search

sendgrid / sendgrid-ruby

The Official Twilio SendGrid Led, Community Driven Ruby API Library
https://sendgrid.com
MIT License
621 stars 324 forks source link

SendGridWebhookVerification middleware unexpectedly changes request body's reading position #441

Closed snaka closed 3 years ago

snaka commented 3 years ago

Issue Summary

SendGridWebhookVerification middleware unexpectedly changes request body's reading position. So, rails application raises following exception.

ActionDispatch::Http::Parameters::ParseError (no implicit conversion of nil into String):

Steps to Reproduce

  1. Run sample rails application and follow README

Code Snippet

(none)

Exception/Log

Started POST "/sendgrid/signed/webhook" for 54.70.106.128 at 2020-09-26 19:42:07 +0900
Cannot render console from 54.70.106.128! Allowed networks: 127.0.0.0/127.255.255.255, ::1
Error occurred while parsing request parameters.
Contents:

ActionDispatch::Http::Parameters::ParseError (no implicit conversion of nil into String):

actionpack (6.0.3.3) lib/action_dispatch/http/parameters.rb:114:in `rescue in parse_formatted_parameters'
actionpack (6.0.3.3) lib/action_dispatch/http/parameters.rb:110:in `parse_formatted_parameters'
actionpack (6.0.3.3) lib/action_dispatch/http/request.rb:389:in `block in POST'
rack (2.2.3) lib/rack/request.rb:69:in `fetch'
rack (2.2.3) lib/rack/request.rb:69:in `fetch_header'
actionpack (6.0.3.3) lib/action_dispatch/http/request.rb:388:in `POST'
actionpack (6.0.3.3) lib/action_dispatch/http/parameters.rb:55:in `parameters'
actionpack (6.0.3.3) lib/action_controller/metal/params_wrapper.rb:278:in `_wrapper_enabled?'
actionpack (6.0.3.3) lib/action_controller/metal/params_wrapper.rb:244:in `process_action'
actionpack (6.0.3.3) lib/abstract_controller/base.rb:136:in `process'
actionview (6.0.3.3) lib/action_view/rendering.rb:39:in `process'
actionpack (6.0.3.3) lib/action_controller/metal.rb:190:in `dispatch'
actionpack (6.0.3.3) lib/action_controller/metal.rb:254:in `dispatch'
actionpack (6.0.3.3) lib/action_dispatch/routing/route_set.rb:50:in `dispatch'
actionpack (6.0.3.3) lib/action_dispatch/routing/route_set.rb:33:in `serve'
actionpack (6.0.3.3) lib/action_dispatch/journey/router.rb:49:in `block in serve'
actionpack (6.0.3.3) lib/action_dispatch/journey/router.rb:32:in `each'
actionpack (6.0.3.3) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (6.0.3.3) lib/action_dispatch/routing/route_set.rb:834:in `call'
sendgrid-ruby (6.3.4) lib/rack/sendgrid_webhook_verification.rb:42:in `call'
rack (2.2.3) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.3) lib/rack/etag.rb:27:in `call'
rack (2.2.3) lib/rack/conditional_get.rb:40:in `call'
rack (2.2.3) lib/rack/head.rb:12:in `call'
actionpack (6.0.3.3) lib/action_dispatch/http/content_security_policy.rb:18:in `call'
rack (2.2.3) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.3) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/cookies.rb:648:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
activesupport (6.0.3.3) lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack (6.0.3.3) lib/action_dispatch/middleware/callbacks.rb:26:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/executor.rb:14:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/actionable_exceptions.rb:17:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/debug_exceptions.rb:32:in `call'
web-console (4.0.4) lib/web_console/middleware.rb:132:in `call_app'
web-console (4.0.4) lib/web_console/middleware.rb:19:in `block in call'
web-console (4.0.4) lib/web_console/middleware.rb:17:in `catch'
web-console (4.0.4) lib/web_console/middleware.rb:17:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
railties (6.0.3.3) lib/rails/rack/logger.rb:37:in `call_app'
railties (6.0.3.3) lib/rails/rack/logger.rb:26:in `block in call'
activesupport (6.0.3.3) lib/active_support/tagged_logging.rb:80:in `block in tagged'
activesupport (6.0.3.3) lib/active_support/tagged_logging.rb:28:in `tagged'
activesupport (6.0.3.3) lib/active_support/tagged_logging.rb:80:in `tagged'
railties (6.0.3.3) lib/rails/rack/logger.rb:26:in `call'
sprockets-rails (3.2.2) lib/sprockets/rails/quiet_assets.rb:13:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/request_id.rb:27:in `call'
rack (2.2.3) lib/rack/method_override.rb:24:in `call'
rack (2.2.3) lib/rack/runtime.rb:22:in `call'
activesupport (6.0.3.3) lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/executor.rb:14:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/static.rb:126:in `call'
rack (2.2.3) lib/rack/sendfile.rb:110:in `call'
actionpack (6.0.3.3) lib/action_dispatch/middleware/host_authorization.rb:76:in `call'
webpacker (4.3.0) lib/webpacker/dev_server_proxy.rb:23:in `perform_request'
rack-proxy (0.6.5) lib/rack/proxy.rb:57:in `call'
railties (6.0.3.3) lib/rails/engine.rb:527:in `call'
puma (4.3.6) lib/puma/configuration.rb:228:in `call'
puma (4.3.6) lib/puma/server.rb:713:in `handle_request'
puma (4.3.6) lib/puma/server.rb:472:in `process_client'
puma (4.3.6) lib/puma/server.rb:328:in `block in run'
puma (4.3.6) lib/puma/thread_pool.rb:134:in `block in spawn_thread'
Error occurred while parsing request parameters.
Contents:

Technical details:

thinkingserious commented 3 years ago

Hello @snaka,

Thanks for taking the time to report this and to create a PR!

This issue has been added to our internal backlog to be prioritized. Pull requests and +1s on the issue summary will help it move up the backlog.

With best regards,

Elmer