Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed regex in redirect_to to fully support URI schemes [#1247 state:…

…committed]

Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
  • Loading branch information...
commit 47b4fa4a621ee48ab17545b1e9fb38efef53b28e 1 parent ef53d91
Seth Fitzsimmons mojodna authored dhh committed
2  actionpack/CHANGELOG
View
@@ -1,5 +1,7 @@
*2.2.1 [RC2 or 2.2 final]*
+* Fixed regex in redirect_to to fully support URI schemes #1247 [Seth Fitzsimmons]
+
* Fixed bug with asset timestamping when using relative_url_root #1265 [Joe Goldwasser]
5 actionpack/lib/action_controller/base.rb
View
@@ -1053,7 +1053,10 @@ def redirect_to(options = {}, response_status = {}) #:doc:
logger.info("Redirected to #{options}") if logger && logger.info?
case options
- when %r{^\w+://.*}
+ # The scheme name consist of a letter followed by any combination of
+ # letters, digits, and the plus ("+"), period ("."), or hyphen ("-")
+ # characters; and is terminated by a colon (":").
+ when %r{^\w[\w\d+.-]*:.*}
redirect_to_full_url(options, status)
when String
redirect_to_full_url(request.protocol + request.host_with_port + options, status)
10 actionpack/test/controller/redirect_test.rb
View
@@ -73,6 +73,10 @@ def redirect_to_url_with_unescaped_query_string
redirect_to "http://dev.rubyonrails.org/query?status=new"
end
+ def redirect_to_url_with_complex_scheme
+ redirect_to "x-test+scheme.complex:redirect"
+ end
+
def redirect_to_back
redirect_to :back
end
@@ -198,6 +202,12 @@ def test_redirect_to_url_with_unescaped_query_string
assert_redirected_to "http://dev.rubyonrails.org/query?status=new"
end
+ def test_redirect_to_url_with_complex_scheme
+ get :redirect_to_url_with_complex_scheme
+ assert_response :redirect
+ assert_equal "x-test+scheme.complex:redirect", redirect_to_url
+ end
+
def test_redirect_to_back
@request.env["HTTP_REFERER"] = "http://www.example.com/coming/from"
get :redirect_to_back
Please sign in to comment.
Something went wrong with that request. Please try again.