Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ActionDispatch::Cookies::CookieOverflow not reported #361

Open
PeterMozesMerl opened this issue Aug 17, 2016 · 4 comments
Open

ActionDispatch::Cookies::CookieOverflow not reported #361

PeterMozesMerl opened this issue Aug 17, 2016 · 4 comments

Comments

@PeterMozesMerl
Copy link

I have been using this gem for ages, it’s one of the core gems I could hardly live without, but I trusted it too much. Recently, a customer reported she could not log in. When finally found the error (after I wondered I should have received emails), I checked the logs how many times we had this and I wanted to cry. (We lost thousands of users over the last 3 months because of this.)

See: #29

Anyway, I can easily reproduce it in development.

If I add a line

blablabla

into our sign in method, I receive the email about the NameError.

But if I add this

session[:hello] = [1] * 1000

I see the exception in the browser. No email received.

Yeah, we were close to the 4K cookie limit already, but only a small percentage of the users hit it, for who knows how long.

Rails 4.2.7
ExceptionNotification 4.2.1

It’s configured as:

Rails.application.config.middleware.use ExceptionNotification::Rack, email: {...}
@PeterMozesMerl
Copy link
Author

Note: the second spec passes for the wrong behaviour. It should fail as soon as ActionDispatch::Cookies::CookieOverflow is caught and notified about.

require 'rails_helper'

describe 'Exception Notification', type: :request do
    ##
    # Spec whether we receive the emails
    #

    scenario 'Notifies about exceptions' do
        # Spec with multiple errors
        exception = [NameError, NoMethodError].sample

        # Should not
        expect do get root_path end.to_not raise_error

        # Should raise
        expect_any_instance_of(ApplicationController).to receive(:save_referer) { raise exception }

        # Should notify
        expect do
            expect do get root_path end.to raise_error exception
        end.to change { ActionMailer::Base.deliveries.count }.by 1
    end

    scenario 'Does not notify about ActionDispatch::Cookies::CookieOverflow' do
        # Specific exception
        exception = ActionDispatch::Cookies::CookieOverflow

        # Should raise
        expect_any_instance_of(ApplicationController).to receive(:save_referer).and_call_original

        # Should but won’t notify
        expect do
            expect do get root_path cookie_length: ('a' * 5000) end.to raise_error exception
        end.to_not change { ActionMailer::Base.deliveries.count }
    end
end
def save_referer
    session[:requested_url] = request.original_url if session[:requested_url].blank?
end

@zubru
Copy link

zubru commented Apr 8, 2019

Got similar problem lately. Any chances of fixing it or help?
Rails 5.0.7
ExceptionNotification 4.2.2

Will upgrade

@EmilioCristalli
Copy link
Collaborator

@PeterMozesMerl @zubru I think this is related to the order of the middlewares.

Can you try using something like this?

Rails.application.config.middleware.insert_after ActionDispatch::DebugExceptions, ExceptionNotification::Rack, email: {...}

@KirtashW17
Copy link

@EmilioCristalli I had the same issue and inserting the middleware after ActionDispatch::DebugExceptions like you said has solved it.

Lot of thanks :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@EmilioCristalli @PeterMozesMerl @zubru @KirtashW17