Handle improper Accept headers #1795
Conversation
CHANGELOG.md
Outdated
| @@ -3,6 +3,7 @@ | |||
| #### Features | |||
|
|
|||
| * Your contribution here. | |||
| * [#1795](https://github.com/ruby-grape/grape/pull/1795): Fix Accept header parsing bug - [@bschmeck](https://github.com/bschmeck) | |||
There was a problem hiding this comment.
Missing a period at the end. It could also be more specific: "Fix: vendor/subtype parsing in an invalid Accept header"
|
Pushed a correction to the CHANGELOG, I had missed the comment from grape-bot.
|
|
Thanks, makes sense. I would refactor this and take parsing out of the header middleware implementation, and then we can have tests, but that's beyond the scope of this PR. |
|
https://travis-ci.org/ruby-grape/grape/jobs/434730968 has a failure, I am not sure what's up with that, care to check it out? |
|
I will try to find some time to work on extracting the parsing logic and wrapping it in tests. I'll dig into the failure, too. It appears to be only on |
|
I am sure it's unrelated, but we do need a green build one way or another. |
bschmeck
force-pushed
the
improper-accept-header-handling
branch
from
a3dee70 to
c576a88
Compare
bschmeck
force-pushed
the
improper-accept-header-handling
branch
from
c576a88 to
50135b0
Compare
|
The upstream problem in ActiveSupport was fixed and the build is now green for this PR. |
|
Thanks, merged. |
We have observed situations where our API has received a request from a network scanner that has an improperly formatted Accept header. In these cases,
Rack:Accept::Header.parse_media_typereturns an empty array (https://github.com/mjackson/rack-accept/blob/master/lib/rack/accept/header.rb#L42) andsubtypeis set tonil.This PR checks that we actually received a subtype before checking against the vendor and version regexes.