I have a page called bulk_edit. It has a route of:
post :bulk_edit
In my routes.rb.
The view itself is in HAML and comes up a-okay. I also have a method in my controller called bulk_edit:
def bulk_edit
print_method
assets = params[:assets] || ''
#assets = VodAsset.where(id: assets.split(','))
end
VodAsset is one of my models. The problem is, when I get to my page and then hit refresh, pandemonium occurs - I get this:
My show method is as such:
def show
print_method
#options = VodAsset.all.map { |a| [a.id, a.title_asset_id] }.to_h
end
Pretty innocuous as far as I can tell. id is a key for my model (as it is for all models) called VodAsset. I cannot understand how in any scenario, refresh or otherwise, we end up trying to render with id->bulk_edit? Somehow the method name is getting into the actual call, which makes zero sense, especially with the very simple setup I have right now.
I am just hitting refresh page... was wondering, where would I start to be able to troubleshoot this problem? There does not seem to be enough going on to warrant this error. The stack trace on the ole red page has not 1 single line that has anything to do with my controller code, or any code that is in my project, so it is not a very good starting point.
Here is the whole stacktrace - but I can't make anything of it since it doesn't have anything about any code in files that I have written:
activerecord (4.2.3) lib/active_record/core.rb:155:in `find'
cancancan (2.0.0) lib/cancan/model_adapters/abstract_adapter.rb:20:in `find'
cancancan (2.0.0) lib/cancan/controller_resource.rb:104:in `find_resource'
cancancan (2.0.0) lib/cancan/controller_resource.rb:63:in `load_resource_instance'
cancancan (2.0.0) lib/cancan/controller_resource.rb:35:in `load_resource'
cancancan (2.0.0) lib/cancan/controller_resource.rb:28:in `load_and_authorize_resource'
cancancan (2.0.0) lib/cancan/controller_resource.rb:12:in `block in add_before_action'
activesupport (4.2.3) lib/active_support/callbacks.rb:446:in `instance_exec'
activesupport (4.2.3) lib/active_support/callbacks.rb:446:in `block in make_lambda'
activesupport (4.2.3) lib/active_support/callbacks.rb:162:in `block in halting'
activesupport (4.2.3) lib/active_support/callbacks.rb:502:in `block in call'
activesupport (4.2.3) lib/active_support/callbacks.rb:502:in `each'
activesupport (4.2.3) lib/active_support/callbacks.rb:502:in `call'
activesupport (4.2.3) lib/active_support/callbacks.rb:88:in `run_callbacks'
actionpack (4.2.3) lib/abstract_controller/callbacks.rb:19:in `process_action'
actionpack (4.2.3) lib/action_controller/metal/rescue.rb:29:in `process_action'
actionpack (4.2.3) lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
activesupport (4.2.3) lib/active_support/notifications.rb:164:in `block in instrument'
activesupport (4.2.3) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.2.3) lib/active_support/notifications.rb:164:in `instrument'
actionpack (4.2.3) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
actionpack (4.2.3) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
activerecord (4.2.3) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
actionpack (4.2.3) lib/abstract_controller/base.rb:137:in `process'
actionview (4.2.3) lib/action_view/rendering.rb:30:in `process'
actionpack (4.2.3) lib/action_controller/metal.rb:196:in `dispatch'
actionpack (4.2.3) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.2.3) lib/action_controller/metal.rb:237:in `block in action'
actionpack (4.2.3) lib/action_dispatch/routing/route_set.rb:76:in `dispatch'
actionpack (4.2.3) lib/action_dispatch/routing/route_set.rb:45:in `serve'
actionpack (4.2.3) lib/action_dispatch/journey/router.rb:43:in `block in serve'
actionpack (4.2.3) lib/action_dispatch/journey/router.rb:30:in `each'
actionpack (4.2.3) lib/action_dispatch/journey/router.rb:30:in `serve'
actionpack (4.2.3) lib/action_dispatch/routing/route_set.rb:821:in `call'
bullet (5.6.0) lib/bullet/rack.rb:10:in `call'
warden (1.2.7) lib/warden/manager.rb:36:in `block in call'
warden (1.2.7) lib/warden/manager.rb:35:in `catch'
warden (1.2.7) lib/warden/manager.rb:35:in `call'
rack (1.6.8) lib/rack/etag.rb:24:in `call'
rack (1.6.8) lib/rack/conditionalget.rb:25:in `call'
rack (1.6.8) lib/rack/head.rb:13:in `call'
actionpack (4.2.3) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.2.3) lib/action_dispatch/middleware/flash.rb:260:in `call'
rack (1.6.8) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.6.8) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.2.3) lib/action_dispatch/middleware/cookies.rb:560:in `call'
activerecord (4.2.3) lib/active_record/query_cache.rb:36:in `call'
activerecord (4.2.3) lib/active_record/connection_adapters/abstract/connection_pool.rb:653:in `call'
activerecord (4.2.3) lib/active_record/migration.rb:377:in `call'
actionpack (4.2.3) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.2.3) lib/active_support/callbacks.rb:84:in `run_callbacks'
actionpack (4.2.3) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.2.3) lib/action_dispatch/middleware/reloader.rb:73:in `call'
actionpack (4.2.3) lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
actionpack (4.2.3) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
web-console (2.3.0) lib/web_console/middleware.rb:28:in `block in call'
web-console (2.3.0) lib/web_console/middleware.rb:18:in `catch'
web-console (2.3.0) lib/web_console/middleware.rb:18:in `call'
actionpack (4.2.3) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.2.3) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.2.3) lib/rails/rack/logger.rb:20:in `block in call'
activesupport (4.2.3) lib/active_support/tagged_logging.rb:68:in `block in tagged'
activesupport (4.2.3) lib/active_support/tagged_logging.rb:26:in `tagged'
activesupport (4.2.3) lib/active_support/tagged_logging.rb:68:in `tagged'
railties (4.2.3) lib/rails/rack/logger.rb:20:in `call'
quiet_assets (1.1.0) lib/quiet_assets.rb:27:in `call_with_quiet_assets'
actionpack (4.2.3) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.6.8) lib/rack/methodoverride.rb:22:in `call'
rack (1.6.8) lib/rack/runtime.rb:18:in `call'
activesupport (4.2.3) lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
rack (1.6.8) lib/rack/lock.rb:17:in `call'
actionpack (4.2.3) lib/action_dispatch/middleware/static.rb:116:in `call'
rack (1.6.8) lib/rack/sendfile.rb:113:in `call'
railties (4.2.3) lib/rails/engine.rb:518:in `call'
railties (4.2.3) lib/rails/application.rb:165:in `call'
rack (1.6.8) lib/rack/content_length.rb:15:in `call'
unicorn (5.3.0) lib/unicorn/http_server.rb:606:in `process_client'
unicorn (5.3.0) lib/unicorn/http_server.rb:702:in `worker_loop'
unicorn (5.3.0) lib/unicorn/http_server.rb:549:in `spawn_missing_workers'
unicorn (5.3.0) lib/unicorn/http_server.rb:142:in `start'
unicorn-rails (2.2.1) lib/unicorn_rails.rb:33:in `run'
rack (1.6.8) lib/rack/server.rb:287:in `start'
railties (4.2.3) lib/rails/commands/server.rb:80:in `start'
railties (4.2.3) lib/rails/commands/commands_tasks.rb:80:in `block in server'
railties (4.2.3) lib/rails/commands/commands_tasks.rb:75:in `tap'
railties (4.2.3) lib/rails/commands/commands_tasks.rb:75:in `server'
railties (4.2.3) lib/rails/commands/commands_tasks.rb:39:in `run_command!'
