of the comments on DHH’s
announcement:

"Joel on 10 Aug 05:48:

“I figured out how to fix Engines, but explaining it would give away the
exploit. It is very, very severe. If you use Engines you might want to
drop back to 1.1.3 which evidently is unaffected.”

I see DHH also just posted that 1.1.3 is unaffected, which means Engines
should start working again. I haven’t checked; I’m still waiting for
the gems to install.

d

tgreiser · August 10, 2006, 5:27pm

A temp fix is in SVN now. It works for me. A question to the
contributor … is there a reason for the multiple calls to:

ActionController::Routing::ControllerComponent.file_kinds("\A#{extended_engine_root}/#{path}")

I found it worked fine to call once:

ActionController::Routing::ControllerComponent.file_kinds(:vendor)

Thanks for the fix.
Tim.

tgreiser · August 11, 2006, 4:17am

Tim Greiser wrote:

A temp fix is in SVN now.

Where exactly? I don’t see any changes at
http://svn.rails-engines.org/plugins/login_engine

(bit of a rails and svn newb here)

Thanks,
Carl

tgreiser · August 11, 2006, 4:34am

Carl J. wrote:

Tim Greiser wrote:

A temp fix is in SVN now.

Where exactly? I don’t see any changes at
http://svn.rails-engines.org/plugins/login_engine

Er, sorry, I see this was already answered. I think ruby-forum.com is
missing some msgs from the thread, but I found the info elsewhere and in
the bug.

tgreiser · August 14, 2006, 11:41am

Found a reason for not recognizing Engines paths

if you are interested - see the post on my blog -
http://npenkov.com/articles/2006/08/14/engines-with-rails-1-1-5-6-routing-issue

I will try to find a sollution in few hours.

tgreiser · August 15, 2006, 2:12pm

See http://dev.rails-engines.org/tickets/196, and please focus all bug
reports there,

I’m currently unable to replicate these routing errors, either using
the latest tags, or the development branches - anything you can
provide that would help replicate this would be much appreciated!

Please consider trying to replicate this in the login_engine test
application too
(http://svn.rails-engines.org/test/login_engine/rails_1.1)

James

tgreiser · August 15, 2006, 2:09pm

Adding ‘vendor’ to the accepted file path is too general, given the
nature of the exploit.

james

tgreiser · August 15, 2006, 2:13pm

I’ve made a preliminary fix available in the 1.1 release branch (more
details on the Collabo site, please check there).

Note that this doesn’t represent a final patch; I want to understand a
bit more about why Rails was patched in the way it was before I
commit to one particular workaround. Problems to Ticket #196, please.

Ever onwards,

James

tgreiser · August 15, 2006, 2:13pm

I’m not sure what bug that particular ‘fix’ applies to, but the 1.1.5
issue has been found. See dev.rails-engines.org for more information,
I have a fix ready but I’m waiting to hear more from Rails Core before
I commit it.

james

tgreiser · August 15, 2006, 2:19pm

Nick - have you been following the details on the Engines Collabo
site? http://dev.rails-engines.org/tickets/196

james

tgreiser · August 17, 2006, 9:55am

Yes,
as a matter of fact, like mentioned on Collabo site - when I was trying
to fix my applications for 1.1.5/6, you have already developed a fix, so
now I am using it (checkout of engines trunk). My solution was only a
temporary one (I like my application to run on last version of Rails).

James A. wrote:

Nick - have you been following the details on the Engines Collabo
site? http://dev.rails-engines.org/tickets/196

james

tgreiser · August 15, 2006, 2:16pm

There’s another patch to match 1.1.6 - please see the main announcement
post…

james