To clarify, https://gadgetco.hiringthing.com/admin/jobs/k(b.onLoad)&&n(a,'load ',h.onLoad),null==h||'none'
Crashes with the exception "LoadError: Unable to autoload constant Jobs", while https://gadgetco.hiringthing.com/admin/jobs/h.delayType)c(h,b),h.before=b,e= Gives the "RuntimeError: Circular dependency detected while autoloading constant Jobs" exception. Both traces include on Framework files not Application files. Both of these: https://gadgetco.hiringthing.com/admin/jobs/h.delayType)c(h,b),h https://gadgetco.hiringthing.com/admin/jobs/somerandomstring work correctly, hitting our controller and redirecting the user as intended. On Tuesday, January 6, 2015 10:00:11 AM UTC-7, Joshua Siler wrote: > > It's one of two exceptions. Either "RuntimeError: Circular dependency > detected while autoloading constant Jobs" or "LoadError: Unable to > autoload constant Jobs". The trace includes no application files (only > framework files), and we have no "Jobs" object defined in the system. > > We do have a Jobs resource defined in routes for some specific URL > behavior, but no Jobs object. It very well could be related to that... the > question is why > > https://gadgetco.hiringthing.com/admin/jobs/h.delayType)c(h,b),h. > > Triggers this, and > > https://gadgetco.hiringthing.com/admin/jobs/h.delayType)c(h,b),h > > Does not. > > On Tuesday, January 6, 2015 9:50:03 AM UTC-7, Frederick Cheung wrote: >> >> >> >> On Tuesday, January 6, 2015 4:43:03 PM UTC, Joshua Siler wrote: >>> >>> We do get a fair amount of requests to random HTTP verbs and file types, >>> but the system usually handles that just fine (throwing an unknown request >>> exception would be desired behavior.) What concerns me about this is that >>> I'm seeing unexpected behavior, based on the addition of a period in the >>> URL. Something is getting parsed in an usual way somewhere in the stack... >>> >>> >> So what does happen - you said crash in your original post - does that >> mean a segmentation fault, exception, something else? >> >> Fred >> >> >> >>> On Tuesday, January 6, 2015 4:15:00 AM UTC-7, cntrytwist wrote: >>>> >>>> Josh, >>>> Do you see any quit request types along with this? I see quit requests >>>> and it makes the web application complain that it doesn't know what kind >>>> of >>>> request that is. >>>> Kent >>>> >>>> On Monday, January 5, 2015 6:28:56 PM UTC-7, Joshua Siler wrote: >>>>> >>>>> Hi, >>>>> >>>>> We're getting some weird exceptions that look like hack attempts, and >>>>> I'm hoping someone can help us understand them. It looks like an >>>>> intentionally malformed URL is somehow causing unexpected behavior. >>>>> >>>>> Here's what we're seeing. These URLS: >>>>> >>>>> https://gadgetco.hiringthing.com/admin/jobs/h.delayType)c(h,b >>>>> ),h.before=b,e= >>>>> https://gadgetco.hiringthing.com/admin/jobs/h.delayType)c(h,b),h. >>>>> https://gadgetco.hiringthing.com/admin/jobs/k(b.onLoad)&&n(a,'load >>>>> ',h.onLoad),null==h||'none' >>>>> >>>>> Will crash our system, and the trace doesn't include any files from >>>>> our application (just framework code), trying to load a "Jobs" object >>>>> that >>>>> doesn't exist. >>>>> >>>>> https://gadgetco.hiringthing.com/admin/jobs/somerandomstring >>>>> https://gadgetco.hiringthing.com/admin/jobs/h.delayType)c(h,b),h >>>>> >>>>> will work correctly, hitting our controller and successfully redirect >>>>> the user somewhere, and >>>>> >>>>> https://gadgetco.hiringthing.com/admin/jobs/1 >>>>> >>>>> will also work correctly, using Job.find(params[:id]) to load a job >>>>> (note object is Job not Jobs). >>>>> >>>>> Something different is going on between: >>>>> >>>>> https://gadgetco.hiringthing.com/admin/jobs/h.delayType)c(h,b),h. >>>>> (fails) >>>>> https://gadgetco.hiringthing.com/admin/jobs/h.delayType)c(h,b),h >>>>> (works correctly) >>>>> >>>>> and I don't know what. None of the related routes have any fancy regex >>>>> or anything unusual. Any insight would be appreciated. >>>>> >>>>> Thanks for your help. >>>>> Josh >>>>> >>>>> >>>>> -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscr...@googlegroups.com. To post to this group, send email to rubyonrails-talk@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/63505801-1cc6-4b6c-afd6-5f3c856de844%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.