railties (4.2.3) lib/rails/commands.rb:17:in `<top (required)>'
bin/rails:8:in `require'
bin/rails:8:in `<top (required)>'
spring (2.0.2) lib/spring/client/rails.rb:28:in `load'
spring (2.0.2) lib/spring/client/rails.rb:28:in `call'
spring (2.0.2) lib/spring/client/command.rb:7:in `call'
spring (2.0.2) lib/spring/client.rb:30:in `run'
spring (2.0.2) bin/spring:49:in `<top (required)>'
spring (2.0.2) lib/spring/binstub.rb:31:in `load'
spring (2.0.2) lib/spring/binstub.rb:31:in `<top (required)>'
/Users/philjohnson/.rbenv/versions/2.3.3/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:68:in `require'
/Users/philjohnson/.rbenv/versions/2.3.3/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:68:in `require'
bin/spring:13:in `<top (required)>'
bin/rails:3:in `load'
bin/rails:3:in `<main>'
I'm going to assume a more full example of your routes file looks something like:
resources :vod_assets do
collection do
post :bulk_edit
end
end
this will result in a bunch of routes for VOD assets, the 2 of interest to us are:
Prefix Verb URI Pattern Controller#Action
bulk_edit_vod_assets POST /vod_assets/bulk_edit(.:format) vod_assets#bulk_edit
vod_asset GET /vod_assets/:id(.:format) vod_assets#show
When we look at the routes this way, we can see that one is a POST and one is a GET. If you were to try and do a GET to /vod_assets/bulk_edit, it would not match the POST /vod_assets/bulk_edit route but it would match GET /vod_assets/:id with the id being "bulk_edit". That would then send you to the show action on your controller, but you have a before_action somewhere (looks like something cancan related) that tries to load the VodAsset using params[:id] which is now "bulk_edit".
So, when you refresh the page this is happening because the browser is sending a GET instead of a POST and you aren't hitting the route you expect to, because the verb doesn't match.
If you'd like you could set up some constraints on your routes to prevent "bulk_edit" from going to the show route, something like this should do it (untested):
resources :vod_assets, constraints: { id: /[[:digit:]]/ } do
collection do
post :bulk_edit
end
end
and now when you refresh, you should get a No route matches error instead of the current error.
Related
I am getting SQL-injection url requests such as: ?s=index/think\app/invokefunction&function=call_user_func_array&vars[0]=file_put_contents&vars[1][]=12345.php&vars[1][1]=
which is causing a:
ActionController::BadRequest (Invalid query parameters: expected Hash (got Array) for param `1'):
in my home#index. I believe the error is caught in a middleware or routing as I cannot catch the error in the home#index controller (or application controller either).
This is my development log response to the url:
ActionController::BadRequest (Invalid query parameters: expected Hash (got Array) for param `1'):
rack (1.6.11) lib/rack/utils.rb:162:in `normalize_params'
rack (1.6.11) lib/rack/utils.rb:163:in `normalize_params'
rack (1.6.11) lib/rack/utils.rb:122:in `block in parse_nested_query'
rack (1.6.11) lib/rack/utils.rb:119:in `each'
rack (1.6.11) lib/rack/utils.rb:119:in `parse_nested_query'
rack (1.6.11) lib/rack/request.rb:371:in `parse_query'
actionpack (4.2.10) lib/action_dispatch/http/request.rb:339:in `parse_query'
rack (1.6.11) lib/rack/request.rb:191:in `GET'
actionpack (4.2.10) lib/action_dispatch/http/request.rb:300:in `GET'
actionpack (4.2.10) lib/action_dispatch/http/parameters.rb:14:in `parameters'
actionpack (4.2.10) lib/action_dispatch/http/filter_parameters.rb:37:in `filtered_parameters'
actionpack (4.2.10) lib/action_controller/metal/instrumentation.rb:22:in `process_action'
actionpack (4.2.10) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
activerecord (4.2.10) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
actionpack (4.2.10) lib/abstract_controller/base.rb:137:in `process'
actionview (4.2.10) lib/action_view/rendering.rb:30:in `process'
actionpack (4.2.10) lib/action_controller/metal.rb:196:in `dispatch'
actionpack (4.2.10) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.2.10) lib/action_controller/metal.rb:237:in `block in action'
actionpack (4.2.10) lib/action_dispatch/routing/route_set.rb:74:in `dispatch'
actionpack (4.2.10) lib/action_dispatch/routing/route_set.rb:43:in `serve'
actionpack (4.2.10) lib/action_dispatch/journey/router.rb:43:in `block in serve'
actionpack (4.2.10) lib/action_dispatch/journey/router.rb:30:in `each'
actionpack (4.2.10) lib/action_dispatch/journey/router.rb:30:in `serve'
actionpack (4.2.10) lib/action_dispatch/routing/route_set.rb:817:in `call'
bullet (6.0.2) lib/bullet/rack.rb:12:in `call'
rack (1.6.11) lib/rack/etag.rb:24:in `call'
rack (1.6.11) lib/rack/conditionalget.rb:25:in `call'
rack (1.6.11) lib/rack/head.rb:13:in `call'
actionpack (4.2.10) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.2.10) lib/action_dispatch/middleware/flash.rb:260:in `call'
rack (1.6.11) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.6.11) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.2.10) lib/action_dispatch/middleware/cookies.rb:560:in `call'
activerecord (4.2.10) lib/active_record/query_cache.rb:36:in `call'
airbrake (9.4.3) lib/airbrake/rack/middleware.rb:32:in `call!'
