Menu
What I want
I want to pass a URL segment with an encoded slash.
The Problem
My Question
What I've Tried
PassengerAllowEncodedSlashes on might solve this issue but hesitant to do this in case it affects securityThe Detail
routes.rb
get '/api/shops/:city', to: 'shops#index', constraints: /[0-9A-Za-z\-\.\%\s]+/
Form
The user can select their area from a dropdown:
London/Dover
Glasgow/Edinburgh
On Submit
We hit the API with: /api/shops/London%2FDover
We encode the slash when building the url for obvious reasons.
This works...
Running locally on Rails on Thin.
The URL is recognised by the routes, the slash is decoded inside Rails and inside our application we have London/Dover as a parameter.
This breaks...
Running on the server on Nginx, Passenger and Rack.
The slash is decoded before it hits Rails.
/api/shops/London/Dover isn't a route so responds with a 404.
Versions
429
We faced the same problem. We tried encoding the string using CGI::escape , URI::encode, ERB::Util::url_encode, but nothing worked on server with passenger and nginx. The solution that worked for us was to modify the route to use wild card character, known as "Route Globbing". Refer this link : http://guides.rubyonrails.org/routing.html#route-globbing-and-wildcard-segments
So, in your case, the route becomes
`get '/api/shops/*city', to: 'shops#index', constraints: /[0-9A-Za-z\-\.\%\s]+/ `
instead of
get '/api/shops/:city', to: 'shops#index', constraints: /[0-9A-Za-z\-\.\%\s]+/.
Notice the wild card character in the route before parameter "city".
64
answered Oct 24 '25 01:10
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With