Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Allow open-uri to follow unsafe redirects (i.e. https to http)
# Allow open-uri to follow unsafe redirects (i.e. https to http).
# Relevant issue:
# http://redmine.ruby-lang.org/issues/3719
# Source here:
# https://github.com/ruby/ruby/blob/trunk/lib/open-uri.rb
module OpenURI
class <<self
alias_method :open_uri_original, :open_uri
alias_method :redirectable_cautious?, :redirectable?
def redirectable_baller? uri1, uri2
valid = /\A(?:https?|ftp)\z/i
valid =~ uri1.scheme.downcase && valid =~ uri2.scheme
end
end
# The original open_uri takes *args but then doesn't do anything with them.
# Assume we can only handle a hash.
def self.open_uri name, options = {}
value = options.delete :allow_unsafe_redirects
if value
class <<self
remove_method :redirectable?
alias_method :redirectable?, :redirectable_baller?
end
else
class <<self
remove_method :redirectable?
alias_method :redirectable?, :redirectable_cautious?
end
end
self.open_uri_original name, options
end
@remino

This comment has been minimized.

Copy link

@remino remino commented Feb 1, 2013

Isn't there a missing "end" at the end?

@scottbartell

This comment has been minimized.

Copy link

@scottbartell scottbartell commented May 7, 2013

@remino is right, the final end is missing.

@ABrambleNinja

This comment has been minimized.

Copy link

@ABrambleNinja ABrambleNinja commented Jun 25, 2013

The end is still missing. Check my fork of this script for the extra end.

@johnjohndoe

This comment has been minimized.

Copy link

@johnjohndoe johnjohndoe commented Dec 20, 2013

Please note there is jaimeiniesta/open_uri_redirections meanwhile.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment