Send 404 for error: ArgumentError: invalid value for Integer(): "6'A=0"

[henare]

This seems to be happening where a bot is hitting this path, possibly probing. We shouldn't be raising and throwing a 500 here, it should be 404.

Backtrace

line 14 of [PROJECT_ROOT]/app/controllers/comments_controller.rb: index

View full backtrace and more info at honeybadger.io

[equivalentideas]

More examples:

• https://app.honeybadger.io/projects/37075/faults/31270657#notice-summary
• https://app.honeybadger.io/projects/37075/faults/31723825

[zoek1]

Hi, can anybody show the logs? 'cause honeybadger show me that I'm not allowed and I don't know if the bug is what i reproduced.

[henare]

@zoek1 it looks like it's someone probing the server. Here's a URL from Honeybadger's log you can use to test:

https://www.planningalerts.org.au/authorities/kuringgai/comments?page=4%22%20or%20(1,2)=(select*from(select%20name_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const(CHAR(111,108,111,108,111,115,104,101,114),1))a)%20--%20%22x%22=%22x

[hisayohorie]

Due to the fix of issue#669(adding validate_page_param in application_controller.rb's before_filter, we don't get that error anymore, FYI!

[stale]

This issue has been automatically marked as stale because there has been no activity on it for a year. If you want to keep it open please make a comment and explain why this issue is still relevant. Otherwise it will be automatically closed in a week. Thank you!