Rescue an ActionController::BadRequest

Rescue an ActionController::BadRequest

I am running a rails app and I have a simple show action, where the code is something like the following:
@post = Post.find(params[:id])

So if you go to posts/1 for example you will see the post if there is one.
I can catch invalid params[:id] or invalid params but I noticed something strange. Somebody tried to pass me yesterday something like the following:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Result:+%ED%E5;

And I am getting an ActionController bad request exception. When I am visiting the url /posts/+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Result:+%ED%E5; I see a blank page instead of the typical 404 I have in a similar error. I also noticed that with the param it doesn’t get into posts controller show action, either to application controller (I’ve tried to rescue it from there as well). I suppose it is a rack exception from some gem I have and I don’t know how to rescue it.
Here is my whole error response:
Started GET “/blog/+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Result:+%ED” for 192.168.1.105 at 2014-03-18 09:45:42 +0200

ActionController::BadRequest (ActionController::BadRequest):
actionpack (4.0.2) lib/action_dispatch/routing/route_set.rb:37:in `block in call’
actionpack (4.0.2) lib/action_dispatch/routing/route_set.rb:33:in `each’
actionpack (4.0.2) lib/action_dispatch/routing/route_set.rb:33:in `call’
actionpack (4.0.2) lib/action_dispatch/journey/router.rb:71:in `block in call’
actionpack (4.0.2) lib/action_dispatch/journey/router.rb:59:in `each’
actionpack (4.0.2) lib/action_dispatch/journey/router.rb:59:in `call’
actionpack (4.0.2) lib/action_dispatch/routing/route_set.rb:680:in `call’
meta_request (0.2.8) lib/meta_request/middlewares/app_request_handler.rb:13:in `call’
rack-contrib (1.1.0) lib/rack/contrib/response_headers.rb:17:in `call’
meta_request (0.2.8) lib/meta_request/middlewares/headers.rb:16:in `call’
meta_request (0.2.8) lib/meta_request/middlewares/meta_request_handler.rb:13:in `call’
bullet (4.7.1) lib/bullet/rack.rb:12:in `call’
warden (1.2.3) lib/warden/manager.rb:35:in `block in call’
warden (1.2.3) lib/warden/manager.rb:34:in `catch’
warden (1.2.3) lib/warden/manager.rb:34:in `call’
rack (1.5.2) lib/rack/etag.rb:23:in `call’
rack (1.5.2) lib/rack/conditionalget.rb:25:in `call’
rack (1.5.2) lib/rack/head.rb:11:in `call’
actionpack (4.0.2) lib/action_dispatch/middleware/params_parser.rb:27:in `call’
actionpack (4.0.2) lib/action_dispatch/middleware/flash.rb:241:in `call’
rack (1.5.2) lib/rack/session/abstract/id.rb:225:in `context’
rack (1.5.2) lib/rack/session/abstract/id.rb:220:in `call’
actionpack (4.0.2) lib/action_dispatch/middleware/cookies.rb:486:in `call’
activerecord (4.0.2) lib/active_record/query_cache.rb:36:in `call’
activerecord (4.0.2) lib/active_record/connection_adapters/abstract/connection_pool.rb:626:in `call’
activerecord (4.0.2) lib/active_record/migration.rb:369:in `call’
actionpack (4.0.2) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call’
activesupport (4.0.2) lib/active_support/callbacks.rb:373:in `_run__44017112__call__callbacks’
activesupport (4.0.2) lib/active_support/callbacks.rb:80:in `run_callbacks’
actionpack (4.0.2) lib/action_dispatch/middleware/callbacks.rb:27:in `call’
actionpack (4.0.2) lib/action_dispatch/middleware/reloader.rb:64:in `call’
actionpack (4.0.2) lib/action_dispatch/middleware/remote_ip.rb:76:in `call’
better_errors (1.1.0) lib/better_errors/middleware.rb:58:in `call’
actionpack (4.0.2) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call’
actionpack (4.0.2) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call’
railties (4.0.2) lib/rails/rack/logger.rb:38:in `call_app’
railties (4.0.2) lib/rails/rack/logger.rb:20:in `block in call’
activesupport (4.0.2) lib/active_support/tagged_logging.rb:67:in `block in tagged’
activesupport (4.0.2) lib/active_support/tagged_logging.rb:25:in `tagged’
activesupport (4.0.2) lib/active_support/tagged_logging.rb:67:in `tagged’
railties (4.0.2) lib/rails/rack/logger.rb:20:in `call’
quiet_assets (1.0.2) lib/quiet_assets.rb:18:in `call_with_quiet_assets’
actionpack (4.0.2) lib/action_dispatch/middleware/request_id.rb:21:in `call’
rack (1.5.2) lib/rack/methodoverride.rb:21:in `call’
rack (1.5.2) lib/rack/runtime.rb:17:in `call’
activesupport (4.0.2) lib/active_support/cache/strategy/local_cache.rb:83:in `call’
rack (1.5.2) lib/rack/lock.rb:17:in `call’
actionpack (4.0.2) lib/action_dispatch/middleware/static.rb:64:in `call’
rack (1.5.2) lib/rack/sendfile.rb:112:in `call’
railties (4.0.2) lib/rails/engine.rb:511:in `call’
railties (4.0.2) lib/rails/application.rb:97:in `call’
rack (1.5.2) lib/rack/content_length.rb:14:in `call’
puma (2.7.1) lib/puma/server.rb:486:in `handle_request’
puma (2.7.1) lib/puma/server.rb:357:in `process_client’
puma (2.7.1) lib/puma/server.rb:250:in `block in run’
puma (2.7.1) lib/puma/thread_pool.rb:92:in `call’
puma (2.7.1) lib/puma/thread_pool.rb:92:in `block in spawn_thread’

Related:  Securing your Data Layer in a C# Application

Any idea how can I rescue this one with a 404 and avoid the blank page?

Solutions/Answers:

Solution 1:

OK I found that if you pass something like %ED it is a 400 bad request so I just created a 400 static page and I’ve added the following in my exception notification:

  Myapp::Application.config.middleware.use ExceptionNotification::Rack,
  :ignore_exceptions => ['ActionController::BadRequest'] + ExceptionNotifier.ignored_exceptions,
  :ignore_crawlers => %w{Googlebot bingbot},
  :email => {
    :email_prefix => "[Myapp.com Exception Notifier] ",
    :sender_address => %{"myapp.com" <info@myapp.com>},
    :exception_recipients => %w{myemail@myapp.com}
  }

References