Make request body reading safe to rewind#2754
Merged
sl0thentr0py merged 1 commit into6.0-devfrom Oct 20, 2025
Merged
Conversation
Member
sl0thentr0py
commented
Oct 20, 2025
- resolves: Check request json and form bodies with rack 3 #2448
- resolves: RUBY-26
18e6070 to
e1a5f40
Compare
| private | ||
|
|
||
| def read_data_from(request) | ||
| return "Skipped non-rewindable request body" unless request.body.respond_to?(:rewind) |
There was a problem hiding this comment.
Bug: Form Data Request Handling Bug
The early request.body.respond_to?(:rewind) check incorrectly skips form data requests that don't require rewinding. It also changes the return value from nil to a "Skipped non-rewindable request body" string when request.body is nil, affecting RequestInterface.data for empty bodies.
Member
Author
There was a problem hiding this comment.
they do require rewinding, it's implicit currently
Contributor
There was a problem hiding this comment.
nitpicking: I feel a symbol might be cleaner than returning a string, or even a constant with the symbol as value 🤷 and is this something that's worth logging with sdk_logger at debug level, or is that too much?
Member
Author
There was a problem hiding this comment.
this will surface in the product it's part of the payload so they can add the rewindable middleware if they want to fix it
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## 6.0-dev #2754 +/- ##
==========================================
Coverage ? 97.22%
==========================================
Files ? 130
Lines ? 5217
Branches ? 0
==========================================
Hits ? 5072
Misses ? 145
Partials ? 0
🚀 New features to boost your workflow:
|
dingsdax
approved these changes
Oct 20, 2025
dingsdax
approved these changes
Oct 20, 2025
sl0thentr0py
added a commit
that referenced
this pull request
Oct 22, 2025
* Drop `async` configuration (#1894) * Migrate from to_hash to to_h (#2351) * Migrate from to_hash to to_h As @solnic pointed out in #2350 (comment) `to_hash` has special meaning in Ruby and could be called implicitly in contexts like double splatting argument. So we should switch to `to_h` to avoid potential issues. * Fix specs after rebase * Add before_send_check_in (#2703) * Cleanup before_send to only apply to ErrorEvent * remove the Hash deprecation message * Archive sentry-raven (#2708) Moved to https://github.com/getsentry/raven-ruby * Remove stacktrace trimming from the SDK (#2714) * Default config.enabled_environments to nil instead of [] (#2716) * Remove :monotonic_active_support_logger (#2717) * Add `config.trace_ignore_status_codes` to control which status codes don't get traced (#2725) * Add config.trace_ignore_status_codes to control which status codes don't get traced * Change implementation to Range * Don't send client reports for profiles if profiling is disabled (#2728) * Remove and and all metrics related code (#2729) * Remove deprecated `config.capture_exception_frame_locals` (#2730) * Remove deprecated capture_exception_frame_locals * Remove deprecated config.enable_tracing (#2731) * Remove deprecated config.enable_tracing * Remove deprecated `config.logger` (#2732) * Remove deprecated config.logger * Remove deprecated Sentry::Rails::Tracing::ActionControllerSubscriber (#2733) * Remove Transaction deprecations (#2736) * Remove deprecated Event#configuration (#2740) * Remove deprecated client methods (#2741) * Bump required_ruby_version to 2.7 (#2743) * Bump minimum rails version in `sentry-rails` to `5.2.0` * Bump minimum sidekiq version in `sentry-sidekiq` to `5.0` * Cleanup CI * Remove hub from Transaction#initialize (#2739) * Move examples out of SDK (#2746) available at https://github.com/getsentry/examples/tree/master/ruby * Add new config.profiles_sample_interval (#2745) * Always set up the StructuredLogger and no-op capture_log_event if logs (#2752) are disabled * Make request body reading safe to rewind (#2754) * Bump oversized stacktrace trunction to 500 on both sides Revert "Remove stacktrace trimming from the SDK (#2714)" This reverts commit ed7a2db. --------- Co-authored-by: Stan Lo <stan001212@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.