diff options
| author | Louise Crow <louise.crow@gmail.com> | 2014-05-15 17:01:22 +0100 |
|---|---|---|
| committer | Louise Crow <louise.crow@gmail.com> | 2014-05-15 17:01:22 +0100 |
| commit | bb5f95040d377d86629012347343fbf2c7dda016 (patch) | |
| tree | be696ec2615b098db34449a982fcb09a68c9c49b /app/controllers/application_controller.rb | |
| parent | 6d215fba5cc709c43f12f86da39a643e4be5922b (diff) | |
| parent | 21027d0d1197e7ac447296ab68a25159860888b2 (diff) | |
Merge remote-tracking branch 'origin/release/0.18'0.18
Diffstat (limited to 'app/controllers/application_controller.rb')
| -rw-r--r-- | app/controllers/application_controller.rb | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 370e8e15c..78a82316a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -129,8 +129,9 @@ class ApplicationController < ActionController::Base @exception_class = exception.class.to_s @exception_message = exception.message case exception - when ActiveRecord::RecordNotFound, RouteNotFound + when ActiveRecord::RecordNotFound, RouteNotFound, WillPaginate::InvalidPage @status = 404 + sanitize_path(params) when PermissionDenied @status = 403 else @@ -431,7 +432,11 @@ class ApplicationController < ActionController::Base def country_from_ip country = "" if !AlaveteliConfiguration::gaze_url.empty? - country = quietly_try_to_open("#{AlaveteliConfiguration::gaze_url}/gaze-rest?f=get_country_from_ip;ip=#{request.remote_ip}") + begin + country = quietly_try_to_open("#{AlaveteliConfiguration::gaze_url}/gaze-rest?f=get_country_from_ip;ip=#{request.remote_ip}") + rescue ActionDispatch::RemoteIp::IpSpoofAttackError + country = AlaveteliConfiguration::iso_country_code + end end country = AlaveteliConfiguration::iso_country_code if country.empty? return country @@ -441,6 +446,15 @@ class ApplicationController < ActionController::Base `git log -1 --format="%H"`.strip end + # URL Encode the path parameter for use in render_exception + # + # params - the params Hash + # + # Returns a Hash + def sanitize_path(params) + params.merge!(:path => Rack::Utils.escape(params[:path])) if params.key?(:path) + end + # URL generating functions are needed by all controllers (for redirects), # views (for links) and mailers (for use in emails), so include them into # all of all. |