Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Can't create a route that has a segment with a leading dot in Rails (to verify Let's Encrypt)

In my Rails 5 app on Heroku, I'm trying to create a route for this URL: http://beta.example.com/.well-known/acme-challenge/some-key, so I can verify my server with Let's Encrypt to get an SSL certificate. But I can't get the route to work with a leading dot or period in any segment of the route, it just returns 404 Not Found.

In other words, the dot at the beginning of .well-known is screwing things up. I can get a route to work without the dot, or if the dot is somewhere else (e.g. well.known), but if the dot is the first character in the segment, it doesn't work.

I started with this:

get "/.well-known/acme-challenge/:id" => "pages#letsencrypt"

When that didn't work, I tried using a (dynamic segment):

get ':letsencrypt_route/acme-challenge/:id', to: "pages#letsencrypt", letsencrypt_route: /[^\/]+/

This will allow a dot anywhere in the segment... except as the first character, which is where I need it.

Any idea what's causing this? When I try and navigate to a URL that has a leading dot in a segment, it doesn't even show anything in my log, it's just an immediate 404.

I've seen some people having this issue on both Rails 4 and Rails 5, and it's happening for me using either Thin or Puma, and in both development and production. I've also tried using a couple of the letsencrypt gems, but it stalls at the same point.

Here is my Gemfile with the gems in both environments:

source "https://rubygems.org"

ruby "2.3.1"

gem "rails", "5.0.0.1"

gem "pg", "0.18.4" # postgresql database
gem "twitter-bootstrap-rails", "~> 3.2.2"

