diff options
| -rw-r--r-- | actionpack/CHANGELOG.md | 5 | ||||
| -rw-r--r-- | actionpack/lib/action_controller/metal/redirecting.rb | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index a7ad07afd9..b0b75f6909 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,8 @@ +* Fix regex used to detect URI schemes in `redirect_to` to be consistent with + RFC 3986. + + *Derek Prior* + * Fix incorrect `assert_redirected_to` failure message for protocol-relative URLs. diff --git a/actionpack/lib/action_controller/metal/redirecting.rb b/actionpack/lib/action_controller/metal/redirecting.rb index f07b19c5da..ab14a61b97 100644 --- a/actionpack/lib/action_controller/metal/redirecting.rb +++ b/actionpack/lib/action_controller/metal/redirecting.rb @@ -78,7 +78,7 @@ module ActionController # characters; and is terminated by a colon (":"). # See http://tools.ietf.org/html/rfc3986#section-3.1 # The protocol relative scheme starts with a double slash "//". - when %r{\A(\w[\w+.-]*:|//).*} + when /\A([a-z][a-z\d\-+\.]*:|\/\/).*/i options when String request.protocol + request.host_with_port + options |