Mark
Reputation: 6455
Rails - rerouting malicious PHP requests
I'm wondering what the best way for me to do this would be, i.e. routing any request with '.php' to the root path..
I've looked through the docs and can find plenty on wildcard routes, but little / nothing on conditional routes. Is there a way for me to do this in the config/routes file? Or would I need to set up a redirect in the controller based on the format of the request?
Thanks in advance.
Upvotes: 0
Views: 42
Answers (2)
Rob Di Marco
Reputation: 44962
You can definitely do a redirection from the routes file.
It would look something like:
get '*.php', to: redirect('/'), format: false
The format: false ignores the extension as a determinant for content type (e.g. HTML, JSON).
Upvotes: 1
Nikita Misharin
Reputation: 2030
Here is a way to do it, not sure if the best one though.
get '*path.php', to: redirect('/')
Upvotes: 0
Related Questions
- How to protect against tampering with the URL in Rails
- How to avoid invalid url requests attack?
- Rails RESTful routing with security in mind
- Script Kiddie attempts triggering Rails URI::InvalidURIError - how to filter?
- Url security trouble
- There is a common practice to reject "malicious" user-input to a rails application
- Rails do something and redirect?
- PHP to Rails 3 routing
- Rails: How to produce 404 or redirect upon undesired url exploitation?
- Rails Route that Updates or Redirects