[Mongrel] Mongrel can't handle some URLs that IE6 sends

Rick Olson technoweenie at gmail.com
Sun Oct 15 12:31:23 EDT 2006


On 10/15/06, Eden Li <eden.li at gmail.com> wrote:
> IE6 happily sends unsafe* characters unencoded if you've typed them
> into the URL bar of your IE6 window.  This could happen if you copy &
> paste a URL from an email or web page.
>
> Mongrel doesn't seem to handle these properly.  In 0.3.13.3 it would
> print out something like:
>
>    Sun Oct 15 23:05:38 CST 2006: BAD CLIENT (192.168.1.2): Invalid
> HTTP format, parsing fails.
>
> 0.3.13.5 seems to ignore the request altogether (not even debug logs
> say anything).
>
> It seems other web servers like LighTPD handle requests like this
> without issue.  Shouldn't mongrel follow suit?  It isn't standard and
> IE7 seems to have fixed this, but IE6 is still a large chunk of the
> browser market, and I'd like for my users to get something more
> meaningful than an IE error page if they've accidentally copied
> something out of an email incorrectly.
>
> If there won't be a patch for Mongrel, is there some way I can get
> LighTPD/pen to escape the request on Mongrel's behalf?
>
> * According to rfc2068: unsafe = CTL | SP | <"> | "#" | "%" | "<" | ">"

You could probably write a mongrel handler to cuddle with the params.
-- 
Rick Olson
http://weblog.techno-weenie.net
http://mephistoblog.com


More information about the Mongrel-users mailing list