airbrake (9.4.3) lib/airbrake/rack/middleware.rb:21:in `call'
activerecord (4.2.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:653:in `call'
activerecord (4.2.10) lib/active_record/migration.rb:377:in `call'
actionpack (4.2.10) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.2.10) lib/active_support/callbacks.rb:88:in `__run_callbacks__'
activesupport (4.2.10) lib/active_support/callbacks.rb:778:in `_run_call_callbacks'
activesupport (4.2.10) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (4.2.10) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.2.10) lib/action_dispatch/middleware/reloader.rb:73:in `call'
actionpack (4.2.10) lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
actionpack (4.2.10) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
web-console (2.3.0) lib/web_console/middleware.rb:28:in `block in call'
web-console (2.3.0) lib/web_console/middleware.rb:18:in `catch'
web-console (2.3.0) lib/web_console/middleware.rb:18:in `call'
actionpack (4.2.10) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.2.10) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.2.10) lib/rails/rack/logger.rb:20:in `block in call'
activesupport (4.2.10) lib/active_support/tagged_logging.rb:68:in `block in tagged'
activesupport (4.2.10) lib/active_support/tagged_logging.rb:26:in `tagged'
activesupport (4.2.10) lib/active_support/tagged_logging.rb:68:in `tagged'
railties (4.2.10) lib/rails/rack/logger.rb:20:in `call'
request_store (1.4.1) lib/request_store/middleware.rb:19:in `call'
actionpack (4.2.10) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.6.11) lib/rack/methodoverride.rb:22:in `call'
rack (1.6.11) lib/rack/runtime.rb:18:in `call'
activesupport (4.2.10) lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
rack (1.6.11) lib/rack/lock.rb:17:in `call'
actionpack (4.2.10) lib/action_dispatch/middleware/static.rb:120:in `call'
rack (1.6.11) lib/rack/sendfile.rb:113:in `call'
utf8-cleaner (0.2.5) lib/utf8-cleaner/middleware.rb:21:in `call'
railties (4.2.10) lib/rails/engine.rb:518:in `call'
railties (4.2.10) lib/rails/application.rb:165:in `call'
rack (1.6.11) lib/rack/content_length.rb:15:in `call'
thin (1.7.2) lib/thin/connection.rb:86:in `block in pre_process'
thin (1.7.2) lib/thin/connection.rb:84:in `catch'
thin (1.7.2) lib/thin/connection.rb:84:in `pre_process'
thin (1.7.2) lib/thin/connection.rb:53:in `process'
thin (1.7.2) lib/thin/connection.rb:39:in `receive_data'
eventmachine (1.2.7) lib/eventmachine.rb:195:in `run_machine'
eventmachine (1.2.7) lib/eventmachine.rb:195:in `run'
thin (1.7.2) lib/thin/backends/base.rb:73:in `start'
thin (1.7.2) lib/thin/server.rb:162:in `start'
rack (1.6.11) lib/rack/handler/thin.rb:19:in `run'
rack (1.6.11) lib/rack/server.rb:287:in `start'
railties (4.2.10) lib/rails/commands/server.rb:80:in `start'
railties (4.2.10) lib/rails/commands/commands_tasks.rb:80:in `block in server'
railties (4.2.10) lib/rails/commands/commands_tasks.rb:75:in `tap'
railties (4.2.10) lib/rails/commands/commands_tasks.rb:75:in `server'
railties (4.2.10) lib/rails/commands/commands_tasks.rb:39:in `run_command!'
railties (4.2.10) lib/rails/commands.rb:17:in `<top (required)>'
bin/rails:9:in `require'
bin/rails:9:in `<top (required)>'
spring (2.1.0) lib/spring/client/rails.rb:28:in `load'
spring (2.1.0) lib/spring/client/rails.rb:28:in `call'
spring (2.1.0) lib/spring/client/command.rb:7:in `call'
spring (2.1.0) lib/spring/client.rb:30:in `run'
spring (2.1.0) bin/spring:49:in `<top (required)>'
spring (2.1.0) lib/spring/binstub.rb:11:in `load'
spring (2.1.0) lib/spring/binstub.rb:11:in `<top (required)>'
bin/spring:13:in `require'
bin/spring:13:in `<top (required)>'
bin/rails:3:in `load'
bin/rails:3:in `<main>'
How can I make sure these spam/sql inject-requests are being handled so they don't cause exceptions?
In Your Application Controller:
rescue_from ActionController::BadRequest, with: :bad_request
def bad_request(exception)
render status: 400, json: {:error => exception.message}.to_json
end
I came across this same issue this evening. The error is being thrown before ApplicationController begins to handle the request so catching it in ApplicationController won't work because it's too late.
What you need to do is insert a piece of middleware that catches ActionController::BadRequest before the ActionDispatch::ParamsParser middleware which is throwing the error.
Example which catches the error, adds it to the log and then returns a plain text 400 page.
# app/middleware/catch_batch_request_error_mw.rb
class CatchBadRequestErrorMw
def initialize(app)
#app = app
end
def call(env)
begin
#app.call(env)
rescue ActionController::BadRequest => e
Rails.logger.error("CatchBadRequestErrorMw: #{e.message}")
return [
400,
{
'Content-Type': 'text/plain',
},
['Bad Request']
]
end
end
end
And then in Application.rb
config.middleware.insert_before(ActionDispatch::ParamsParser, CatchBadRequestErrorMw)
I should note that the examples here are from a Rails 4.2 app so if you have any issues I'd start there.
When trying to destroy a record, it gives me the error message "Couldn't find Checkout51 with 'id'=4906"
Routes
Rails.application.routes.draw do
root 'homepage#index'
resources :savingstar
end
Savingstar Controller Method
def destroy
Checkout51.find(params[:id]).destroy
redirect_to "https://rails-tutorial2-chriscma.c9users.io/savingstar/show"
end
Link to trigger destroy method
<p> <%= link_to 'Destroy', x, method: :delete %> </p>
Trace
activerecord (4.2.5) lib/active_record/core.rb:155:in `find'
app/controllers/savingstar_controller.rb:55:in `destroy'
actionpack (4.2.5) lib/action_controller/metal/implicit_render.rb:4:in `send_action'
actionpack (4.2.5) lib/abstract_controller/base.rb:198:in `process_action'
actionpack (4.2.5) lib/action_controller/metal/rendering.rb:10:in `process_action'
actionpack (4.2.5) lib/abstract_controller/callbacks.rb:20:in `block in process_action'
activesupport (4.2.5) lib/active_support/callbacks.rb:117:in `call'
activesupport (4.2.5) lib/active_support/callbacks.rb:555:in `block (2 levels) in compile'
activesupport (4.2.5) lib/active_support/callbacks.rb:505:in `call'
activesupport (4.2.5) lib/active_support/callbacks.rb:92:in `__run_callbacks__'
activesupport (4.2.5) lib/active_support/callbacks.rb:778:in `_run_process_action_callbacks'
activesupport (4.2.5) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (4.2.5) lib/abstract_controller/callbacks.rb:19:in `process_action'
actionpack (4.2.5) lib/action_controller/metal/rescue.rb:29:in `process_action'
actionpack (4.2.5) lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
activesupport (4.2.5) lib/active_support/notifications.rb:164:in `block in instrument'
activesupport (4.2.5) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.2.5) lib/active_support/notifications.rb:164:in `instrument'
actionpack (4.2.5) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
actionpack (4.2.5) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
activerecord (4.2.5) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
actionpack (4.2.5) lib/abstract_controller/base.rb:137:in `process'
actionview (4.2.5) lib/action_view/rendering.rb:30:in `process'
actionpack (4.2.5) lib/action_controller/metal.rb:196:in `dispatch'
actionpack (4.2.5) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.2.5) lib/action_controller/metal.rb:237:in `block in action'
actionpack (4.2.5) lib/action_dispatch/routing/route_set.rb:76:in `dispatch'
actionpack (4.2.5) lib/action_dispatch/routing/route_set.rb:45:in `serve'
actionpack (4.2.5) lib/action_dispatch/journey/router.rb:43:in `block in serve'
actionpack (4.2.5) lib/action_dispatch/journey/router.rb:30:in `each'
actionpack (4.2.5) lib/action_dispatch/journey/router.rb:30:in `serve'
actionpack (4.2.5) lib/action_dispatch/routing/route_set.rb:817:in `call'
rack (1.6.11) lib/rack/etag.rb:24:in `call'
rack (1.6.11) lib/rack/conditionalget.rb:38:in `call'
rack (1.6.11) lib/rack/head.rb:13:in `call'
