Error

[amykirschner]

Hi @ziyan-junaideen - got 5 of these last night. - looks like someone having trouble logging in? I haven't been contacted by anyone about it. Trying to figure out if we need to take an action here...

A NoMethodError occurred in person_sessions#new:

undefined method html?' for nil:NilClass app/controllers/application_controller.rb:237:inadmin_warning'

---

Request:

• URL : https://mighty-sea-9942.herokuapp.com/login.aspx
• HTTP Method: GET
• IP address : 39.40.66.240
• Parameters : {"controller"=>"person_sessions", "action"=>"new", "format"=>"aspx"}
• Timestamp : 2016-09-13 04:26:42 -0700
• Server : 2e8a6f5f-b287-46dc-af6b-16fd10068d2a
• Rails root : /app
• Process: 28

---

Session:

• session id: [FILTERED]
• data: {}

---

Environment:

• HTTP_ACCEPT_ENCODING : identity
• HTTP_CONNECTION : close
• HTTP_CONNECT_TIME : 1
• HTTP_HOST : mighty-sea-9942.herokuapp.com
• HTTP_TOTAL_ROUTE_TIME : 0
• HTTP_USER_AGENT : Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1
• HTTP_VERSION : HTTP/1.1
• HTTP_VIA : 1.1 vegur
• HTTP_X_FORWARDED_FOR : 39.40.66.240
• HTTP_X_FORWARDED_PORT : 443
• HTTP_X_FORWARDED_PROTO : https
• HTTP_X_REQUEST_ID : 3ec33008-79d6-4eb6-9aaf-6ad8fe9c6689
• HTTP_X_REQUEST_START : 1473766001989
• ORIGINAL_FULLPATH : /login.aspx
• PATH_INFO : /login.aspx
• QUERY_STRING :
• REMOTE_ADDR : 10.148.0.210
• REQUEST_METHOD : GET
• REQUEST_PATH : /login.aspx
• REQUEST_URI : /login.aspx
• SCRIPT_NAME :
• SERVER_NAME : mighty-sea-9942.herokuapp.com
• SERVER_PORT : 443
• SERVER_PROTOCOL : HTTP/1.1
• SERVER_SOFTWARE : Unicorn 4.5.0
• action_controller.instance : #PersonSessionsController:0x00000008c280f0
• action_dispatch.backtrace_cleaner : #Rails::BacktraceCleaner:0x00000008a55e30
• action_dispatch.cookies : #ActionDispatch::Cookies::CookieJar:0x00000008c140a0
• action_dispatch.logger : #ActiveSupport::TaggedLogging:0x000000059755e0
• action_dispatch.parameter_filter : [:password, :credit_card, :expire, :cvc, /RAW_POST_DATA/, /RAW_POST_DATA/, /RAW_POST_DATA/]
• action_dispatch.remote_ip : 39.40.66.240
• action_dispatch.request.content_type :
• action_dispatch.request.formats : []
• action_dispatch.request.parameters : {"controller"=>"person_sessions", "action"=>"new", "format"=>"aspx"}
• action_dispatch.request.path_parameters : {:controller=>"person_sessions", :action=>"new", :format=>"aspx"}
• action_dispatch.request.query_parameters : {}
• action_dispatch.request.request_parameters : {}
• action_dispatch.request.unsigned_session_cookie: {}
• action_dispatch.request_id : 3ec33008-79d6-4eb6-9aaf-6ad8fe9c6689
• action_dispatch.routes : #ActionDispatch::Routing::RouteSet:0x0000000294bfb8
• action_dispatch.secret_token : v0nu0nsfi90ja2fg0w4xnwa9lxv9ybzd0mtm9ttogevwxg3zjw7hnigwalfr6lwk
• action_dispatch.show_detailed_exceptions : false
• action_dispatch.show_exceptions : true
• oauth.client_application_candidate :
• oauth.token_candidate :
• oauth_plugin : true
• rack-cache.allow_reload : false
• rack-cache.allow_revalidate : false
• rack-cache.cache_key : Rack::Cache::Key
• rack-cache.default_ttl : 0
• rack-cache.entitystore : rails:/
• rack-cache.ignore_headers : ["Set-Cookie"]
• rack-cache.metastore : rails:/
• rack-cache.private_headers : ["Authorization", "Cookie"]
• rack-cache.storage : #Rack::Cache::Storage:0x00000005026bd8
• rack-cache.use_native_ttl : false
• rack-cache.verbose : false
• rack.errors : #IO:0x000000021b9228
• rack.input : #StringIO:0x00000002a165d8
• rack.logger : #Logger:0x00000002868ab0
• rack.multiprocess : true
• rack.multithread : false
• rack.request.cookie_hash : {}
• rack.request.query_hash : {}
• rack.request.query_string :
• rack.run_once : false
• rack.session : {}
• rack.session.options : {:path=>"/", :domain=>nil, :expire_after=>"[FILTERED]", :secure=>true, :httponly=>true, :defer=>false, :renew=>false, :secret=>"257a81f2ad1378729e9782bdd7c77d3f5a65961ea3c329e403ea3d67830c", :coder=>#Rack::Session::Cookie::Base64::Marshal:0x000000070068e0, :id=>nil}
• rack.url_scheme : https
• rack.version : [1, 1]

