From: Tom Hughes Date: Thu, 1 Nov 2012 12:45:37 +0000 (+0000) Subject: Make sure we always read the body of a PUT or POST request X-Git-Tag: live~5224 X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/c2c2535b73dfd5365fd9c6bb5cecd6876b8cf3a0?hp=3ef02b86f00e9f57d1a5f938c4de209b26d5b61b Make sure we always read the body of a PUT or POST request Unfortunately if a PUT or POST request that has a body fails to read it then Apache will sometimes fail to return the response it is given to the client properly, instead erroring: https://issues.apache.org/bugzilla/show_bug.cgi?id=44782 To work round this we call rewind on the body for every request using a filter, which forces it to be fetched from Apache into a file. --- diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 70a635404..4b2c70825 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -3,6 +3,8 @@ class ApplicationController < ActionController::Base protect_from_forgery + before_filter :fetch_body + if STATUS == :database_readonly or STATUS == :database_offline def self.cache_sweeper(*sweepers) end @@ -404,7 +406,20 @@ class ApplicationController < ActionController::Base format.all { render :nothing => true, :status => :not_found } end end - + + ## + # Unfortunately if a PUT or POST request that has a body fails to + # read it then Apache will sometimes fail to return the response it + # is given to the client properly, instead erroring: + # + # https://issues.apache.org/bugzilla/show_bug.cgi?id=44782 + # + # To work round this we call rewind on the body here, which is added + # as a filter, to force it to be fetched from Apache into a file. + def fetch_body + request.body.rewind + end + private # extract authorisation credentials from headers, returns user = nil if none