Skip to content

Instantly share code, notes, and snippets.

@zaius
Created October 7, 2011 21:46
Show Gist options
  • Save zaius/1271420 to your computer and use it in GitHub Desktop.
Save zaius/1271420 to your computer and use it in GitHub Desktop.
Allow open-uri to follow unsafe redirects (i.e. https to http)
# Allow open-uri to follow unsafe redirects (i.e. https to http).
# Relevant issue:
# http://redmine.ruby-lang.org/issues/3719
# Source here:
# https://github.com/ruby/ruby/blob/trunk/lib/open-uri.rb
module OpenURI
class <<self
alias_method :open_uri_original, :open_uri
alias_method :redirectable_cautious?, :redirectable?
def redirectable_baller? uri1, uri2
valid = /\A(?:https?|ftp)\z/i
valid =~ uri1.scheme.downcase && valid =~ uri2.scheme
end
end
# The original open_uri takes *args but then doesn't do anything with them.
# Assume we can only handle a hash.
def self.open_uri name, options = {}
value = options.delete :allow_unsafe_redirects
if value
class <<self
remove_method :redirectable?
alias_method :redirectable?, :redirectable_baller?
end
else
class <<self
remove_method :redirectable?
alias_method :redirectable?, :redirectable_cautious?
end
end
self.open_uri_original name, options
end
@ABrambleNinja
Copy link

The end is still missing. Check my fork of this script for the extra end.

@johnjohndoe
Copy link

Please note there is jaimeiniesta/open_uri_redirections meanwhile.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment