Render 412 for invalid UTF-8 parametersfa-handle_invalid_utf8_errors

Renders 412 error page when invalid UTF-8 is passed
as parameters in controllers.

2 files changed, 26 insertions, 0 deletions

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 7e2b2cf3ad3..04460e184c2 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -10,6 +10,7 @@ class ApplicationController < ActionController::Base
   include WorkhorseHelper
   include EnforcesTwoFactorAuthentication
   include WithPerformanceBar
+  include InvalidUTF8ErrorHandler
 
   before_action :authenticate_sessionless_user!
   before_action :authenticate_user!
diff --git a/app/controllers/concerns/invalid_utf8_error_handler.rb b/app/controllers/concerns/invalid_utf8_error_handler.rb
new file mode 100644
index 00000000000..a7ea0d00a43
--- /dev/null
+++ b/app/controllers/concerns/invalid_utf8_error_handler.rb
@@ -0,0 +1,25 @@
+module InvalidUTF8ErrorHandler
+  extend ActiveSupport::Concern
+
+  included do
+    rescue_from ArgumentError, with: :handle_invalid_utf8
+  end
+
+  private
+
+  def handle_invalid_utf8(error)
+    if error.message == "invalid byte sequence in UTF-8"
+      render_412
+    else
+      raise(error)
+    end
+  end
+
+  def render_412
+    respond_to do |format|
+      format.html { render "errors/precondition_failed", layout: "errors", status: 412 }
+      format.js { render json: { error: 'Invalid UTF-8' }, status: :precondition_failed, content_type: 'application/json' }
+      format.any { head :precondition_failed }
+    end
+  end
+end