gem "active_median", "~> 0.1.0" # used with chartkick for graph reporting
gem "activerecord-session_store", require: false # save session to database
gem "acts-as-taggable-on", git: "https://github.com/mbleigh/acts-as-taggable-on" # tagging
gem "administrate", git: "https://github.com/heyogrady/administrate", branch: "rails5"
gem "analytics-ruby", "~> 2.0.0", require: "segment/analytics" # segment.io
gem "arel"
gem "autoprefixer-rails" # for CSS vendor prefixes
gem "bootbox-rails", "~>0.4" # wrappers for javascript dialogs
gem "bootstrap-switch-rails" # bootstrap-switch.js
gem "bourbon"
gem "bower-rails" # install front-end components
gem "browser" # For variants support
gem "carrierwave" # for handling file uploads
gem "carmen-rails" # country and region selection
gem "chartkick", "~> 1.2.4" # used to provide nice looking charts
gem "chronic" # natural language date parser
gem "codemirror-rails", ">= 5.11" # display source code in pattern library
gem "coffee-rails", ">= 4.1.1"
gem "coffee-script-source", ">= 1.8.0" # Coffee script source
gem "country_select" # HTML list of countries
gem "dalli" # for memcached
gem "delayed_job_active_record", ">= 4.1" # background job processing
gem "delayed_job_web", ">= 1.2.10" # web interface for delayed job
gem "devise", ">= 4.2.0"
gem "devise-async", git: "https://github.com/mhfs/devise-async", branch: "devise-4.x" # for user authentication
gem "flamegraph" # super pretty flame graphs
gem "fog", require: false # for handling s3
# gem "font_assets" # Handle Cross-Origin Resource Sharing on fonts
gem "font_assets", git: "https://github.com/ericallam/font_assets", ref: "457dcfddc4318e83679e9a0935612924b7717085"
gem "friendly_id", "~> 5.1.0"
gem "fullcontact" # social profile info from fullcontact.com
gem "fuzzy_match" # used by smart_csv_parser for contact & address mapping
gem "google-api-client", "< 0.9", require: "google/api_client" # connecting to Google API
gem "groupdate", "~> 2.1.1" # used with chartkick for graph reporting
gem "handy", git: "https://github.com/heyogrady/handy"
gem "hike" # finds files in a set of paths
gem "honeybadger" # for error tracking
gem "intercom-rails" # tracking user behavior
gem "jbuilder", ">= 2.4.1" # for building JSON
gem "jquery-fileupload-rails", "~> 0.4.6" # file uploads
gem "jquery-rails" # jQuery
gem "jquery-ui-rails" # jQuery UI
gem "json" # for parsing JSON
gem "kaminari" # pagination
gem "le" # logentries
gem "less-rails", ">= 2.7.1" # LESS => CSS
gem "lograge" # better log formatting
gem "mandrill-api" # sending and tracking emails
gem "mechanize" # for screen scraping
gem "memory_profiler" # lets us use rack-mini-profilers GC features
gem "mini_magick" # processing images
gem "newrelic_rpm" # monitor app performance
gem "nylas", "1.1.0" # emails, calendar, contacts via Nylas.com
gem "oink"
gem "omniauth" # third party authentication
gem "omniauth-google-oauth2" # Google authentication
gem "omnicontacts" # retrieve contacts from email providers
gem "open_uri_redirections" # allow OpenURI redirections from HTTP to HTTPS
gem "paper_trail" # maintain record of stripe plans & subscriptions
gem "prawn-labels" # PDF labels
gem "puma" # server
gem "public_activity" # for model activity tracking
gem "rack-mini-profiler", require: false # display page load time badge
gem "rack-timeout" # raise error if Puma doesn't respond in given time
gem "rack-zippy" # serve gzipped assets
gem "rails-deprecated_sanitizer" # Our app uses old sanitizer methods.
gem "react-rails", "~> 1.6.0"
gem "responders", "~> 2.0" # respond_with and respond_to methods
gem "rest-client"
gem "sass-rails", ">= 5.0.3"
gem "semantic-ui-sass", git: "https://github.com/heyogrady/semantic-ui-sass"
gem "select2-rails" # select/search/dropdown box
gem "selenium-webdriver", require: false # screen-scraping
gem "signet"
gem "simple_form", ">= 3.2.1" # forms made easy for rails
gem "sinatra", git: "https://github.com/sinatra/sinatra"
gem "stripe", "~> 1.15.0" # charging customers
gem "stripe_event" # Stripe webhook integration
gem "stackprof" # a stack profiler
gem "state_machines-activemodel", ">= 0.4.0.pre"
gem "state_machines-activerecord", ">= 0.4.0.pre"
gem "toastr-rails" # display toaster notifications
gem "therubyracer", platforms: :ruby
gem "turbolinks", "~> 5.0.0.beta" # faster page loads
gem "twilio-ruby" # phone and SMS services
gem "twitter-typeahead-rails", "~> 0.11.1.pre.corejavascript" # typeahead.js - autocomplete
gem "uglifier", ">= 1.0.3"
gem "uuidtools"
gem "valid_email" # email validation
gem "wicked" # multi-page wizard forms
gem "yaml_db", git: "https://github.com/heyogrady/yaml_db", branch: "monkey-patch-rails-5" # import/export yml->db
gem "yaml_dump", git: "https://github.com/vanboom/yaml_dump" # dump db records to yaml files
# gem "zeroclipboard-rails", "~> 0.1.1" # copy to clipboard
like image 619
Patrick O'Grady Avatar asked Nov 08 '22 09:11

Patrick O'Grady


1 Answers

The problem was with the rack-zippy gem. When I removed the gem and the initializer, the route worked fine.

Not sure if the root cause was gzipping in general, this particular gem, or the fact that the gem was apparently redundant for my Rails 5 app. From the rack-zippy github page:

Want to use rack-zippy with a Rails v4.2 or greater app? Its recommended you don't! Rails 4.2+ now supports serving gzipped files directly so there's no need for rack-zippy in Rails 4.2+ apps.

If anybody else is having a similar issue, I would look for any gems or customization that affect your middleware.

like image 172
Patrick O'Grady Avatar answered Nov 15 '22 05:11

Patrick O'Grady