open_uri_redirections 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
data/.gitignore ADDED
@@ -0,0 +1,18 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ .rvmrc
7
+ Gemfile.lock
8
+ InstalledFiles
9
+ _yardoc
10
+ coverage
11
+ doc/
12
+ lib/bundler/man
13
+ pkg
14
+ rdoc
15
+ spec/reports
16
+ test/tmp
17
+ test/version_tmp
18
+ tmp
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in open_uri_redirects.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2012 Jaime Iniesta
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,63 @@
1
+ # OpenUriRedirections
2
+
3
+ This gem applies a patch to OpenURI to optionally allow redirections from HTTP to HTTPS, or from HTTPS to HTTP.
4
+
5
+ Here is the problem it tries to solve:
6
+
7
+ $ irb
8
+ 1.9.2p320 :001 > require 'open-uri'
9
+ => true
10
+ 1.9.2p320 :002 > open('http://github.com')
11
+ RuntimeError: redirection forbidden: http://github.com -> https://github.com/
12
+
13
+ And here is how you can use this patch to follow the redirections:
14
+
15
+ $ irb
16
+ 1.9.2p320 :001 > require 'open-uri'
17
+ => true
18
+ > require 'open_uri_redirections'
19
+ => true
20
+ 1.9.2p320 :002 > open('http://github.com', :allow_safe_redirections => true)
21
+ => #<File:/var/folders/...>
22
+
23
+ The patch contained in this gem adds two options to `OpenURI#open`:
24
+
25
+ * `:allow_safe_redirections` When set to true, it will allow HTTP => HTTPS redirections.
26
+ * `:allow_unsafe_redirections` When set to true, it will allow HTTPS => HTTP redirections.
27
+
28
+ ## Understand what you're doing
29
+
30
+ Before using this gem, read this:
31
+
32
+ ### Original gist URL:
33
+ [https://gist.github.com/1271420](https://gist.github.com/1271420)
34
+
35
+ ### Relevant issue:
36
+ [http://redmine.ruby-lang.org/issues/3719](http://redmine.ruby-lang.org/issues/3719)
37
+
38
+ ### Source here:
39
+ [https://github.com/ruby/ruby/blob/trunk/lib/open-uri.rb](https://github.com/ruby/ruby/blob/trunk/lib/open-uri.rb)
40
+
41
+ Use it at your own risk!
42
+
43
+ ## Installation
44
+
45
+ Add this line to your application's Gemfile:
46
+
47
+ gem 'open_uri_redirections'
48
+
49
+ And then execute:
50
+
51
+ $ bundle
52
+
53
+ Or install it yourself as:
54
+
55
+ $ gem install open_uri_redirections
56
+
57
+ ## Contributing
58
+
59
+ 1. Fork it
60
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
61
+ 3. Commit your changes (`git commit -am 'Add some feature'`)
62
+ 4. Push to the branch (`git push origin my-new-feature`)
63
+ 5. Create new Pull Request
data/Rakefile ADDED
@@ -0,0 +1 @@
1
+ require "bundler/gem_tasks"
@@ -0,0 +1,50 @@
1
+ # Patch to allow open-uri to follow safe (http to https) and unsafe redirections (https to http).
2
+ # Original gist URL:
3
+ # https://gist.github.com/1271420
4
+ #
5
+ # Relevant issue:
6
+ # http://redmine.ruby-lang.org/issues/3719
7
+ #
8
+ # Source here:
9
+ # https://github.com/ruby/ruby/blob/trunk/lib/open-uri.rb
10
+
11
+ module OpenURI
12
+ class <<self
13
+ alias_method :open_uri_original, :open_uri
14
+ alias_method :redirectable_cautious?, :redirectable?
15
+
16
+ def redirectable_safe?(uri1, uri2)
17
+ uri1.scheme.downcase == uri2.scheme.downcase || (uri1.scheme.downcase == "http" && uri2.scheme.downcase == "https")
18
+ end
19
+
20
+ def redirectable_unsafe?(uri1, uri2)
21
+ !redirectable_safe?(uri1, uri2)
22
+ end
23
+ end
24
+
25
+ # The original open_uri takes *args but then doesn't do anything with them.
26
+ # Assume we can only handle a hash.
