http_url_validation_improved 1.1.1 → 1.2.0

Sign up to get free protection for your applications and to get access to all the features.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.1.1
1
+ 1.2.0
@@ -26,10 +26,24 @@ module ActiveRecord
26
26
  moved_retry ||= false
27
27
  not_allowed_retry ||= false
28
28
  retry_without_headers ||= false
29
- # Check Formatting
30
- raise if not value =~ /^(http|https):\/\/[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,5}(([0-9]{1,5})?\/.*)?$/ix
31
29
  response = nil
30
+
31
+ # resolve to url escaped version of URL
32
+ # TODO: at some point hopefully URI lib
33
+ # be updated to allow unicode values
34
+ # escape for now
35
+ value = URI.escape(value)
36
+
32
37
  url = URI.parse(value)
38
+
39
+ # Check Formatting
40
+ # moved to use the URI library's logic
41
+ # now allows ftp and other non-http(s) protocols
42
+ # must have a protocol specified
43
+ raise unless url.scheme
44
+ # must have a domain name specified
45
+ raise unless url.host
46
+
33
47
  url.path = "/" if url.path.length < 1
34
48
  http = Net::HTTP.new(url.host, (url.scheme == 'https') ? 443 : 80)
35
49
  if url.scheme == 'https'
@@ -44,7 +58,15 @@ module ActiveRecord
44
58
  http.request_get(url.path, headers) {|r|}
45
59
  end
46
60
  else
47
- http.request_head(url.path, headers)
61
+ # we know that *.wikipedia.org don't like the headers
62
+ # and will treat 3 requests to get to the point
63
+ # where we normally try without headers as DoS
64
+ # if not wikipedia, try with headers
65
+ if value.include?('wikipedia.org')
66
+ http.request_head(url.path)
67
+ else
68
+ http.request_head(url.path, headers)
69
+ end
48
70
  end
49
71
  # response = not_allowed_retry ? http.request_get(url.path) {|r|} : http.request_head(url.path)
50
72
  # Comment out as you need to
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: http_url_validation_improved
3
3
  version: !ruby/object:Gem::Version
4
- hash: 17
4
+ hash: 31
5
5
  prerelease: false
6
6
  segments:
7
7
  - 1
8
- - 1
9
- - 1
10
- version: 1.1.1
8
+ - 2
9
+ - 0
10
+ version: 1.2.0
11
11
  platform: ruby
12
12
  authors:
13
13
  - Erik Gregg
@@ -17,7 +17,7 @@ autorequire:
17
17
  bindir: bin
18
18
  cert_chain: []
19
19
 
20
- date: 2010-06-04 00:00:00 +12:00
20
+ date: 2010-06-15 00:00:00 +12:00
21
21
  default_executable:
22
22
  dependencies:
23
23
  - !ruby/object:Gem::Dependency