---
title: "open-uri in Ruby 2.4 allows http to https redirection"
description: "open-uri now allows http to https redirection in Ruby 2.4"
canonical_url: "https://www.bigbinary.com/blog/open-uri-in-ruby-2-4-allows-http-to-https-redirection"
markdown_url: "https://www.bigbinary.com/blog/open-uri-in-ruby-2-4-allows-http-to-https-redirection.md"
---

# open-uri in Ruby 2.4 allows http to https redirection

open-uri now allows http to https redirection in Ruby 2.4

- Author: Chirag Shah
- Published: March 2, 2017
- Categories: Ruby 2.4, Ruby

In Ruby 2.3, if the argument to `open-uri` is http and the host redirects to
https , then `open-uri` would throw an error.

```ruby

> require 'open-uri'
> open('http://www.google.com/gmail')

RuntimeError: redirection forbidden: http://www.google.com/gmail -> https://www.google.com/gmail/

```

To get around this issue, we could use
[open_uri_redirections](https://github.com/open-uri-redirections/open_uri_redirections)
gem.

```ruby

> require 'open-uri'
> require 'open_uri_redirections'
> open('http://www.google.com/gmail/', :allow_redirections => :safe)

=> #<Tempfile:/var/folders/jv/fxkfk9_10nb_964rvrszs2540000gn/T/open-uri20170228-41042-2fffoa>

```

### Ruby 2.4

In Ruby 2.4, this issue is [fixed](https://bugs.ruby-lang.org/issues/859). So
now http to https redirection is possible using open-uri.

```ruby

> require 'open-uri'
> open('http://www.google.com/gmail')
=> #<Tempfile:/var/folders/jv/fxkfk9_10nb_964rvrszs2540000gn/T/open-uri20170228-41077-1bkm1dv>

```

Note that redirection from https to http will raise an error, like it did in
previous versions, since that has possible security concerns.

## Links

- [Human page](https://www.bigbinary.com/blog/open-uri-in-ruby-2-4-allows-http-to-https-redirection)