Fix issues with bogus % encoded sequences in URLs

Add a URI sanitizer to the rack stack avoid rack throwing exceptions on the server side, and ignore errors decoding components on the client side. Fixes #1101
2015-12-07 13:52:20 +00:00 · 2015-12-07 13:52:20 +00:00 · e20bb507f1
commit e20bb507f1
parent d218d5bf7d
4 changed files with 25 additions and 11 deletions
--- a/app/assets/javascripts/osm.js.erb
+++ b/app/assets/javascripts/osm.js.erb
@ -53,7 +53,12 @@ OSM = {
        j = pair.indexOf('='),
        key = pair.slice(0, j),
        val = pair.slice(++j);
-      params[key] = decodeURIComponent(val);
+
+      try {
+        params[key] = decodeURIComponent(val);
+      } catch (e) {
+        // Ignore parse exceptions
+      }
    }

    return params;