Defect #18201

Internal server error (500): invalid byte sequence in UTF-8

Added by Björn Peemöller over 5 years ago. Updated over 5 years ago.

Status:NewStart date:
Priority:LowDue date:
Assignee:-% Done:

0%

Category:-
Target version:-
Resolution: Affected version:2.6.0

Description

Hi, tonight my local Redmine instance (2.6.0) was visited by YandexBot with an invalid URL:

/login?%BB%A1%20%AA%13%BD%F4%06r

For this input Redmine returned the following error message:

ArgumentError: invalid byte sequence in UTF-8

The reason seems to be an invalid UTF-8 encoding which Rails can not decode successfully. After short googling, I successfully added a gem which tries to sanitize such URLs by replacing invalid bytes (https://github.com/sunny/handle_invalid_percent_encoding_requests, based on discussion http://stackoverflow.com/questions/24648206/ruby-on-rails-invalid-byte-sequence-in-utf-8-due-to-bot), and it works for the above link.

Maybe there is even a better solution, but I think it would be favourable to make Redmine more robust either way.

Regards,
Björn

History

#1 Updated by Jean-Philippe Lang over 5 years ago

The problem was discussed here: https://github.com/rack/rack/issues/673 and closed as a Rails bug by the rack team.
Same behaviour with trunk and Rails 4.1 but I'm not really in favor of adding this gem to Redmine.

#2 Updated by Björn Peemöller over 5 years ago

I can understand that because this gem is really just a workaround. I manually added this gem for my installation, so I'm fine. Hopefully this issue will be fixed in Rails 4.2 some day.

Also available in: Atom PDF