Fix regex used to find URI schemes in redirect_to

The previous regex was allowing `_` in the URI scheme, which is not allowed by RFC 3986. This change brings the regex in line with the RFC.
author: Derek Prior <derekprior@gmail.com> 2013-09-19 09:17:15 -0400
committer: Derek Prior <derekprior@gmail.com> 2013-09-19 09:23:20 -0400
commit: a78c10d3c787c56106353eb025ebb93ffcdb7bac (patch)
tree: 2b69e77ffe8091859cb81d4448f7f22d86fcd7df /actionpack/lib/action_controller
parent: 1dacfbabf3bb1e0a9057dd2a016b1804e7fa38c0 (diff)
download: rails-a78c10d3c787c56106353eb025ebb93ffcdb7bac.tar.gz
rails-a78c10d3c787c56106353eb025ebb93ffcdb7bac.tar.bz2
rails-a78c10d3c787c56106353eb025ebb93ffcdb7bac.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/metal/redirecting.rb b/actionpack/lib/action_controller/metal/redirecting.rb
index f07b19c5da..ab14a61b97 100644
--- a/actionpack/lib/action_controller/metal/redirecting.rb
+++ b/actionpack/lib/action_controller/metal/redirecting.rb
@@ -78,7 +78,7 @@ module ActionController
       # characters; and is terminated by a colon (":").
       # See http://tools.ietf.org/html/rfc3986#section-3.1
       # The protocol relative scheme starts with a double slash "//".
-      when %r{\A(\w[\w+.-]*:|//).*}
+      when /\A([a-z][a-z\d\-+\.]*:|\/\/).*/i
         options
       when String
         request.protocol + request.host_with_port + options
author	Derek Prior <derekprior@gmail.com>	2013-09-19 09:17:15 -0400
committer	Derek Prior <derekprior@gmail.com>	2013-09-19 09:23:20 -0400
commit	a78c10d3c787c56106353eb025ebb93ffcdb7bac (patch)
tree	2b69e77ffe8091859cb81d4448f7f22d86fcd7df /actionpack/lib/action_controller
parent	1dacfbabf3bb1e0a9057dd2a016b1804e7fa38c0 (diff)
download	rails-a78c10d3c787c56106353eb025ebb93ffcdb7bac.tar.gz rails-a78c10d3c787c56106353eb025ebb93ffcdb7bac.tar.bz2 rails-a78c10d3c787c56106353eb025ebb93ffcdb7bac.zip