actionpack (4.2.5) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.2.5) lib/action_dispatch/middleware/flash.rb:260:in `call'
rack (1.6.11) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.6.11) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.2.5) lib/action_dispatch/middleware/cookies.rb:560:in `call'
activerecord (4.2.5) lib/active_record/query_cache.rb:36:in `call'
activerecord (4.2.5) lib/active_record/connection_adapters/abstract/connection_pool.rb:653:in `call'
activerecord (4.2.5) lib/active_record/migration.rb:377:in `call'
actionpack (4.2.5) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.2.5) lib/active_support/callbacks.rb:88:in `__run_callbacks__'
activesupport (4.2.5) lib/active_support/callbacks.rb:778:in `_run_call_callbacks'
activesupport (4.2.5) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (4.2.5) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.2.5) lib/action_dispatch/middleware/reloader.rb:73:in `call'
actionpack (4.2.5) lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
actionpack (4.2.5) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
web-console (2.3.0) lib/web_console/middleware.rb:20:in `block in call'
web-console (2.3.0) lib/web_console/middleware.rb:18:in `catch'
web-console (2.3.0) lib/web_console/middleware.rb:18:in `call'
actionpack (4.2.5) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.2.5) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.2.5) lib/rails/rack/logger.rb:20:in `block in call'
activesupport (4.2.5) lib/active_support/tagged_logging.rb:68:in `block in tagged'
activesupport (4.2.5) lib/active_support/tagged_logging.rb:26:in `tagged'
activesupport (4.2.5) lib/active_support/tagged_logging.rb:68:in `tagged'
railties (4.2.5) lib/rails/rack/logger.rb:20:in `call'
actionpack (4.2.5) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.6.11) lib/rack/methodoverride.rb:22:in `call'
rack (1.6.11) lib/rack/runtime.rb:18:in `call'
activesupport (4.2.5) lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
rack (1.6.11) lib/rack/lock.rb:17:in `call'
actionpack (4.2.5) lib/action_dispatch/middleware/static.rb:116:in `call'
rack (1.6.11) lib/rack/sendfile.rb:113:in `call'
railties (4.2.5) lib/rails/engine.rb:518:in `call'
railties (4.2.5) lib/rails/application.rb:165:in `call'
rack (1.6.11) lib/rack/lock.rb:17:in `call'
rack (1.6.11) lib/rack/content_length.rb:15:in `call'
rack (1.6.11) lib/rack/handler/webrick.rb:88:in `service'
/usr/local/rvm/rubies/ruby-2.3.0/lib/ruby/2.3.0/webrick/httpserver.rb:140:in `service'
/usr/local/rvm/rubies/ruby-2.3.0/lib/ruby/2.3.0/webrick/httpserver.rb:96:in `run'
/usr/local/rvm/rubies/ruby-2.3.0/lib/ruby/2.3.0/webrick/server.rb:296:in `block in start_thread'
Result of Checkout.find(4607) in Rails c
SELECT "checkout51s".* FROM "checkout51s" WHERE "checkout51s"."id" = ? LIMIT 1 [["id", 4607]]
ActiveRecord::RecordNotFound: Couldn't find Checkout51 with 'id'=4607
from /usr/local/rvm/gems/ruby-2.3.0/gems/activerecord-4.2.5/lib/active_record/core.rb:155:in `find'
from (irb):1
from /usr/local/rvm/gems/ruby-2.3.0/gems/railties-4.2.5/lib/rails/commands/console.rb:110:in `start'
from /usr/local/rvm/gems/ruby-2.3.0/gems/railties-4.2.5/lib/rails/commands/console.rb:9:in `start'
from /usr/local/rvm/gems/ruby-2.3.0/gems/railties-4.2.5/lib/rails/commands/commands_tasks.rb:68:in `console'
from /usr/local/rvm/gems/ruby-2.3.0/gems/railties-4.2.5/lib/rails/commands/commands_tasks.rb:39:in `run_command!'
from /usr/local/rvm/gems/ruby-2.3.0/gems/railties-4.2.5/lib/rails/commands.rb:17:in `<top (required)>'
from /usr/local/rvm/gems/ruby-2.3.0/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:274:in `require'
from /usr/local/rvm/gems/ruby-2.3.0/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:274:in `block in require'
from /usr/local/rvm/gems/ruby-2.3.0/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:240:in `load_dependency'
from /usr/local/rvm/gems/ruby-2.3.0/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:274:in `require'
from /home/ubuntu/workspace/bin/rails:9:in `<top (required)>'
from /usr/local/rvm/gems/ruby-2.3.0/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:268:in `load'
from /usr/local/rvm/gems/ruby-2.3.0/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:268:in `block in load'
from /usr/local/rvm/gems/ruby-2.3.0/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:240:in `load_dependency'
from /usr/local/rvm/gems/ruby-2.3.0/gems/activesupport-4.2.5/lib/active_support/dependencies.rb:268:in `load'
from /usr/local/rvm/rubies/ruby-2.3.0/lib/ruby/site_ruby/2.3.0/rubygems/core_ext/kernel_require.rb:59:in `require'
from /usr/local/rvm/rubies/ruby-2.3.0/lib/ruby/site_ruby/2.3.0/rubygems/core_ext/kernel_require.rb:59:in `require'
My Rails application throws an ActionController::InvalidAuthenticityToken from time to time. It occurs spontaneously once a month or so. As I don't think that there is some other site trying a CSRF attack, I started to make my thoughts about this rare events. My conclusion so far:
Random robots?
People waiting too long to send the form so that it expires on the server?
Are there other reasons for such false positive rejections?
And please don't explain what CSRF is ;-)
Here are some logs...
F, [2016-12-06T16:03:59.050673 #15136] FATAL -- :
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
actionpack (4.2.7) lib/action_controller/metal/request_forgery_protection.rb:181:in `handle_unverified_request'
actionpack (4.2.7) lib/action_controller/metal/request_forgery_protection.rb:209:in `handle_unverified_request'
devise (4.2.0) lib/devise/controllers/helpers.rb:253:in `handle_unverified_request'
actionpack (4.2.7) lib/action_controller/metal/request_forgery_protection.rb:204:in `verify_authenticity_token'
activesupport (4.2.7) lib/active_support/callbacks.rb:432:in `block in make_lambda'
activesupport (4.2.7) lib/active_support/callbacks.rb:164:in `block in halting'
activesupport (4.2.7) lib/active_support/callbacks.rb:504:in `block in call'
activesupport (4.2.7) lib/active_support/callbacks.rb:504:in `each'
activesupport (4.2.7) lib/active_support/callbacks.rb:504:in `call'
activesupport (4.2.7) lib/active_support/callbacks.rb:92:in `__run_callbacks__'
activesupport (4.2.7) lib/active_support/callbacks.rb:778:in `_run_process_action_callbacks'
activesupport (4.2.7) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (4.2.7) lib/abstract_controller/callbacks.rb:19:in `process_action'
actionpack (4.2.7) lib/action_controller/metal/rescue.rb:29:in `process_action'
actionpack (4.2.7) lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
activesupport (4.2.7) lib/active_support/notifications.rb:164:in `block in instrument'
activesupport (4.2.7) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.2.7) lib/active_support/notifications.rb:164:in `instrument'
actionpack (4.2.7) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
actionpack (4.2.7) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
actionpack (4.2.7) lib/abstract_controller/base.rb:137:in `process'
actionview (4.2.7) lib/action_view/rendering.rb:30:in `process'
actionpack (4.2.7) lib/action_controller/metal.rb:196:in `dispatch'
actionpack (4.2.7) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.2.7) lib/action_controller/metal.rb:237:in `block in action'
actionpack (4.2.7) lib/action_dispatch/routing/route_set.rb:74:in `dispatch'
actionpack (4.2.7) lib/action_dispatch/routing/route_set.rb:43:in `serve'
actionpack (4.2.7) lib/action_dispatch/routing/mapper.rb:49:in `serve'
actionpack (4.2.7) lib/action_dispatch/journey/router.rb:43:in `block in serve'
actionpack (4.2.7) lib/action_dispatch/journey/router.rb:30:in `each'
actionpack (4.2.7) lib/action_dispatch/journey/router.rb:30:in `serve'
actionpack (4.2.7) lib/action_dispatch/routing/route_set.rb:817:in `call'
turnout (2.3.1) lib/rack/turnout.rb:25:in `call'
omniauth (1.3.1) lib/omniauth/strategy.rb:186:in `call!'
