I was working on a small script to verify the presence of an element
through a list of URL, some of these URLs have a redirections from http
https, when the script crawled into them I got the following error:
/usr/lib/ruby/1.9.1/open-uri.rb:216:in `open_loop’: redirection
I understand that this is intentional, as per the comments on
# This test is intended to forbid a redirection from http://... to # file:///etc/passwd. # https to http redirect is also forbidden intentionally. # It avoids sending secure cookie or referer by non-secure HTTP
# (RFC 2109 4.3.1, RFC 2965 3.3, RFC 2616 15.1.3)
# However this is ad hoc. It should be extensible/configurable.
This mentions that “https to http” redirects are forbidden
but redirections from “http to https” are also blocked.
Is there a way to override this security check? currently I had to
following line in the library to allow “http to https” re-directions:
(/\A(?:http|ftp)\z/i =~ uri1.scheme && /\A(?:http|ftp)\z/i =~
(/\A(?:http|ftp|https)\z/i =~ uri1.scheme && /\A(?:http|ftp|https)\z/i