diff options
-rw-r--r-- | app/middleware/handle_bad_encoding_middleware.rb | 18 | ||||
-rw-r--r-- | config/application.rb | 2 | ||||
-rw-r--r-- | spec/middleware/handle_bad_encoding_middleware_spec.rb | 21 |
3 files changed, 0 insertions, 41 deletions
diff --git a/app/middleware/handle_bad_encoding_middleware.rb b/app/middleware/handle_bad_encoding_middleware.rb deleted file mode 100644 index 6fce84b15..000000000 --- a/app/middleware/handle_bad_encoding_middleware.rb +++ /dev/null @@ -1,18 +0,0 @@ -# frozen_string_literal: true -# See: https://jamescrisp.org/2018/05/28/fixing-invalid-query-parameters-invalid-encoding-in-a-rails-app/ - -class HandleBadEncodingMiddleware - def initialize(app) - @app = app - end - - def call(env) - begin - Rack::Utils.parse_nested_query(env['QUERY_STRING'].to_s) - rescue Rack::Utils::InvalidParameterError - env['QUERY_STRING'] = '' - end - - @app.call(env) - end -end diff --git a/config/application.rb b/config/application.rb index c1bc18a30..bf25fa0d9 100644 --- a/config/application.rb +++ b/config/application.rb @@ -7,7 +7,6 @@ require 'rails/all' Bundler.require(*Rails.groups) require_relative '../app/lib/exceptions' -require_relative '../app/middleware/handle_bad_encoding_middleware' require_relative '../lib/paperclip/lazy_thumbnail' require_relative '../lib/paperclip/gif_transcoder' require_relative '../lib/paperclip/video_transcoder' @@ -120,7 +119,6 @@ module Mastodon config.active_job.queue_adapter = :sidekiq - config.middleware.insert_before Rack::Runtime, HandleBadEncodingMiddleware config.middleware.use Rack::Attack config.middleware.use Rack::Deflater diff --git a/spec/middleware/handle_bad_encoding_middleware_spec.rb b/spec/middleware/handle_bad_encoding_middleware_spec.rb deleted file mode 100644 index 8c0d24f18..000000000 --- a/spec/middleware/handle_bad_encoding_middleware_spec.rb +++ /dev/null @@ -1,21 +0,0 @@ -require 'rails_helper' - -RSpec.describe HandleBadEncodingMiddleware do - let(:app) { double() } - let(:middleware) { HandleBadEncodingMiddleware.new(app) } - - it "request with query string is unchanged" do - expect(app).to receive(:call).with("PATH" => "/some/path", "QUERY_STRING" => "name=fred") - middleware.call("PATH" => "/some/path", "QUERY_STRING" => "name=fred") - end - - it "request with no query string is unchanged" do - expect(app).to receive(:call).with("PATH" => "/some/path") - middleware.call("PATH" => "/some/path") - end - - it "request with invalid encoding in query string drops query string" do - expect(app).to receive(:call).with("QUERY_STRING" => "", "PATH" => "/some/path") - middleware.call("QUERY_STRING" => "q=%2Fsearch%2Fall%Forder%3Ddescending%26page%3D5%26sort%3Dcreated_at", "PATH" => "/some/path") - end -end |