omniauth (1.3.1) lib/omniauth/strategy.rb:164:in `call'
omniauth (1.3.1) lib/omniauth/strategy.rb:186:in `call!'
omniauth (1.3.1) lib/omniauth/strategy.rb:164:in `call'
rack-attack (4.4.1) lib/rack/attack.rb:107:in `call'
exception_notification (4.2.1) lib/exception_notification/rack.rb:32:in `call'
warden (1.2.6) lib/warden/manager.rb:35:in `block in call'
warden (1.2.6) lib/warden/manager.rb:34:in `catch'
warden (1.2.6) lib/warden/manager.rb:34:in `call'
rack (1.6.4) lib/rack/etag.rb:24:in `call'
rack (1.6.4) lib/rack/conditionalget.rb:38:in `call'
rack (1.6.4) lib/rack/head.rb:13:in `call'
actionpack (4.2.7) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.2.7) lib/action_dispatch/middleware/flash.rb:260:in `call'
rack (1.6.4) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.6.4) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.2.7) lib/action_dispatch/middleware/cookies.rb:560:in `call'
actionpack (4.2.7) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.2.7) lib/active_support/callbacks.rb:88:in `__run_callbacks__'
activesupport (4.2.7) lib/active_support/callbacks.rb:778:in `_run_call_callbacks'
activesupport (4.2.7) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (4.2.7) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.2.7) lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
actionpack (4.2.7) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
actionpack (4.2.7) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.2.7) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.2.7) lib/rails/rack/logger.rb:20:in `block in call'
activesupport (4.2.7) lib/active_support/tagged_logging.rb:68:in `block in tagged'
activesupport (4.2.7) lib/active_support/tagged_logging.rb:26:in `tagged'
activesupport (4.2.7) lib/active_support/tagged_logging.rb:68:in `tagged'
railties (4.2.7) lib/rails/rack/logger.rb:20:in `call'
ahoy_matey (1.4.2) lib/ahoy/engine.rb:22:in `call_with_quiet_ahoy'
request_store (1.3.1) lib/request_store/middleware.rb:9:in `call'
actionpack (4.2.7) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.6.4) lib/rack/methodoverride.rb:22:in `call'
rack (1.6.4) lib/rack/runtime.rb:18:in `call'
activesupport (4.2.7) lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
rack (1.6.4) lib/rack/sendfile.rb:113:in `call'
actionpack (4.2.7) lib/action_dispatch/middleware/ssl.rb:24:in `call'
railties (4.2.7) lib/rails/engine.rb:518:in `call'
railties (4.2.7) lib/rails/application.rb:165:in `call'
/usr/lib/ruby/vendor_ruby/phusion_passenger/rack/thread_handler_extension.rb:97:in `process_request'
/usr/lib/ruby/vendor_ruby/phusion_passenger/request_handler/thread_handler.rb:160:in `accept_and_process_next_request'
/usr/lib/ruby/vendor_ruby/phusion_passenger/request_handler/thread_handler.rb:113:in `main_loop'
/usr/lib/ruby/vendor_ruby/phusion_passenger/request_handler.rb:416:in `block (3 levels) in start_threads'
/usr/lib/ruby/vendor_ruby/phusion_passenger/utils.rb:113:in `block in create_thread_and_abort_on_exception'
I am with Dorian on this one as for the solution.
If you're looking to the cause I'm fairly positive that this issue report in rails github hits true, especially this little section:
# Browser quits, clearing session cookies
# Browser re-opens, reloads the page from cache without doing a request
This is especially true since by defualt Rails uses turbolinks which encourages caching (by default 10 pages if I recall).
Another way this can be potentially replicated is by having a user load your DOM (and thus your cookies / session) and then having them manually destroy their session or cookies through the browser management tools (e.g: chrome://settings). This should also reproduce the error since you will have the hidden tag for csrf in the form, but not the session cookie... and you need both.
You should probably null the session in your production environment instead of throwing an exception:
In you ApplicationController (or any controller you are concerned about) add:
protect_from_forgery with: :null_session
If you are really worried about it, my advice would be to log to error to Bugsnag for instance and there you will be able to review the request and understand why it happened.
When I updating to from rails 3.2 to rails 4.2 the gems are all compatible for rails 4 was cross checked with this
when I run server it will throwing error as below.
Processing by HomeController#index as HTML
Completed 500 Internal Server Error in 28ms (ActiveRecord: 0.0ms)
TypeError (incompatible marshal file format (can't be read)
format version 4.8 required; 123.34 given):
activesupport (4.2.4) lib/active_support/core_ext/marshal.rb:6:in `load'
activesupport (4.2.4) lib/active_support/core_ext/marshal.rb:6:in `load_with_autoloading'
actionpack (4.2.4) lib/action_dispatch/middleware/cookies.rb:424:in `deserialize'
actionpack (4.2.4) lib/action_dispatch/middleware/cookies.rb:516:in `[]'
actionpack (4.2.4) lib/action_dispatch/middleware/session/cookie_store.rb:114:in `get_cookie'
actionpack (4.2.4) lib/action_dispatch/middleware/session/cookie_store.rb:90:in `block in unpacked_cookie_data'
actionpack (4.2.4) lib/action_dispatch/middleware/session/abstract_store.rb:51:in `stale_session_check!'
actionpack (4.2.4) lib/action_dispatch/middleware/session/cookie_store.rb:89:in `unpacked_cookie_data'
actionpack (4.2.4) lib/action_dispatch/middleware/session/cookie_store.rb:83:in `block in extract_session_id'
actionpack (4.2.4) lib/action_dispatch/middleware/session/abstract_store.rb:51:in `stale_session_check!'
actionpack (4.2.4) lib/action_dispatch/middleware/session/cookie_store.rb:82:in `extract_session_id'
actionpack (4.2.4) lib/action_dispatch/request/session.rb:49:in `block in []'
actionpack (4.2.4) lib/action_dispatch/request/session.rb:48:in `fetch'
actionpack (4.2.4) lib/action_dispatch/request/session.rb:48:in `[]'
actionpack (4.2.4) lib/action_dispatch/request/session.rb:70:in `id'
rack (1.6.4) lib/rack/session/abstract/id.rb:282:in `current_session_id'
rack (1.6.4) lib/rack/session/abstract/id.rb:288:in `session_exists?'
actionpack (4.2.4) lib/action_dispatch/request/session.rb:152:in `exists?'
actionpack (4.2.4) lib/action_dispatch/request/session.rb:172:in `load_for_read!'
