ActionDispatch::ParamsParser::ParseError for String Request Payload

Question

I'm receiving a standard request from an API. It looks something like this :

It's content type and length is :

But when this hits my Rails server, Rails responds with

The reason I'm bringing this up, is because the same request seems to work on SCORM Cloud's server. If I upload the exact same content to them, and watch it in the debugger, I see it send out an application/json statement with the same Request payload, but with no unexpected token error.

Does a Rails application/json request have to be written a certain way that differs from other servers? Is there a proper way to rewrite this line in Rack Middleware to prevent this error?

Update

The javascript :

function _TCDriver_XHR_request (lrs, url, method, data, callback, ignore404, extraHeaders) {
_TCDriver_Log("_TCDriver_XHR_request: " + url);
var xhr,
    finished = false,
    xDomainRequest = false,
    ieXDomain = false,
    ieModeRequest,
    title,
    ticks = ['/', '-', '\\', '|'],
    location = window.location,
    urlParts,
    urlPort,
    result,
    extended,
    until,
    fullUrl = lrs.endpoint + url
;

urlParts = fullUrl.toLowerCase().match(/^(.+):\/\/([^:\/]*):?(\d+)?(\/.*)?$/);

// add extended LMS-specified values to the URL
if (lrs.extended !== undefined) {
    extended = [];
    for (var prop in lrs.extended) {
        if(lrs.extended[prop] != null && lrs.extended[prop].length > 0){
            extended.push(prop + "=" + encodeURIComponent(lrs.extended[prop]));
        }
    }
    if (extended.length > 0) {
        fullUrl += (fullUrl.indexOf("?") > -1 ? "&" : "?") + extended.join("&");
    }
}

//Consolidate headers
var headers = {};
headers["Content-Type"] = "application/json";
headers["Authorization"] = lrs.auth;
if (extraHeaders !== null) {
    for (var headerName in extraHeaders) {
        headers[headerName] = extraHeaders[headerName];
    }
}

//See if this really is a cross domain
xDomainRequest = (location.protocol.toLowerCase() !== urlParts[1] || location.hostname.toLowerCase() !== urlParts[2]);
if (! xDomainRequest) {
    urlPort = (urlParts[3] === null ? ( urlParts[1] === 'http' ? '80' : '443') : urlParts[3]);
    xDomainRequest = (urlPort === location.port);
}

//If it's not cross domain or we're not using IE, use the usual XmlHttpRequest
if (! xDomainRequest || typeof XDomainRequest === 'undefined') {
    _TCDriver_Log("_TCDriver_XHR_request using XMLHttpRequest");
    xhr = new XMLHttpRequest();
    xhr.open(method, fullUrl, callback != null);
    for (var headerName in headers) {
        xhr.setRequestHeader(headerName, headers[headerName]);
    }
}
//Otherwise, use IE's XDomainRequest object
else {
    _TCDriver_Log("_TCDriver_XHR_request using XDomainRequest");
    ieXDomain = true;
    ieModeRequest = _TCDriver_GetIEModeRequest(method, fullUrl, headers, data);
    xhr = new XDomainRequest ();
    xhr.open(ieModeRequest.method, ieModeRequest.url);
}

score 2 · Accepted Answer · answered Apr 08 '16 at 13:40

Rails is being "helpful" here and assuming that the client is correctly using "Content-Type" and passing a value that actually matches that content type. In other words, the payload in the request has to be parseable JSON, and the value being passed is not valid JSON.

Which is an entirely reasonable thing for it to do when you are implementing an in house API that isn't intended for maximum interoperability. What Rails doesn't know is that an LRS' document storage is supposed to be "dumb" and basically allow the client to shove whatever it wants in and get whatever it wants out, which is why SCORM Cloud accepts the request, basically it just stores the content type and the contents, and then regurgitates them as is on request.

The code you pasted is from a very old library that has poor implementation of Content-Type headers. If this code is found anywhere other than in a relatively old version of a piece of content from one of the major e-learning authoring tools then it should be updated to use a recent version of TinCanJS and improve the content type handling.

As far as making this work on Rails, sorry I don't have that much experience with it. Presumably there is a switch or something to turn off automatic request body parsing, at least that's what most other frameworks I've used have.

Ah thanks so much for the write up Brian. I did end up writing a Rails rewrite for this ( now I can say ) crappy piece of JS. Thanks so much for the help. — Trip, Apr 08 '16 at 13:48
hey @BrianJ.Miller , was curious if you do a lot of SCORM programming work. Would love to chat with you if you have a few minutes. Not for work, but just thought it would be interesting to share stories. I've been working with an LRS for four and a half years, and have been writing a TinCan reader and have noticed numerous irregularities in the types of boilerplate TinCan delegates people use. I'm so curious why they don't standardize that stuff. — Trip, Apr 11 '16 at 19:02
@Trip 4.5 years sounds like kind of a long time. Either way, not sure I understand what you mean by "types of boilerplate TinCan delegates". Standardization of statement structures is moving forward, albeit slowly, and we've put out material on the concept of "Recipes" which is intended to suggest best practices for publishing common idioms. See http://tincanapi.com/recipes/ Happy to answer further questions, I pay attention to SO, or can send to support@tincanapi.com. — Brian J. Miller, Apr 19 '16 at 13:28

score -1 · Answer 2 · answered Apr 08 '16 at 11:06

-1

Does a Rails application/json request have to be written a certain way that differs from other servers?

Not that I know of no.

Is there a proper way to rewrite this line in Rack Middleware to prevent this error?

There might a way yes, maybe even without rack middlewares, although it's quite hard to help you without an actual request to work with.

answered Apr 08 '16 at 11:06

born4new

1,677
12
12

What part of the request would you need? I know how to rewrite a request. But I'm not entirely sure what part of it I would have to rewrite and to what to make it not malformed. Does that make sense? – Trip Apr 08 '16 at 11:09
The whole query would be helpful. – born4new Apr 08 '16 at 11:51
Ah thanks for your help. I included the javascript.. I wish it was jQuery. This is the code that would send the request to me. Updated above. – Trip Apr 08 '16 at 12:00

ActionDispatch::ParamsParser::ParseError for String Request Payload

2 Answers2