Why isn't this render format limiting requests?

Question

If I allow a controller method #new to render its corresponding view template implicitly/by default, when I request /users/password/new, I see the corresponding template, and when I request /users/password/new.zip, it 404s. This is what I want.

However, because I need to pass a variable to the template, I'm calling render explicitly and passing locals, and formats: :html as well, in order to solve the problem I'm about to describe. So it looks something like:

render :new, locals: { myvar: someval }, formats: :html (basically that)

In this case, the first path renders the template as expected, but requesting /users/password/new.zip renders the new template instead of returning a 404. In other words, it's matching on new and ignoring the extension .zip, which I do not want to match this route.

You may notice that this is a Devise standard path, and the code has nothing else in routes or configuration (as far as I know) that should cause this behavior.

I've tried a number of different variations of this, and done the usual searching, but have not been able to solve this problem.

How can I call render such that I'm able to render the new template, pass it locals as explained, and restrict the response to only :html/default types?

So:

• /users/password/new should succeed, and
• /users/password/new.zip, or any other type besides HTML, should 404

As explained, the latter currently render's Devise's reset password screen (which lives at this path).

Thanks.

Answer 1

I've always used:

respond_to do |format|
  format.html { render :new, locals: { myvar: someval }, formats: :html }
end

But I can't say I've tested what you are testing. But it should only respond to html. Also the last formats: :html may be unnecessary.