actionpack (4.2.4) lib/action_dispatch/request/session.rb:89:in `[]'
warden (1.2.3) lib/warden/session_serializer.rb:30:in `fetch'
warden (1.2.3) lib/warden/proxy.rb:212:in `user'
warden (1.2.3) lib/warden/proxy.rb:318:in `_perform_authentication'
warden (1.2.3) lib/warden/proxy.rb:104:in `authenticate'
devise (3.5.2) lib/devise/controllers/helpers.rb:120:in `current_user'
activesupport (4.2.4) lib/active_support/callbacks.rb:432:in `block in make_lambda'
activesupport (4.2.4) lib/active_support/callbacks.rb:290:in `call'
activesupport (4.2.4) lib/active_support/callbacks.rb:290:in `block (2 levels) in halting_and_conditional'
activesupport (4.2.4) lib/active_support/callbacks.rb:290:in `each'
activesupport (4.2.4) lib/active_support/callbacks.rb:290:in `all?'
activesupport (4.2.4) lib/active_support/callbacks.rb:290:in `block in halting_and_conditional'
activesupport (4.2.4) lib/active_support/callbacks.rb:497:in `call'
activesupport (4.2.4) lib/active_support/callbacks.rb:497:in `block in around'
activesupport (4.2.4) lib/active_support/callbacks.rb:505:in `call'
activesupport (4.2.4) lib/active_support/callbacks.rb:505:in `call'
activesupport (4.2.4) lib/active_support/callbacks.rb:92:in `__run_callbacks__'
activesupport (4.2.4) lib/active_support/callbacks.rb:778:in `_run_process_action_callbacks'
activesupport (4.2.4) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (4.2.4) lib/abstract_controller/callbacks.rb:19:in `process_action'
actionpack (4.2.4) lib/action_controller/metal/rescue.rb:29:in `process_action'
actionpack (4.2.4) lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
activesupport (4.2.4) lib/active_support/notifications.rb:164:in `block in instrument'
activesupport (4.2.4) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.2.4) lib/active_support/notifications.rb:164:in `instrument'
actionpack (4.2.4) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
actionpack (4.2.4) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
activerecord (4.2.4) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
actionpack (4.2.4) lib/abstract_controller/base.rb:137:in `process'
actionview (4.2.4) lib/action_view/rendering.rb:30:in `process'
actionpack (4.2.4) lib/action_controller/metal.rb:196:in `dispatch'
actionpack (4.2.4) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.2.4) lib/action_controller/metal.rb:237:in `block in action'
actionpack (4.2.4) lib/action_dispatch/routing/route_set.rb:76:in `call'
actionpack (4.2.4) lib/action_dispatch/routing/route_set.rb:76:in `dispatch'
actionpack (4.2.4) lib/action_dispatch/routing/route_set.rb:45:in `serve'
actionpack (4.2.4) lib/action_dispatch/journey/router.rb:43:in `block in serve'
actionpack (4.2.4) lib/action_dispatch/journey/router.rb:30:in `each'
actionpack (4.2.4) lib/action_dispatch/journey/router.rb:30:in `serve'
actionpack (4.2.4) lib/action_dispatch/routing/route_set.rb:821:in `call'
client_side_validations (3.2.7) lib/client_side_validations/middleware.rb:17:in `call'
warden (1.2.3) lib/warden/manager.rb:35:in `block in call'
warden (1.2.3) lib/warden/manager.rb:34:in `catch'
warden (1.2.3) lib/warden/manager.rb:34:in `call'
rack (1.6.4) lib/rack/etag.rb:24:in `call'
rack (1.6.4) lib/rack/conditionalget.rb:25:in `call'
rack (1.6.4) lib/rack/head.rb:13:in `call'
actionpack (4.2.4) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.2.4) lib/action_dispatch/middleware/flash.rb:260:in `call'
rack (1.6.4) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.6.4) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.2.4) lib/action_dispatch/middleware/cookies.rb:560:in `call'
activerecord (4.2.4) lib/active_record/query_cache.rb:36:in `call'
activerecord (4.2.4) lib/active_record/connection_adapters/abstract/connection_pool.rb:653:in `call'
activerecord (4.2.4) lib/active_record/migration.rb:377:in `call'
actionpack (4.2.4) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.2.4) lib/active_support/callbacks.rb:88:in `__run_callbacks__'
activesupport (4.2.4) lib/active_support/callbacks.rb:778:in `_run_call_callbacks'
activesupport (4.2.4) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (4.2.4) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.2.4) lib/action_dispatch/middleware/reloader.rb:73:in `call'
actionpack (4.2.4) lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
actionpack (4.2.4) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
actionpack (4.2.4) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.2.4) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.2.4) lib/rails/rack/logger.rb:20:in `block in call'
activesupport (4.2.4) lib/active_support/tagged_logging.rb:68:in `block in tagged'
activesupport (4.2.4) lib/active_support/tagged_logging.rb:26:in `tagged'
activesupport (4.2.4) lib/active_support/tagged_logging.rb:68:in `tagged'
railties (4.2.4) lib/rails/rack/logger.rb:20:in `call'
actionpack (4.2.4) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.6.4) lib/rack/methodoverride.rb:22:in `call'
rack (1.6.4) lib/rack/runtime.rb:18:in `call'
activesupport (4.2.4) lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
rack (1.6.4) lib/rack/lock.rb:17:in `call'
rack (1.6.4) lib/rack/sendfile.rb:113:in `call'
railties (4.2.4) lib/rails/engine.rb:518:in `call'
railties (4.2.4) lib/rails/application.rb:165:in `call'
rack (1.6.4) lib/rack/content_length.rb:15:in `call'
thin (1.6.4) lib/thin/connection.rb:86:in `block in pre_process'
thin (1.6.4) lib/thin/connection.rb:84:in `catch'
thin (1.6.4) lib/thin/connection.rb:84:in `pre_process'
thin (1.6.4) lib/thin/connection.rb:53:in `process'
thin (1.6.4) lib/thin/connection.rb:39:in `receive_data'
eventmachine (1.0.8) lib/eventmachine.rb:193:in `run_machine'
eventmachine (1.0.8) lib/eventmachine.rb:193:in `run'
thin (1.6.4) lib/thin/backends/base.rb:73:in `start'
thin (1.6.4) lib/thin/server.rb:162:in `start'
rack (1.6.4) lib/rack/handler/thin.rb:19:in `run'
rack (1.6.4) lib/rack/server.rb:286:in `start'
railties (4.2.4) lib/rails/commands/server.rb:80:in `start'
railties (4.2.4) lib/rails/commands/commands_tasks.rb:80:in `block in server'
railties (4.2.4) lib/rails/commands/commands_tasks.rb:75:in `tap'
railties (4.2.4) lib/rails/commands/commands_tasks.rb:75:in `server'
railties (4.2.4) lib/rails/commands/commands_tasks.rb:39:in `run_command!'
railties (4.2.4) lib/rails/commands.rb:17:in `<top (required)>'
bin/rails:4:in `require'
bin/rails:4:in `<main>'
Is something missing for cookies or session settings or any changes required for devise?
I am facing different issue as well
Rails 4 upgrade JSON::ParseError for old sessions
Ruby on Rails TypeError
But no luck I had changed secret token.
