open-uri is not redirecing http to https

Question

I am using Hpricot and OpenURI to parse webpages and extract URLs from them.

When I get a link like "http:rapidshare.com", it is not redirecting to https. This is the error I got:

/home/leonidus/.rvm/rubies/ruby-1.9.3-p125/lib/ruby/1.9.1/open-uri.rb:216:in 
`open_loop': redirection forbidden: http:.................=>     
https:.........................
.
.

I tried to use the exception handler OPENURI::HTTPREDIRECT but then again I am getting the same error. I tried all the blogs but it is not resolved there also.

https://github.com/jaimeiniesta/open_uri_redirections. patch packaged as a gem. — Kinjal Dixit, Jul 24 '13 at 09:10

score 14 · Accepted Answer · answered Apr 04 '12 at 16:02

14

See this Ruby bug report for a discussion of why you're experiencing this issue. See this gist for a monkey patch to OpenURI to allow "unsafe" redirects.

answered Apr 04 '12 at 16:02

ezkl

3,829
23
39

The bug's in the paperclip gem. Any idea if it was fixed at any version there? – Augustin Riedinger Mar 28 '14 at 17:20
"Updated by Yusuke Endoh over 1 year ago - Tracker changed from Bug to Feature" – ZirconCode Apr 01 '14 at 19:14
This an old answer, but it's worth stating: The reason it's unsafe is that any and all requests over HTTP have the unlikely tinfoil but still technically-possible chance of being modified in-flight. Patching code to allow unsafe redirects introduces a security issue, when the correct course is to use https:// always across any untrusted network and look at http:// with suspicion and privacy-diminishing implications. – Nov 01 '14 at 19:06
Has paperclip fixed this issue? I'm experiencing it now – Uri Klar Jun 11 '15 at 08:42

open-uri is not redirecing http to https

1 Answers1

Linked