Actions
Bug #5950
closedopen-uri: https redirect fix
Description
open-uri raises an exception if a http/s redirect refers to https.
original mail to the maintainer with a quickfix: https://gist.github.com/1704932
--snip--
this is taken from the original ruby open-uri class,¶
fixed this to support secure socket http redirects:¶
def OpenURI.redirectable?(uri1, uri2) # :nodoc:
# This test is intended to forbid a redirection from http://... to
# file:///etc/passwd.
# However this is ad hoc. It should be extensible/configurable.
uri1.scheme.downcase == uri2.scheme.downcase ||
(/\A(?:http|ftp|https)\z/i =~ uri1.scheme && /\A(?:http|ftp|https)\z/i =~
uri2.scheme)
end
--snip--
Updated by jhilden (Jakob Hilden) over 12 years ago
Seems like a duplicate of http://bugs.ruby-lang.org/issues/859
Updated by mame (Yusuke Endoh) over 12 years ago
- Status changed from Open to Assigned
- Assignee set to akr (Akira Tanaka)
Updated by akr (Akira Tanaka) over 11 years ago
- Project changed from Ruby 1.8 to Ruby master
- Category changed from lib to lib
- Target version deleted (
Ruby 1.8.7)
Updated by akr (Akira Tanaka) over 11 years ago
- Parent task set to #859
Updated by akr (Akira Tanaka) about 7 years ago
- Status changed from Assigned to Closed
- Parent task deleted (
#859)
closed as [Feature #859]
Actions
Like0
Like0Like0Like0Like0Like0