27
+ def self.open_uri(name, options = {})
28
+ redirectable_unsafe = options.delete :allow_unsafe_redirections
29
+ redirectable_safe = options.delete :allow_safe_redirections
30
+
31
+ if redirectable_unsafe
32
+ class <<self
33
+ remove_method :redirectable?
34
+ alias_method :redirectable?, :redirectable_unsafe?
35
+ end
36
+ elsif redirectable_safe
37
+ class <<self
38
+ remove_method :redirectable?
39
+ alias_method :redirectable?, :redirectable_safe?
40
+ end
41
+ else
42
+ class <<self
43
+ remove_method :redirectable?
44
+ alias_method :redirectable?, :redirectable_cautious?
45
+ end
46
+ end
47
+
48
+ self.open_uri_original name, options
49
+ end
50
+ end
@@ -0,0 +1,4 @@
1
+ # -*- encoding: utf-8 -*-
2
+
3
+ require 'open-uri'
4
+ require File.expand_path(File.join(File.dirname(__FILE__), 'open-uri/redirections_patch'))
@@ -0,0 +1,3 @@
1
+ module OpenUriRedirections
2
+ VERSION = "0.0.1"
3
+ end
@@ -0,0 +1,21 @@
1
+ # -*- encoding: utf-8 -*-
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'open_uri_redirections/version'
5
+
6
+ Gem::Specification.new do |gem|
7
+ gem.name = "open_uri_redirections"
8
+ gem.version = OpenUriRedirections::VERSION
9
+ gem.authors = ["Jaime Iniesta", "Gabriel Cebrián"]
10
+ gem.email = ["jaimeiniesta@gmail.com"]
11
+ gem.description = %q{OpenURI patch to allow redirections between HTTP and HTTPS}
12
+ gem.summary = %q{OpenURI patch to allow redirections between HTTP and HTTPS}
13
+ gem.homepage = "https://github.com/jaimeiniesta/open_uri_redirections"
14
+
15
+ gem.files = `git ls-files`.split($/)
16
+ gem.test_files = gem.files.grep(%r{^(spec)/})
17
+ gem.require_paths = ["lib"]
18
+
19
+ gem.add_development_dependency 'rspec', '2.12.0'
20
+ gem.add_development_dependency 'fakeweb', '1.3.0'
21
+ end
@@ -0,0 +1,55 @@
1
+ # -*- encoding: utf-8 -*-
2
+
3
+ require File.join(File.dirname(__FILE__), "/spec_helper")
4
+
5
+ describe "OpenURI" do
6
+ describe "#open" do
7
+ describe ":allow_safe_redirections" do
8
+ it "should allow HTTP => HTTPS redirections when true" do
9
+ expect {
10
+ open("http://safe.com", :allow_safe_redirections => true)
11
+ }.to_not raise_error
12
+ end
13
+
14
+ it "should disallow HTTP => HTTPS redirections when false" do
15
+ expect {
16
+ open("http://safe.com", :allow_safe_redirections => false)
17
+ }.to raise_error(RuntimeError, "redirection forbidden: http://safe.com -> https://safe.com/")
18
+ end
19
+
20
+ it "should disallow HTTP => HTTPS redirections by default" do
21
+ expect {
22
+ open("http://safe.com")
23
+ }.to raise_error(RuntimeError, "redirection forbidden: http://safe.com -> https://safe.com/")
24
+ end
25
+
26
+ it "should follow safe redirection when true" do
27
+ open("http://safe.com", :allow_safe_redirections => true).read.should == "Hello, this is Safe."
28
+ end
29
+ end
30
+
31
+ describe ":allow_unsafe_redirections" do
32
+ it "should allow HTTPS => HTTP redirections when true" do
33
+ expect {
34
+ open("https://unsafe.com", :allow_unsafe_redirections => true)
35
+ }.to_not raise_error
36
+ end
37
+
38
+ it "should disallow HTTPS => HTTP redirections when false" do
39
+ expect {
40
+ open("https://unsafe.com", :allow_unsafe_redirections => false)
41
+ }.to raise_error(RuntimeError, "redirection forbidden: https://unsafe.com -> http://unsafe.com/")
42
+ end
43
+
44
+ it "should disallow HTTPS => HTTP redirections by default" do
45
+ expect {
46
+ open("https://unsafe.com")
47
+ }.to raise_error(RuntimeError, "redirection forbidden: https://unsafe.com -> http://unsafe.com/")
48
+ end
49
+
50
+ it "should follow unsafe redirection when true" do
51
+ open("https://unsafe.com", :allow_unsafe_redirections => true).read.should == "Hello, this is Unsafe."