---

Backtrace:

app/controllers/application_controller.rb:237:in admin_warning' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:441:inblock in _run3792866041797082178process_action2406499358745787383callbacks' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:215:in block in _conditional_callback_around_2318' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:326:inaround' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:310:in _callback_around_13' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:214:in_conditional_callback_around_2318' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:425:in _run__3792866041797082178__process_action__2406499358745787383__callbacks' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:405:inrun_callback' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:385:in _run_process_action_callbacks' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:81:inrun_callbacks' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/abstract_controller/callbacks.rb:17:in process_action' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_controller/metal/rescue.rb:29:inprocess_action' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_controller/metal/instrumentation.rb:30:in block in process_action' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/notifications.rb:123:inblock in instrument' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/notifications/instrumenter.rb:20:in instrument' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/notifications.rb:123:ininstrument' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_controller/metal/instrumentation.rb:29:in process_action' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_controller/metal/params_wrapper.rb:207:inprocess_action' vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.16/lib/active_record/railties/controller_runtime.rb:18:in process_action' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/abstract_controller/base.rb:121:inprocess' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/abstract_controller/rendering.rb:45:in process' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_controller/metal.rb:203:indispatch' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_controller/metal/rack_delegation.rb:14:in dispatch' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_controller/metal.rb:246:inblock in action' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/routing/route_set.rb:73:in call' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/routing/route_set.rb:73:indispatch' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/routing/route_set.rb:36:in call' vendor/bundle/ruby/1.9.1/gems/journey-1.0.4/lib/journey/router.rb:68:inblock in call' vendor/bundle/ruby/1.9.1/gems/journey-1.0.4/lib/journey/router.rb:56:in each' vendor/bundle/ruby/1.9.1/gems/journey-1.0.4/lib/journey/router.rb:56:incall' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/routing/route_set.rb:608:in call' vendor/bundle/ruby/1.9.1/gems/rack-pjax-0.7.0/lib/rack/pjax.rb:12:incall' vendor/bundle/ruby/1.9.1/gems/exception_notification-4.0.1/lib/exception_notification/rack.rb:28:in call' vendor/gems/oauth-plugin-0.4.0.pre7/lib/oauth/rack/oauth_filter.rb:71:incall' vendor/bundle/ruby/1.9.1/gems/rack-openid-1.3.1/lib/rack/openid.rb:98:in call' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/best_standards_support.rb:17:incall' vendor/bundle/ruby/1.9.1/gems/rack-1.4.7/lib/rack/etag.rb:23:in call' vendor/bundle/ruby/1.9.1/gems/rack-1.4.7/lib/rack/conditionalget.rb:25:incall' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/head.rb:14:in call' vendor/bundle/ruby/1.9.1/gems/remotipart-1.0.2/lib/remotipart/middleware.rb:30:incall' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/params_parser.rb:21:in call' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/flash.rb:242:incall' vendor/bundle/ruby/1.9.1/gems/rack-1.4.7/lib/rack/session/abstract/id.rb:210:in