Running into a odd issue where Rack::ShowExceptions
is rendering detailed exceptions for my rails 4.0.4 app in the production environment. Adding a config.middleware.delete(Rack::ShowExceptions)
to config/application.rb
still managed to result in the Rack::ShowExceptions
template being rendered, and as such I expect there is some middleware dependency lurking.
For example, hitting the app with an unescaped %
in a POST
request lead to the Rack::ShowExceptions
template being rendered:
Sample invalid POST
request:
POST /en/users/sign_in HTTP/1.1
Host: www.localhost.dev
Proxy-Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://www.localhost.dev
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip,deflate
Accept-Language: en-US,en;q=0.8
%
Rack middleware:
$ RAILS_ENV=production rake middleware
use Raven::Rack
use HttpMethodNotAllowed
use ActionDispatch::SSL
use Rack::Sendfile
use ActionDispatch::Static
use #<ActiveSupport::Cache::Strategy::LocalCache::Middleware:0x007feba5b8b940>
use Rack::Runtime
use Rack::MethodOverride
use ActionDispatch::RequestId
use RequestStore::Middleware
use Rails::Rack::Logger
use ActionDispatch::ShowExceptions
use ActionDispatch::DebugExceptions
use ActionDispatch::RemoteIp
use ActionDispatch::Callbacks
use ActiveRecord::ConnectionAdapters::ConnectionManagement
use ActiveRecord::QueryCache
use ActionDispatch::Cookies
use ActionDispatch::Session::CookieStore
use ActionDispatch::Flash
use ActionDispatch::ParamsParser
use Rack::Head
use Rack::ConditionalGet
use Rack::ETag
use Warden::Manager
run MyApplication::Application.routes
We have config.exceptions_add = self.routes
in config/application.rb
if that's relevant.
I have given the ActionPack CHANGELOG a pretty close read, but it's quite possible that this issue has been fixed in a later release! If so, I would greatly appreciate a reference to it.
If you mean you have
config.exceptions_app = self.routes
then don't do that. You're shoving the exceptional state back into the app that raised that exceptional state so it's likely not do what you want. What's wrong with the default failure app?