52
+ end
53
+ end
54
+ end
55
+ end
@@ -0,0 +1,9 @@
1
+ HTTP/1.1 301 Moved Permanently
2
+ Server: nginx
3
+ Date: Mon, 03 Dec 2012 11:36:17 GMT
4
+ Content-Type: text/html
5
+ Content-Length: 178
6
+ Connection: close
7
+ Location: https://safe.com/
8
+
9
+ Redirecting to https://safe.com/
@@ -0,0 +1,15 @@
1
+ HTTP/1.1 200 OK
2
+ Server: nginx
3
+ Date: Mon, 03 Dec 2012 11:37:51 GMT
4
+ Content-Type: text/html; charset=utf-8
5
+ Connection: keep-alive
6
+ Status: 200 OK
7
+ X-Runtime: 10
8
+ ETag: "a9e1dd587bb233eb670ec06f7d553dbc"
9
+ X-Frame-Options: deny
10
+ Set-Cookie: _gh_sess=BAh7BzoPc2Vzc2lvbl9pZCIlZTc4ZDNlOGEwM2NlZDQ3Y2VhMDdlMTQyOTA4NWVmYzA6EF9jc3JmX3Rva2VuIjE0U2xsYUoybFFNSWxhWEtudHNvalJCVjZtVnJZcFVlRVk4WlpMbEZKWktRPQ%3D%3D--8ea4a235fd3c5e727d462e24b992fabd8f50050d; path=/; expires=Sat, 01-Jan-2022 00:00:00 GMT; secure; HttpOnly
11
+ Content-Length: 21814
12
+ Cache-Control: private, max-age=0, must-revalidate
13
+ Strict-Transport-Security: max-age=2592000
14
+
15
+ Hello, this is Unsafe.
@@ -0,0 +1,15 @@
1
+ HTTP/1.1 200 OK
2
+ Server: nginx
3
+ Date: Mon, 03 Dec 2012 11:37:51 GMT
4
+ Content-Type: text/html; charset=utf-8
5
+ Connection: keep-alive
6
+ Status: 200 OK
7
+ X-Runtime: 10
8
+ ETag: "a9e1dd587bb233eb670ec06f7d553dbc"
9
+ X-Frame-Options: deny
10
+ Set-Cookie: _gh_sess=BAh7BzoPc2Vzc2lvbl9pZCIlZTc4ZDNlOGEwM2NlZDQ3Y2VhMDdlMTQyOTA4NWVmYzA6EF9jc3JmX3Rva2VuIjE0U2xsYUoybFFNSWxhWEtudHNvalJCVjZtVnJZcFVlRVk4WlpMbEZKWktRPQ%3D%3D--8ea4a235fd3c5e727d462e24b992fabd8f50050d; path=/; expires=Sat, 01-Jan-2022 00:00:00 GMT; secure; HttpOnly
11
+ Content-Length: 21814
12
+ Cache-Control: private, max-age=0, must-revalidate
13
+ Strict-Transport-Security: max-age=2592000
14
+
15
+ Hello, this is Safe.
@@ -0,0 +1,9 @@
1
+ HTTP/1.1 301 Moved Permanently
2
+ Server: nginx
3
+ Date: Mon, 03 Dec 2012 11:36:17 GMT
4
+ Content-Type: text/html
5
+ Content-Length: 178
6
+ Connection: close
7
+ Location: http://unsafe.com/
8
+
9
+ Redirecting to http://unsafe.com.
