current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Stack Overflow is a community of 4.7 million programmers, just like you, helping each other.

Join them; it only takes a minute:

Sign up
Join the Stack Overflow community to:
  1. Ask programming questions
  2. Answer and help your peers
  3. Get recognized for your expertise
up vote 6 down vote favorite

my rails app threw an exception because of a ActionView::MissingTemplate-exception. This was because a request had a http header ACCEPT with the value : */*. The app couldn't find a template for this format (which is what I expect to happen). The user agent was set to Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36.

I'm curious (and a little concerned) about what this means. Is this a problem with rails, a problem with my app, or an attack vector? I've seen answers to similar questions (e.g. Ruby on Rails and strange HTTP_ACCEPT header from PSP) which proposed to rescue these exception and answer with the format set to HTML. However, before using this approach I'd like to now if : */* is an acceptable value for ACCEPT, and which browser would set it like that.

I'm on Rails 3.2.13.

share|improve this question
    
Hi, I'm experiencing the same problem on a production app. I keep getting some request with : */* accept header. In my errbit instance it shows the following browsers: Chrome 27.0.1453.116 (Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36) Internet Explorer 7.0 (Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)) Explore (Explore 6.0). Did you find any solution yet? – Marc Lainez Aug 6 '13 at 9:08
1  
I asked on the rails issue tracker (github.com/rails/rails/issues/11704), and it seems this header is invalid according to the spec. You can either ignore these invalid headers, or you rescue them using a middleware and set the format to html. – fabi Aug 7 '13 at 13:40
up vote 2 down vote accepted

This is a known, and ancient, bug in Rails' MIME type parser - see this bug report for details. Workarounds exist, but a fix would be preferable!

share|improve this answer
    
Thanks, there is a lot of interesting information in the bug report, plus some possible workarounds. I decided to do nothing about it, because it only happened once for me. – fabi Aug 14 '13 at 11:48
    
Rescuing with request.format = "html" is a good solution - much preferable to showing an error page! – Ola Tuvesson Aug 15 '13 at 20:49
up vote 0 down vote

You probably have wrong order in respond_to block, try to add the one with template as first. For example if you want html as default:

respond_to do |format|
  format.html
  format.js
end
share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.