It seem to be a checksum verification error. And in the callstack it comes just after CookieStore middleware. I'd try the following:
Empty cookies and cache in my web browser
If using server side cookie store: empty its storage (ex: empty the sessions database table when using activerecord-session_store)
Clean the content of my_app/tmp directory with rake tmp:clear
i had the same issue when i upgraded from Rails 3.2.16 to Rails 4.2.0 and it was assets problem try do the following:
bundle exec rake assets:clean
bundle exec rake assets:precompile
I am new to Rails so pardon if this question is relatively simple - I went through all the other similar errors on SO and no solutions were of use.
I am trying to print a list of ingredients from this api call and getting the error Rails: undefined method 'ingredients' for nil:NilClass. Any help is appreciated!
My code snippets are:
about page:
<% content_for :title do %>About<% end %>
<h3>About the Website</h3>
<p>
This web application was created with
<%= link_to('Rails Composer', 'http://railsapps.github.io/rails-composer/') %>
from the <%= link_to('RailsApps project', 'http://railsapps.github.io/') %>.
Ingredients are <%= #recommendations.ingredients %>
</p>
model:
class Recommendations
require 'httparty'
attr_accessor :matches, :ingredients
def fetch_recipe
encoded_url = URI.encode("http://api.yummly.com/v1/api/recipes?_app_id=ca19779e&_app_key=125204344682094834d68637a8222adf&q=chicken&allowedCourse[]=course^course-Lunch&maxResult=100&start=1")
parsed_url = URI.parse(encoded_url)
HTTParty.get(parsed_url)
end
def initialize
recipe_hash = fetch_recipe
assign_values(recipe_hash)
end
def assign_values(recipe_hash)
recipe_response = recipe_hash.parsed_response['matches'][0]
self.ingredients = recipe_response['ingredients']
end
end
controller:
class RecommendationsController < ApplicationController
def home
#recommendations = Recommendations.new
end
end
logs:
Started GET "/pages/about" for 127.0.0.1 at 2014-07-28 17:43:40 -0700
Processing by HighVoltage::PagesController#show as HTML
Parameters: {"id"=>"about"}
Rendered pages/about.html.erb within layouts/application (1.0ms)
Completed 500 Internal Server Error in 4ms
NoMethodError - undefined method `ingredients' for nil:NilClass:
app/views/pages/about.html.erb:7:in `_app_views_pages_about_html_erb___310183375408592724_70240131703120'
actionview (4.1.2) lib/action_view/template.rb:145:in `block in render'
activesupport (4.1.2) lib/active_support/notifications.rb:161:in `instrument'
actionview (4.1.2) lib/action_view/template.rb:339:in `instrument'
actionview (4.1.2) lib/action_view/template.rb:143:in `render'
actionview (4.1.2) lib/action_view/renderer/template_renderer.rb:55:in `block (2 levels) in render_template'
actionview (4.1.2) lib/action_view/renderer/abstract_renderer.rb:38:in `block in instrument'
activesupport (4.1.2) lib/active_support/notifications.rb:159:in `block in instrument'
activesupport (4.1.2) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.1.2) lib/active_support/notifications.rb:159:in `instrument'
actionview (4.1.2) lib/action_view/renderer/abstract_renderer.rb:38:in `instrument'
actionview (4.1.2) lib/action_view/renderer/template_renderer.rb:54:in `block in render_template'
actionview (4.1.2) lib/action_view/renderer/template_renderer.rb:62:in `render_with_layout'
actionview (4.1.2) lib/action_view/renderer/template_renderer.rb:53:in `render_template'
actionview (4.1.2) lib/action_view/renderer/template_renderer.rb:17:in `render'
actionview (4.1.2) lib/action_view/renderer/renderer.rb:42:in `render_template'
actionview (4.1.2) lib/action_view/renderer/renderer.rb:23:in `render'
actionview (4.1.2) lib/action_view/rendering.rb:99:in `_render_template'
actionpack (4.1.2) lib/action_controller/metal/streaming.rb:217:in `_render_template'
actionview (4.1.2) lib/action_view/rendering.rb:82:in `render_to_body'
actionpack (4.1.2) lib/action_controller/metal/rendering.rb:32:in `render_to_body'
actionpack (4.1.2) lib/action_controller/metal/renderers.rb:32:in `render_to_body'
actionpack (4.1.2) lib/abstract_controller/rendering.rb:25:in `render'
actionpack (4.1.2) lib/action_controller/metal/rendering.rb:16:in `render'
actionpack (4.1.2) lib/action_controller/metal/instrumentation.rb:41:in `block (2 levels) in render'
activesupport (4.1.2) lib/active_support/core_ext/benchmark.rb:12:in `block in ms'
/System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/benchmark.rb:296:in `realtime'
activesupport (4.1.2) lib/active_support/core_ext/benchmark.rb:12:in `ms'
actionpack (4.1.2) lib/action_controller/metal/instrumentation.rb:41:in `block in render'
actionpack (4.1.2) lib/action_controller/metal/instrumentation.rb:84:in `cleanup_view_runtime'
activerecord (4.1.2) lib/active_record/railties/controller_runtime.rb:25:in `cleanup_view_runtime'
actionpack (4.1.2) lib/action_controller/metal/instrumentation.rb:40:in `render'
high_voltage (2.2.0) app/controllers/concerns/high_voltage/static_page.rb:28:in `show'
actionpack (4.1.2) lib/action_controller/metal/implicit_render.rb:4:in `send_action'
actionpack (4.1.2) lib/abstract_controller/base.rb:189:in `process_action'
actionpack (4.1.2) lib/action_controller/metal/rendering.rb:10:in `process_action'
actionpack (4.1.2) lib/abstract_controller/callbacks.rb:20:in `block in process_action'
activesupport (4.1.2) lib/active_support/callbacks.rb:113:in `call'
activesupport (4.1.2) lib/active_support/callbacks.rb:113:in `call'
activesupport (4.1.2) lib/active_support/callbacks.rb:229:in `block in halting'
activesupport (4.1.2) lib/active_support/callbacks.rb:166:in `call'
activesupport (4.1.2) lib/active_support/callbacks.rb:166:in `block in halting'
activesupport (4.1.2) lib/active_support/callbacks.rb:166:in `call'
activesupport (4.1.2) lib/active_support/callbacks.rb:166:in `block in halting'
activesupport (4.1.2) lib/active_support/callbacks.rb:149:in `call'
activesupport (4.1.2) lib/active_support/callbacks.rb:149:in `block in halting_and_conditional'
activesupport (4.1.2) lib/active_support/callbacks.rb:229:in `call'
activesupport (4.1.2) lib/active_support/callbacks.rb:229:in `block in halting'
activesupport (4.1.2) lib/active_support/callbacks.rb:166:in `call'
activesupport (4.1.2) lib/active_support/callbacks.rb:166:in `block in halting'
activesupport (4.1.2) lib/active_support/callbacks.rb:86:in `call'
activesupport (4.1.2) lib/active_support/callbacks.rb:86:in `run_callbacks'
actionpack (4.1.2) lib/abstract_controller/callbacks.rb:19:in `process_action'
actionpack (4.1.2) lib/action_controller/metal/rescue.rb:29:in `process_action'
