CODEWITHSUNDEEP
ruby-on-rails
DogEatDog
DogEatDog

Reputation: 3037

Rails ActionView::MissingTemplate for templates that should not exist

I randomly get this error when in production from certain IP Addresses on the root path. The rails app does not support the formats :formats=>[:gif, "image/x-xbitmap", :jpeg, "image/pjpeg", "application/x-shockwave-flash", "application/vnd.ms-excel", "application/vnd.ms-powerpoint", "application/msword"] so this error seems to be expected if a request is being made for them. I'm guessing that someone or some bot is trying to run an exploit against the site -- how can I redirect or route these kinds of requests back to the route path such that an error is not produced?

ActionView::MissingTemplate: Missing template front_page/index, application/index with {:locale=>[:en], :formats=>[:gif, "image/x-xbitmap", :jpeg, "image/pjpeg", "application/x-shockwave-flash", "application/vnd.ms-excel", "application/vnd.ms-powerpoint", "application/msword"], :variants=>[], :handlers=>[:erb, :builder, :raw, :ruby, :coffee, :arb, :jbuilder]}. Searched in:
  * "/app/app/views"
  * "/app/vendor/bundle/ruby/2.0.0/gems/activeadmin-1.0.0.pre2/app/views"
  * "/app/vendor/bundle/ruby/2.0.0/gems/kaminari-0.16.3/app/views"
  * "/app/vendor/bundle/ruby/2.0.0/gems/devise-3.5.2/app/views"

  File "/app/vendor/bundle/ruby/2.0.0/gems/actionview-4.2.4/lib/action_view/path_set.rb", line 46, in find
  File "/app/vendor/bundle/ruby/2.0.0/gems/actionview-4.2.4/lib/action_view/lookup_context.rb", line 121, in find
  File "/app/vendor/bundle/ruby/2.0.0/gems/actionview-4.2.4/lib/action_view/renderer/abstract_renderer.rb", line 18, in find_template

The full error is here

Upvotes: 4

Views: 726

Answers (2)

fbelanger
fbelanger

Reputation: 3568

To achieve the result desired in your comment:

constraints :format => "html" do
  resources ...
end

Or if you need more flexibility:

# application_controller.rb
ApplicationController < ActionController::Base
  before_action :check_format!
  ...
  def check_format!
    unless request.format == :html
      render :nothing status: :bad_request
    end
  end
  ...
end

But overall, I feel like this is all a ton of overkill...

Plus, it's very typical to see buckets of respond_to in controllers, because the normal behaviour is to try and serve up the any format. Otherwise, there would probably be tons of configurations and such.

Is there a way to do this for all controller actions unless explicitly stated

So when you say unless explicitly stated you're sort of swimming against the current.

Upvotes: 5

fbelanger
fbelanger

Reputation: 3568

I'm not sure that this will work for you, but perhaps something like:

def index
   ...
  respond_to do |format|
    format.html
    format.all { render status: :bad_request }
  end
end

Upvotes: 4

Related Questions