Fix issues with bogus % encoded sequences in URLs

Add a URI sanitizer to the rack stack avoid rack throwing exceptions on the server side, and ignore errors decoding components on the client side. Fixes #1101
2015-12-07 13:52:20 +00:00 · 2015-12-07 13:52:20 +00:00 · e20bb507f1
commit e20bb507f1
parent d218d5bf7d
4 changed files with 25 additions and 11 deletions
--- a/3
+++ b/3
@ -54,6 +54,9 @@ gem "i18n-js", ">= 3.0.0.rc10"
 gem "rack-cors"
 gem "actionpack-page_caching"

+# Sanitise URIs
+gem "rack-uri_sanitizer"
+
 # Omniauth for authentication
 gem "omniauth"
 gem "omniauth-openid"