Validate request before attempting redirect

tylerhunt · Mar 15, 2024 · 12708fd · 12708fd
1 parent 4c23f0b
commit 12708fd
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 6 deletions.
diff --git a/lib/rack/canonical_host.rb b/lib/rack/canonical_host.rb
@@ -1,5 +1,6 @@
 require 'rack'
 require 'rack/canonical_host/redirect'
+require 'rack/canonical_host/request'
 require 'rack/canonical_host/version'
 
 module Rack
@@ -12,16 +13,18 @@ def initialize(app, host=nil, options={}, &block)
     end
 
     def call(env)
+      request = Request.new(env)
+
+      return request.bad_request_response unless request.valid?
+
       host = evaluate_host(env)
       redirect = Redirect.new(env, host, options)
 
-      begin
-        return redirect.response unless redirect.canonical?
-      rescue Addressable::URI::InvalidURIError
-        return [400, { Rack::CONTENT_TYPE => "text/plain", Rack::CONTENT_LENGTH => "0" }, []]
+      if redirect.canonical?
+        app.call(env)
+      else
+        redirect.response
       end
-
-      app.call(env)
     end
 
   protected

diff --git a/lib/rack/canonical_host/request.rb b/lib/rack/canonical_host/request.rb
@@ -0,0 +1,37 @@
+require 'addressable/uri'
+require 'rack'
+
+module Rack
+  class CanonicalHost
+    class Request
+      BAD_REQUEST = <<-HTML.gsub(/^\s+/, '')
+        <!DOCTYPE html>
+        <html lang="en-US">
+          <head><title>400 Bad Request</title></head>
+          <body>
+            <h1>Bad Request</h1>
+          </body>
+        </html>
+      HTML
+
+      def initialize(env)
+        self.env = env
+      end
+
+      def valid?
+        Addressable::URI.parse(Rack::Request.new(env).url)
+        true
+      rescue Addressable::URI::InvalidURIError
+        false
+      end
+
+      def bad_request_response
+        [400, { 'content-type' => 'text/html' }, [BAD_REQUEST]]
+      end
+
+    protected
+
+      attr_accessor :env
+    end
+  end
+end