Fix uncaught query param encoding errors (#12741)

author: Eugen Rochko <eugen@zeonfederated.com> 2020-01-02 17:14:58 +0100
committer: GitHub <noreply@github.com> 2020-01-02 17:14:58 +0100
commit: 09d54d1f626163fcc6e282544dfc9939fd3cdfd3 (patch)
tree: 4e19c261bb8cdc3d64228a0299072a286d409fa3 /app/middleware
parent: 9edab7afafd6f6db9338ada83a84b2ef14f397a9 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/app/middleware/handle_bad_encoding_middleware.rb b/app/middleware/handle_bad_encoding_middleware.rb
new file mode 100644
index 000000000..6fce84b15
--- /dev/null
+++ b/app/middleware/handle_bad_encoding_middleware.rb
@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+# See: https://jamescrisp.org/2018/05/28/fixing-invalid-query-parameters-invalid-encoding-in-a-rails-app/
+
+class HandleBadEncodingMiddleware
+  def initialize(app)
+    @app = app
+  end
+
+  def call(env)
+    begin
+      Rack::Utils.parse_nested_query(env['QUERY_STRING'].to_s)
+    rescue Rack::Utils::InvalidParameterError
+      env['QUERY_STRING'] = ''
+    end
+
+    @app.call(env)
+  end
+end
author	Eugen Rochko <eugen@zeonfederated.com>	2020-01-02 17:14:58 +0100
committer	GitHub <noreply@github.com>	2020-01-02 17:14:58 +0100
commit	09d54d1f626163fcc6e282544dfc9939fd3cdfd3 (patch)
tree	4e19c261bb8cdc3d64228a0299072a286d409fa3 /app/middleware
parent	9edab7afafd6f6db9338ada83a84b2ef14f397a9 (diff)