MethodOverride
middleware silently eats invalid parameters.
#2009
Labels
MethodOverride
middleware silently eats invalid parameters.
#2009
See also #2006. cc @byroot @jeremyevans
The current implementation of
method_override_param
effectively eats invalid parameters.The first time this is called, an exception is raised and caught. However, the params is cached, and so no follow-up call to params doesn't appear to fail with the same error. This can change the behaviour of web applications which expect
Rack::Request#POST
or#params
to raise an exception on invalid input.I'm not sure what the ideal behaviour should be. Maybe we need to cache the exception and raise it in subsequent calls?
Example reproduction:
Output:
The text was updated successfully, but these errors were encountered: