Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Issue #5688:

* Fixed modulo based redirect to fail with a RoutingError rather than an InvalidURIError if the generated redirect URI is invalid because of a bad incoming URI
* Changed intgration test helper to not blow up on invalid URIs so that tests for invalid URIs can be written
* Still have a failing test because we still use URI.parse further down the testing stack in rack-test inadvertently validating the incoming URI for correctness
  • Loading branch information...
commit 95aad8f0da3cb940cff9ade4053e96fd14af0627 1 parent 0244c0d
Sidu Ponnappa authored April 01, 2012
9  actionpack/lib/action_dispatch/routing/redirection.rb
@@ -93,13 +93,20 @@ def redirect(*args, &block)
93 93
         path = args.shift
94 94
 
95 95
         block = lambda { |params, request|
96  
-          (params.empty? || !path.match(/%\{\w*\}/)) ? path : (path % params)
  96
+          (params.empty? || !path.match(/%\{\w*\}/)) ? path : verify_generated_url(path % params)
97 97
         } if String === path
98 98
 
99 99
         block = path if path.respond_to? :call
100 100
         raise ArgumentError, "redirection argument not supported" unless block
101 101
         Redirect.new status, block
102 102
       end
  103
+      
  104
+      private
  105
+      def verify_generated_url(url)
  106
+        url if URI.parse(url)
  107
+      rescue URI::InvalidURIError => e
  108
+        raise ActionController::RoutingError, e.message
  109
+      end
103 110
     end
104 111
   end
105 112
 end
9  actionpack/lib/action_dispatch/testing/integration.rb
@@ -301,9 +301,12 @@ def process(method, path, parameters = nil, rack_env = nil)
301 301
           uri.scheme ||= env['rack.url_scheme']
302 302
           uri.host   ||= env['SERVER_NAME']
303 303
           uri.port   ||= env['SERVER_PORT'].try(:to_i)
304  
-          uri += path
305  
-
306  
-          session.request(uri.to_s, env)
  304
+          begin
  305
+            uri += path
  306
+            session.request(uri.to_s, env)
  307
+          rescue URI::InvalidURIError => e
  308
+            session.request(uri.to_s + path, env)
  309
+          end
307 310
 
308 311
           @request_count += 1
309 312
           @request  = ActionDispatch::Request.new(session.last_request.env)
7  actionpack/test/dispatch/routing_test.rb
@@ -677,6 +677,13 @@ def test_redirect_modulo
677 677
     get '/account/modulo/name'
678 678
     verify_redirect 'http://www.example.com/names'
679 679
   end
  680
+  
  681
+  def test_redirect_modulo_with_invalid_redirect_uri_generated
  682
+    get '/account/modulo/name>'
  683
+    assert_equal 'Not Found', @response.body
  684
+    assert_raises(ActionController::RoutingError){ "" }
  685
+    assert_equal 404, status
  686
+  end
680 687
 
681 688
   def test_redirect_proc
682 689
     get '/account/proc/person'

0 notes on commit 95aad8f

Please sign in to comment.
Something went wrong with that request. Please try again.