BigBinary Blog

We write about Ruby on Rails, React.js, React Native, remote work, open source, engineering and design.

open-uri in Ruby 2.4 allows http to https redirection

In Ruby 2.3, if the argument to open-uri is http and the host redirects to https , then open-uri would throw an error.

1
2> require 'open-uri'
3> open('http://www.google.com/gmail')
4
5RuntimeError: redirection forbidden: http://www.google.com/gmail -> https://www.google.com/gmail/
6

To get around this issue, we could use open_uri_redirections gem.

1
2> require 'open-uri'
3> require 'open_uri_redirections'
4> open('http://www.google.com/gmail/', :allow_redirections => :safe)
5
6=> #<Tempfile:/var/folders/jv/fxkfk9_10nb_964rvrszs2540000gn/T/open-uri20170228-41042-2fffoa>
7

Ruby 2.4

In Ruby 2.4, this issue is fixed. So now http to https redirection is possible using open-uri.

1
2> require 'open-uri'
3> open('http://www.google.com/gmail')
4=> #<Tempfile:/var/folders/jv/fxkfk9_10nb_964rvrszs2540000gn/T/open-uri20170228-41077-1bkm1dv>
5

Note that redirection from https to http will raise an error, like it did in previous versions, since that has possible security concerns.

Chirag Shah in Ruby 2.4
March 2, 2017
Share

Subscribe to our newsletter