actionpack (4.1.2) lib/action_controller/metal/instrumentation.rb:31:in `block in process_action'
activesupport (4.1.2) lib/active_support/notifications.rb:159:in `block in instrument'
activesupport (4.1.2) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
activesupport (4.1.2) lib/active_support/notifications.rb:159:in `instrument'
actionpack (4.1.2) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
actionpack (4.1.2) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
activerecord (4.1.2) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
actionpack (4.1.2) lib/abstract_controller/base.rb:136:in `process'
actionview (4.1.2) lib/action_view/rendering.rb:30:in `process'
actionpack (4.1.2) lib/action_controller/metal.rb:196:in `dispatch'
actionpack (4.1.2) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
actionpack (4.1.2) lib/action_controller/metal.rb:232:in `block in action'
actionpack (4.1.2) lib/action_dispatch/routing/route_set.rb:82:in `call'
actionpack (4.1.2) lib/action_dispatch/routing/route_set.rb:82:in `dispatch'
actionpack (4.1.2) lib/action_dispatch/routing/route_set.rb:50:in `call'
actionpack (4.1.2) lib/action_dispatch/journey/router.rb:71:in `block in call'
actionpack (4.1.2) lib/action_dispatch/journey/router.rb:59:in `each'
actionpack (4.1.2) lib/action_dispatch/journey/router.rb:59:in `call'
actionpack (4.1.2) lib/action_dispatch/routing/route_set.rb:678:in `call'
bullet (4.12.0) lib/bullet/rack.rb:10:in `call'
meta_request (0.3.3) lib/meta_request/middlewares/app_request_handler.rb:13:in `call'
rack-contrib (1.1.0) lib/rack/contrib/response_headers.rb:17:in `call'
meta_request (0.3.3) lib/meta_request/middlewares/headers.rb:16:in `call'
meta_request (0.3.3) lib/meta_request/middlewares/meta_request_handler.rb:13:in `call'
warden (1.2.3) lib/warden/manager.rb:35:in `block in call'
warden (1.2.3) lib/warden/manager.rb:34:in `catch'
warden (1.2.3) lib/warden/manager.rb:34:in `call'
rack (1.5.2) lib/rack/etag.rb:23:in `call'
rack (1.5.2) lib/rack/conditionalget.rb:25:in `call'
rack (1.5.2) lib/rack/head.rb:11:in `call'
actionpack (4.1.2) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
actionpack (4.1.2) lib/action_dispatch/middleware/flash.rb:254:in `call'
rack (1.5.2) lib/rack/session/abstract/id.rb:225:in `context'
rack (1.5.2) lib/rack/session/abstract/id.rb:220:in `call'
actionpack (4.1.2) lib/action_dispatch/middleware/cookies.rb:560:in `call'
activerecord (4.1.2) lib/active_record/query_cache.rb:36:in `call'
activerecord (4.1.2) lib/active_record/connection_adapters/abstract/connection_pool.rb:621:in `call'
activerecord (4.1.2) lib/active_record/migration.rb:380:in `call'
actionpack (4.1.2) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (4.1.2) lib/active_support/callbacks.rb:82:in `run_callbacks'
actionpack (4.1.2) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (4.1.2) lib/action_dispatch/middleware/reloader.rb:73:in `call'
actionpack (4.1.2) lib/action_dispatch/middleware/remote_ip.rb:76:in `call'
better_errors (1.1.0) lib/better_errors/middleware.rb:84:in `protected_app_call'
better_errors (1.1.0) lib/better_errors/middleware.rb:79:in `better_errors_call'
better_errors (1.1.0) lib/better_errors/middleware.rb:56:in `call'
actionpack (4.1.2) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
actionpack (4.1.2) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
railties (4.1.2) lib/rails/rack/logger.rb:38:in `call_app'
railties (4.1.2) lib/rails/rack/logger.rb:20:in `block in call'
activesupport (4.1.2) lib/active_support/tagged_logging.rb:68:in `block in tagged'
activesupport (4.1.2) lib/active_support/tagged_logging.rb:26:in `tagged'
activesupport (4.1.2) lib/active_support/tagged_logging.rb:68:in `tagged'
railties (4.1.2) lib/rails/rack/logger.rb:20:in `call'
quiet_assets (1.0.3) lib/quiet_assets.rb:23:in `call_with_quiet_assets'
actionpack (4.1.2) lib/action_dispatch/middleware/request_id.rb:21:in `call'
rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'
rack (1.5.2) lib/rack/runtime.rb:17:in `call'
activesupport (4.1.2) lib/active_support/cache/strategy/local_cache_middleware.rb:26:in `call'
rack (1.5.2) lib/rack/lock.rb:17:in `call'
actionpack (4.1.2) lib/action_dispatch/middleware/static.rb:64:in `call'
rack (1.5.2) lib/rack/sendfile.rb:112:in `call'
railties (4.1.2) lib/rails/engine.rb:514:in `call'
railties (4.1.2) lib/rails/application.rb:144:in `call'
rack (1.5.2) lib/rack/content_length.rb:14:in `call'
thin (1.6.2) lib/thin/connection.rb:86:in `block in pre_process'
thin (1.6.2) lib/thin/connection.rb:84:in `catch'
thin (1.6.2) lib/thin/connection.rb:84:in `pre_process'
thin (1.6.2) lib/thin/connection.rb:53:in `process'
thin (1.6.2) lib/thin/connection.rb:39:in `receive_data'
eventmachine (1.0.3) lib/eventmachine.rb:187:in `run_machine'
eventmachine (1.0.3) lib/eventmachine.rb:187:in `run'
thin (1.6.2) lib/thin/backends/base.rb:73:in `start'
thin (1.6.2) lib/thin/server.rb:162:in `start'
rack (1.5.2) lib/rack/handler/thin.rb:16:in `run'
rack (1.5.2) lib/rack/server.rb:264:in `start'
railties (4.1.2) lib/rails/commands/server.rb:69:in `start'
railties (4.1.2) lib/rails/commands/commands_tasks.rb:81:in `block in server'
railties (4.1.2) lib/rails/commands/commands_tasks.rb:76:in `tap'
railties (4.1.2) lib/rails/commands/commands_tasks.rb:76:in `server'
railties (4.1.2) lib/rails/commands/commands_tasks.rb:40:in `run_command!'
railties (4.1.2) lib/rails/commands.rb:17:in `<top (required)>'
bin/rails:8:in `require'
bin/rails:8:in `<top (required)>'
spring (1.1.3) lib/spring/client/rails.rb:27:in `load'
spring (1.1.3) lib/spring/client/rails.rb:27:in `call'
spring (1.1.3) lib/spring/client/command.rb:7:in `call'
spring (1.1.3) lib/spring/client.rb:26:in `run'
spring (1.1.3) bin/spring:48:in `<top (required)>'
spring (1.1.3) lib/spring/binstub.rb:11:in `load'
spring (1.1.3) lib/spring/binstub.rb:11:in `<top (required)>'
/Library/Ruby/Site/2.0.0/rubygems/core_ext/kernel_require.rb:55:in `require'
/Library/Ruby/Site/2.0.0/rubygems/core_ext/kernel_require.rb:55:in `require'
bin/spring:16:in `<top (required)>'
bin/rails:3:in `load'
bin/rails:3:in `<main>'
class RecommendationsController < ApplicationController
def home
#recommendations = Recommendations.new
end
def about
#recommendations = Recommendations.new
end
end
add the recommendations instantiation to your about action too.
Better yet, refactor it into a method:
class RecommendationsController < ApplicationController
before_filter :new_recommendation, :only =>[:home, :about]
private
def new_recommentation
#recommendations = Recommendations.new
end
end
Ingredients of nil can, most logically, be also nil. Solve your problem by defining
def nil.ingredients
nil
end