I've got a RESTful resource (let's say posts) that excludes the index action. When I go to /posts, ActionController::MethodNotAllowed is raised because GET requests at that URL have been excluded. That much makes sense.
The problem is that in the production environment, that URL just generates a white screen in the browser. I can see ActionController::MethodNotAllowed being raised in the production log. I would expect that this would also cause a 404 or 500 error so that the error pages in the public directory would serve a pretty error page to the client.
Does this cause a different HTTP status code? How can I handle this?
I'm not positive about what the error might be, but you should get Firebug and check what the HTTP response code coming back is.
To get around the issue, you could do one of two things:
Don't disallow that page in the routes, but have the only code in that method do a redirect to an appropriate page.
Add a custom route that overrides GET /posts, which points to your desired controller.
Related
I'm trying to optimize my page speed, and I am receiving this error. I'm kind of confused by what its trying to tell me because it's only listing my domain twice?
It is merely informing you of the resources requested that are required to render the "above the fold" content.
As the initial query was to http and you redirected to https that still counts as 2 requests so it is just informing you.
You need to realise the stuff under "diagnostics" has nothing to do with scoring and is purely there to help you identify potential issues.
In reality there is nothing you need to do here (other than maybe change your redirect to a 301 instead of a 307 redirect as that would be a be a "permanent redirect" instead of a "temporary redirect").
I have a ruby-on-rails application running locally on a WEBrick server. I am using Postman to trigger HTTP Methods (POST, GET, etc) in order to check if any error page is shown to the users. The figure below shows one of the error pages found when performing a POST to the home page:
WEBrick Error page
As one can note, the physical path to the application directory is disclosed: /home/dennis/dunbarwebsite
Leaking this kind of information may help one fine-tune attacks against the application. Hence, I would like to know if it is possible to forward this error page to a custom one, like the custom redirection to errors 404 and 500.
Thanks in advance,
Dennis.
That error page only appears in development mode.
Add a catchall route at the end of routes.rb:
match "*path", to: redirect('/'), via: :all
I initially asked this question, which shows that I see MVC errors of missing POST values. I was unable to reproduce - I still can't reproduce it on demand, but I did get the error myself on IE11, and I got a clue...
I have an application in IIS7.5 running with Basic authentication only. I look in Fiddler, and normally all transactions have Authorization: Basic xxxxx as expected. The body contains POST values as expected, and Content-Length is correct.
When I experienced this problem, I found that every single request (GETs and POSTs, including static content) was now showing Authorization: Negotiate xxxxx in Fiddler, with an empty body and zero Content-Length, even when I submitted a POST object via jQuery AJAX, and IE's dev tools shows the real POST body (which of course means IE is lying - not the first time). It gets a 401 response, and then a new request occurs with Basic, but also with an empty POST body, which means ASP.NET throws an error about missing parameter values.
Other web applications on the same top-level domain do use Windows authentication instead of Basic, and my suspicion is that the user goes to one of these sites, and IE becomes confused and thinks that my application should use Windows authentication as well - but I can't reproduce that every time. I have reproduced it twice, but out of a dozen or so times of doing the same thing over and over, so I'm not finding a way to make it reproduce every time.
I don't know why the POST body would get emptied, even if it does switch over and try to do WinAuth instead of basic - but that's when the problem occurs, so I'm sure it's related.
Any ideas on how to prevent IE from getting confused and using Negotiate, or at least how to detect and gracefully handle this on the server? I've only seen it in IE, but I can't be sure it's IE-only.
Here's what a normal POST looks like:
Then after the problem starts occurring, the exact same POST looks like:
EDIT
Here's an interesting edit - I just saw a new symptom. This time, all GET requests are coming in with no Authorization header at all, and the response comes back with a 401 for basic, and the GET is re-done properly with basic. But the POSTs are going through normally, with basic on the first try. I don't know what started this happening, but it's a similar symptom of the same problem.
I have a rails app in which I would like /500 to route to a regular page. How do I configure the app so that when 500 errors occur, the app does not look for the error page at /500.html but rather at some other filename I specify?
I understand how to make custom error pages. My concern is around at what route those pages are reached. I do not want [root]/500 to go to an error page. I want the /500 page to live somewhere else, and am hoping to handle that within my rails app rather than through external config.
We are currently capturing the requested URL when someone gets redirected to our 404 page. However, this does not allow us to see reports on things like broken images. Is it possible to get this information in SiteCatalyst, for example by taking the URL of every server request that received a 404 response and store it in a a variable? What would be a sensible way to go about this? I Googled and couldn't find anything
I want to be able to pull a report on every broken URL reference of a site and the page it happened on...
You can configure your webserver, says Apache, for instance, to redirect an 404 error to a specific web page, says:
ErrorDocument 404 /my_path/not_found.html
Then you can configure your dispatch inside the not_found.html, in a embedded JavaScript.
Here's how to configure apache to redirect this error request:
http://httpd.apache.org/docs/2.2/custom-error.html