From 366e17b75d6a081068e16b17d66020b988c8cc00 Mon Sep 17 00:00:00 2001
From: Alexander Machehin <alexander.machehin@gmail.com>
Date: Wed, 25 Mar 2015 17:34:56 +0500
Subject: [PATCH] add rack-utf8_sanitizer gem

---
 Gemfile               | 2 ++
 Gemfile.lock          | 3 +++
 config/application.rb | 2 ++
 3 files changed, 7 insertions(+)

diff --git a/Gemfile b/Gemfile
index 97f528df5..6a2e3a54f 100644
--- a/Gemfile
+++ b/Gemfile
@@ -102,6 +102,8 @@ source 'https://rails-assets.org' do
   gem 'rails-assets-notifyjs'
 end
 
+gem 'rack-utf8_sanitizer'
+
 group :production do
   gem 'airbrake'
   #gem 'bluepill', '~> 0.0.60', require: false
diff --git a/Gemfile.lock b/Gemfile.lock
index 82491fe8e..f62782e8b 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -361,6 +361,8 @@ GEM
       rack (>= 1.0)
     rack-throttle (0.3.0)
       rack (>= 1.0.0)
+    rack-utf8_sanitizer (1.3.0)
+      rack (~> 1.0)
     rails (4.1.9)
       actionmailer (= 4.1.9)
       actionpack (= 4.1.9)
@@ -636,6 +638,7 @@ DEPENDENCIES
   protected_attributes
   puma
   rack-throttle (~> 0.3.0)
+  rack-utf8_sanitizer
   rails (= 4.1.9)
   rails-assets-notifyjs!
   rails3-generators
diff --git a/config/application.rb b/config/application.rb
index 14014382e..109aa5c31 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -21,6 +21,8 @@ module Rosa
 
     # Rate limit
     config.middleware.insert_before Rack::Runtime, ApiDefender
+    # Rack::UTF8Sanitizer is a Rack middleware which cleans up invalid UTF8 characters in request URI and headers.
+    config.middleware.insert 0, Rack::UTF8Sanitizer
 
     config.autoload_paths += %W(#{config.root}/lib)