Menu
my rails app threw an exception because of a ActionView::MissingTemplate-exception. This was because a request had a http header ACCEPT with the value : */*. The app couldn't find a template for this format (which is what I expect to happen). The user agent was set to Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36.
I'm curious (and a little concerned) about what this means. Is this a problem with rails, a problem with my app, or an attack vector? I've seen answers to similar questions (e.g. Ruby on Rails and strange HTTP_ACCEPT header from PSP) which proposed to rescue these exception and answer with the format set to HTML. However, before using this approach I'd like to now if : */* is an acceptable value for ACCEPT, and which browser would set it like that.
I'm on Rails 3.2.13.
441
This is a known, and ancient, bug in Rails' MIME type parser - see this bug report for details. Workarounds exist, but a fix would be preferable!
110
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
