Project

General

Profile

Actions

Defect #18201

open

Internal server error (500): invalid byte sequence in UTF-8

Added by Björn Peemöller over 9 years ago. Updated over 9 years ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Affected version:

Description

Hi, tonight my local Redmine instance (2.6.0) was visited by YandexBot with an invalid URL:

/login?%BB%A1%20%AA%13%BD%F4%06r

For this input Redmine returned the following error message:

ArgumentError: invalid byte sequence in UTF-8

The reason seems to be an invalid UTF-8 encoding which Rails can not decode successfully. After short googling, I successfully added a gem which tries to sanitize such URLs by replacing invalid bytes (https://github.com/sunny/handle_invalid_percent_encoding_requests, based on discussion http://stackoverflow.com/questions/24648206/ruby-on-rails-invalid-byte-sequence-in-utf-8-due-to-bot), and it works for the above link.

Maybe there is even a better solution, but I think it would be favourable to make Redmine more robust either way.

Regards,
Björn

Actions #1

Updated by Jean-Philippe Lang over 9 years ago

The problem was discussed here: https://github.com/rack/rack/issues/673 and closed as a Rails bug by the rack team.
Same behaviour with trunk and Rails 4.1 but I'm not really in favor of adding this gem to Redmine.

Actions #2

Updated by Björn Peemöller over 9 years ago

I can understand that because this gem is really just a workaround. I manually added this gem for my installation, so I'm fine. Hopefully this issue will be fixed in Rails 4.2 some day.

Actions

Also available in: Atom PDF