[Mongrel] HTTP parse error due to an extra percent sign

Jonathan Rochkind rochkind at jhu.edu
Wed Jan 7 16:31:50 EST 2009

This particular case actually doesn't bother me in particular.  It may 
be fine for "/%" to be a 400 rather than a 404.

My particular case involved needing to process mal-formed query strings 
sent by third parties. I had no control over these third parties. I 
_needed_ to be able to process query strings that included un-escaped 
ampersands and such. Yes, the third party sending me this information in 
a query string was doing it in a way that was illegal and violated 
standards, but they are more powerful than I, and I can not make them 
change their behavior, and I need to handle those URLs anyway.

I took care of it with a rewrite on the apache end before it reached 
mongrel though. This ended up being somewhat more complicated then I 
hoped it would be becuase of Apache's weird and unpredictable behavior 
when it came to escaping, but now that I have it working, it works out.


Stephan Wehner wrote:
> On Wed, Jan 7, 2009 at 11:44 AM, Robbie Allen <lists at ruby-forum.com> wrote:
>> If you append an extra percent sign to a URL that gets passed to
>> mongrel, it will return a Bad Request error.  Kind of odd that
>> "http://localhost/%" causes a "Bad Request" instead of a "Not Found"
>> error.
>> Here is the error from the mongrel log:
>> HTTP parse error, malformed request (
>> #<Mongrel::HttpParserError: Invalid HTTP format, parsing fails.>
>> I'm using Nginx in front of mongrel.  I understand this is a bad URL,
>> but is there anyway to have mongrel ignore lone percent signs?  Or
>> perhaps a Nginx rewrite rule that will encode extraneous percent signs?
> Out of curiousity, why does mongrel's handling of this case bother you?
> Looks like entirely standard behaviour, see
> http://groklaw.net/%
> http://slashdot.org/%
> http://w3c.org/%
> (All produce status 400)
> Stephan
>> Posted via http://www.ruby-forum.com/.
>> _______________________________________________
>> Mongrel-users mailing list
>> Mongrel-users at rubyforge.org
>> http://rubyforge.org/mailman/listinfo/mongrel-users

Jonathan Rochkind
Digital Services Software Engineer
The Sheridan Libraries
Johns Hopkins University
rochkind (at) jhu.edu

More information about the Mongrel-users mailing list