context' vendor/bundle/ruby/1.9.1/gems/rack-1.4.7/lib/rack/session/abstract/id.rb:205:incall' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/cookies.rb:341:in call' vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.16/lib/active_record/query_cache.rb:64:incall' vendor/bundle/ruby/1.9.1/gems/activerecord-3.2.16/lib/active_record/connection_adapters/abstract/connection_pool.rb:479:in call' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/callbacks.rb:28:inblock in call' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:405:in `_run2756098214661621531call27624153995814832__callbacks' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:405:in__run_callback' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:385:in_run_call_callbacks' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/callbacks.rb:81:inrun_callbacks' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/callbacks.rb:27:incall' vendor/bundle/ruby/1.9.1/gems/rack-1.4.7/lib/rack/sendfile.rb:102:incall' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/remote_ip.rb:31:incall' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/debug_exceptions.rb:16:incall' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/show_exceptions.rb:56:incall' vendor/bundle/ruby/1.9.1/gems/railties-3.2.16/lib/rails/rack/logger.rb:32:incall_app' vendor/bundle/ruby/1.9.1/gems/railties-3.2.16/lib/rails/rack/logger.rb:16:inblock in call' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/tagged_logging.rb:22:intagged' vendor/bundle/ruby/1.9.1/gems/railties-3.2.16/lib/rails/rack/logger.rb:16:incall' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/request_id.rb:22:incall' vendor/bundle/ruby/1.9.1/gems/rack-1.4.7/lib/rack/methodoverride.rb:21:incall' vendor/bundle/ruby/1.9.1/gems/rack-1.4.7/lib/rack/runtime.rb:17:incall' vendor/bundle/ruby/1.9.1/gems/activesupport-3.2.16/lib/active_support/cache/strategy/local_cache.rb:72:incall' vendor/bundle/ruby/1.9.1/gems/rack-1.4.7/lib/rack/lock.rb:15:incall' vendor/bundle/ruby/1.9.1/gems/actionpack-3.2.16/lib/action_dispatch/middleware/static.rb:63:incall' vendor/bundle/ruby/1.9.1/gems/rack-ssl-1.3.4/lib/rack/ssl.rb:27:incall' vendor/bundle/ruby/1.9.1/gems/rack-cache-1.6.1/lib/rack/cache/context.rb:140:inforward' vendor/bundle/ruby/1.9.1/gems/rack-cache-1.6.1/lib/rack/cache/context.rb:249:infetch' vendor/bundle/ruby/1.9.1/gems/rack-cache-1.6.1/lib/rack/cache/context.rb:189:inlookup' vendor/bundle/ruby/1.9.1/gems/rack-cache-1.6.1/lib/rack/cache/context.rb:66:incall!' vendor/bundle/ruby/1.9.1/gems/rack-cache-1.6.1/lib/rack/cache/context.rb:51:incall' vendor/bundle/ruby/1.9.1/gems/railties-3.2.16/lib/rails/engine.rb:484:incall' vendor/bundle/ruby/1.9.1/gems/railties-3.2.16/lib/rails/application.rb:231:incall' vendor/bundle/ruby/1.9.1/gems/railties-3.2.16/lib/rails/railtie/configurable.rb:30:inmethod_missing' vendor/bundle/ruby/1.9.1/gems/unicorn-4.5.0/lib/unicorn/http_server.rb:552:inprocess_client' vendor/bundle/ruby/1.9.1/gems/unicorn-4.5.0/lib/unicorn/http_server.rb:628:inworker_loop' vendor/bundle/ruby/1.9.1/gems/unicorn-4.5.0/lib/unicorn/http_server.rb:500:inspawn_missing_workers' vendor/bundle/ruby/1.9.1/gems/unicorn-4.5.0/lib/unicorn/http_server.rb:142:instart' vendor/bundle/ruby/1.9.1/gems/unicorn-4.5.0/bin/unicorn:121:in<top (required)>' vendor/bundle/ruby/1.9.1/bin/unicorn:23:inload' vendor/bundle/ruby/1.9.1/bin/unicorn:23:in

'

[ziyan-junaideen]

Checking.

[ziyan-junaideen]

The who ever or what ever causing this was trying to access https://mighty-sea-9942.herokuapp.com/login.aspx.

This is not a valid URL for the app. In this case the request is for 'ASPx' which is Microsoft technology and we are on Rails. While this could be done with malicious intent, most of the time it is not of a concern.

If you are interested, we can make the login page improved to make add some protection to the login process.

[amykirschner]

Hi @ziyan-junaideen thank you. Yes, I am interested, we can talk about it after the Monthly Statement milestone is finished.