Rails: losing quotes in post parameters

2019-05-10 17:46发布

问题:

I'm adding full-text search to my Rails site and allowing users to enter double quotes in the search input box. The problem is that the double quotes seem to get filtered out by Mongrel and so I never receive those quotes in the values of the params hash. How do I prevent this from happening? I'm running Rails 2.3.8.

[Edit: added analysis data]

In Firebug I see the post parameter being posted correctly with quotes:

search_criteria "great post"

In the development log, however, the quotes are gone:

Processing PostsController#search (for 127.0.0.1 at 2010-06-18 17:28:45) [POST] Parameters: {"search_criteria"=>"great post", "action"=>"search", "authenticity_token"=>"xUaOc1IAyjQmKn1NGqBpPVaTBmD4ayPq/lUJsqJGCxY=", "controller"=>"posts"}

And when I log the contents and size of params[:search_criteria] in the controller, I get:

search criteria = great post
search criteria size = 10

[Edit: new discovery] This problem described above does not occur when the quoted string is trailed or preceded by another character, e.g. a space.

回答1:

Apparently this is a bug in rack 1.1.0. The fix [patch here] was made for rack 1.2.0. However, actionpack (and thus, rails) 2.3.6 through 2.3.10 depend on rack ~> 1.1.0, so they all have this problem.

Potential solutions with most likely actually happening ordered first...

  • Patch your copy of rack based on above fix
  • Upgrade to Rails 3

This question has tips on how to patch rack.



回答2:

This page has step-by-step instructions on how to patch rack via your app source code; no messing around with gems required. It worked like a charm for me (Rails 2.3.10).