Open aaronskiba opened 1 month ago
All of the request.url entries end in %27
, which is URL encoding for '
.
# app/controllers/concerns/paginable.rb
SORT_COLUMN_FORMAT = /[\w_]+\.[\w_]+$/.freeze
def refine_query(scope)
@args = @args.with_indifferent_access
scope = scope.search(@args[:search]).distinct if @args[:search].present?
# Can raise NoMethodError if the scope does not define a search method
if @args[:sort_field].present?
frmt = @args[:sort_field][SORT_COLUMN_FORMAT]
raise ArgumentError, 'sort_field param looks unsafe' unless frmt
130: def refine_query(scope)
131: byebug
=> 132: @args = @args.with_indifferent_access
133: scope = scope.search(@args[:search]).distinct if @args[:search].present?
134: # Can raise NoMethodError if the scope does not define a search method
135: if @args[:sort_field].present?
136: frmt = @args[:sort_field][SORT_COLUMN_FORMAT]
(byebug) @args[:sort_field]
"plans.title'"
(byebug) @args[:sort_field][SORT_COLUMN_FORMAT]
nil
I can replicate the error when I explicitly input the URL with the '
appended at the end. However, I can't replicate the error any other way.
View details in Rollbar: https://app.rollbar.com/a/ualbertalib/fix/item/dmp_assistant/459