Merge pull request rack#1249 from mclark/handle-invalid-method-parame…

…ters

handle failure to upcase invalid UTF8 strings for `_method` values

lib/rack/method_override.rb

@@ -28,7 +28,11 @@ def method_override(env)
       req = Request.new(env)
       method = method_override_param(req) ||
         env[HTTP_METHOD_OVERRIDE_HEADER]
-      method.to_s.upcase
+      begin
+        method.to_s.upcase
+      rescue ArgumentError
+        env[RACK_ERRORS].puts "Invalid string for method"
+      end
     end
 
     private

test/spec_method_override.rb

@@ -19,6 +19,20 @@ def app
     env["REQUEST_METHOD"].must_equal "GET"
   end
 
+  it "sets rack.errors for invalid UTF8 _method values" do
+    errors = StringIO.new
+    env = Rack::MockRequest.env_for("/",
+      :method => "POST",
+      :input => "_method=\xBF".b,
+      Rack::RACK_ERRORS => errors)
+
+    app.call env
+
+    errors.rewind
+    errors.read.must_equal "Invalid string for method\n"
+    env["REQUEST_METHOD"].must_equal "POST"
+  end
+
   it "modify REQUEST_METHOD for POST requests when _method parameter is set" do
     env = Rack::MockRequest.env_for("/", method: "POST", input: "_method=put")
     app.call env