@@ -0,0 +1,19 @@
1
+ # -*- encoding: utf-8 -*-
2
+
3
+ $: << File.join(File.dirname(__FILE__), "/../lib")
4
+ require 'open_uri_redirections'
5
+ require 'fakeweb'
6
+
7
+ FakeWeb.allow_net_connect = false
8
+
9
+ $samples_dir = File.dirname(__FILE__) + '/samples'
10
+
11
+ #######################
12
+ # Faked web responses #
13
+ #######################
14
+
15
+ FakeWeb.register_uri(:get, "http://safe.com/", :response => open("#{$samples_dir}/http_safe.response").read)
16
+ FakeWeb.register_uri(:get, "https://safe.com/", :response => open("#{$samples_dir}/https_safe.response").read)
17
+
18
+ FakeWeb.register_uri(:get, "https://unsafe.com/", :response => open("#{$samples_dir}/https_unsafe.response").read)
19
+ FakeWeb.register_uri(:get, "http://unsafe.com/", :response => open("#{$samples_dir}/http_unsafe.response").read)
metadata ADDED
@@ -0,0 +1,117 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: open_uri_redirections
3
+ version: !ruby/object:Gem::Version
4
+ hash: 29
5
+ prerelease:
6
+ segments:
7
+ - 0
8
+ - 0
9
+ - 1
10
+ version: 0.0.1
11
+ platform: ruby
12
+ authors:
13
+ - Jaime Iniesta
14
+ - "Gabriel Cebri\xC3\xA1n"
15
+ autorequire:
16
+ bindir: bin
17
+ cert_chain: []
18
+
19
+ date: 2012-12-03 00:00:00 Z
20
+ dependencies:
21
+ - !ruby/object:Gem::Dependency
22
+ name: rspec
23
+ prerelease: false
24
+ requirement: &id001 !ruby/object:Gem::Requirement
25
+ none: false
26
+ requirements:
27
+ - - "="
28
+ - !ruby/object:Gem::Version
29
+ hash: 63
30
+ segments:
31
+ - 2
32
+ - 12
33
+ - 0
34
+ version: 2.12.0
35
+ type: :development
36
+ version_requirements: *id001
37
+ - !ruby/object:Gem::Dependency
38
+ name: fakeweb
39
+ prerelease: false
40
+ requirement: &id002 !ruby/object:Gem::Requirement
41
+ none: false
42
+ requirements:
43
+ - - "="
44
+ - !ruby/object:Gem::Version
45
+ hash: 27
46
+ segments:
47
+ - 1
48
+ - 3
49
+ - 0
50
+ version: 1.3.0
51
+ type: :development
52
+ version_requirements: *id002
53
+ description: OpenURI patch to allow redirections between HTTP and HTTPS
54
+ email:
55
+ - jaimeiniesta@gmail.com
56
+ executables: []
57
+
58
+ extensions: []
59
+
60
+ extra_rdoc_files: []
61
+
62
+ files:
63
+ - .gitignore
64
+ - Gemfile
65
+ - LICENSE.txt
66
+ - README.md
67
+ - Rakefile
68
+ - lib/open-uri/redirections_patch.rb
69
+ - lib/open_uri_redirections.rb
70
+ - lib/open_uri_redirections/version.rb
71
+ - open_uri_redirections.gemspec
72
+ - spec/redirections_spec.rb
73
+ - spec/samples/http_safe.response
74
+ - spec/samples/http_unsafe.response
75
+ - spec/samples/https_safe.response
76
+ - spec/samples/https_unsafe.response
77
+ - spec/spec_helper.rb
78
+ homepage: https://github.com/jaimeiniesta/open_uri_redirections
79
+ licenses: []
80
+
81
+ post_install_message:
82
+ rdoc_options: []
83
+
84
+ require_paths:
85
+ - lib
86
+ required_ruby_version: !ruby/object:Gem::Requirement
87
+ none: false
88
+ requirements:
89
+ - - ">="
90
+ - !ruby/object:Gem::Version
91
+ hash: 3
92
+ segments:
93
+ - 0
94
+ version: "0"
95
+ required_rubygems_version: !ruby/object:Gem::Requirement
96
+ none: false
97
+ requirements:
98
+ - - ">="
99
+ - !ruby/object:Gem::Version
100
+ hash: 3
101
+ segments:
102
+ - 0
103
+ version: "0"
104
+ requirements: []
105
+
106
+ rubyforge_project:
107
+ rubygems_version: 1.8.24
108
+ signing_key:
109
+ specification_version: 3
110
+ summary: OpenURI patch to allow redirections between HTTP and HTTPS
111
+ test_files:
112
+ - spec/redirections_spec.rb
113
+ - spec/samples/http_safe.response
114
+ - spec/samples/http_unsafe.response
115
+ - spec/samples/https_safe.response
116
+ - spec/samples/https_unsafe.response
117
+ - spec/spec_helper.rb