class Faraday::FollowRedirects::Middleware
end
faraday.adapter Faraday.default_adapter
faraday.use :cookie_jar
faraday.use FaradayMiddleware::FollowRedirects
Faraday.new(:url => url) do |faraday|
the faraday-cookie_jar gem:
If you wish to persist cookies across redirects, you could use
doesn’t support parallelism.
This middleware currently only works with synchronous requests; i.e. it
to opt into HTTP/1.1 compliance and act unlike the major web browsers.
however, the HTTP method after 301/302 remains unchanged. This allows you
request gets converted into a GET. With ‘:standards_compliant => true`,
For HTTP 301, 302, and 303, the original GET, POST, PUT, DELETE, or PATCH
Public: Follow HTTP 301, 302, 303, 307, and 308 redirects.
def call(env)
def call(env) perform_with_redirection(env, follow_limit) end
def callback
def callback @options[:callback] end
def clear_authorization_header(env, from_url, to_url)
def clear_authorization_header(env, from_url, to_url) return env if redirect_to_same_host?(from_url, to_url) return env unless @options.fetch(:clear_authorization_header, true) env[:request_headers].delete(AUTH_HEADER) end
def convert_to_get?(response)
def convert_to_get?(response) !%i[head options].include?(response.env[:method]) && @convert_to_get.include?(response.status) end
def follow_limit
def follow_limit @options.fetch(:limit, FOLLOW_LIMIT) end
def follow_redirect?(env, response)
def follow_redirect?(env, response) ALLOWED_METHODS.include?(env[:method]) && REDIRECT_CODES.include?(response.status) end
def initialize(app, options = {})
Authorization header should be cleared on
:clear_authorization_header - A Boolean indicating whether the request
all cookies (default: []).
cookies to be kept, or :all to keep
['cookie1', 'cookie2']) to choose
:cookies - An Array of Strings (e.g.
with the old and new envs
:callback - A callable used on redirects
(default: false)
the HTTP spec when following 301/302
:standards_compliant - A Boolean indicating whether to respect
:limit - A Numeric redirect limit (default: 3)
options - An options Hash (default: {}):
Public: Initialize the middleware.
def initialize(app, options = {}) super(app) @options = options @convert_to_get = Set.new [303] @convert_to_get << 301 << 302 unless standards_compliant? end
def perform_with_redirection(env, follows)
def perform_with_redirection(env, follows) request_body = env[:body] response = @app.call(env) response.on_complete do |response_env| if follow_redirect?(response_env, response) raise RedirectLimitReached, response if follows.zero? new_request_env = update_env(response_env.dup, request_body, response) callback&.call(response_env, new_request_env) response = perform_with_redirection(new_request_env, follows - 1) end end response end
def redirect_to_same_host?(from_url, to_url)
def redirect_to_same_host?(from_url, to_url) return true if to_url.start_with?('/') from_uri = URI.parse(from_url) to_uri = URI.parse(to_url) [from_uri.scheme, from_uri.host, from_uri.port] == [to_uri.scheme, to_uri.host, to_uri.port] end
def safe_escape(uri)
URI:HTTP using the `+` operator. Doesn't escape "%" characters so to not
component only or a fully qualified URI so that it can be joined onto an
Internal: escapes unsafe characters from an URL which might be a path
def safe_escape(uri) uri = uri.split('#')[0] # we want to remove the fragment if present uri.to_s.gsub(URI_UNSAFE) do |match| "%#{match.unpack('H2' * match.bytesize).join('%').upcase}" end end
def standards_compliant?
def standards_compliant? @options.fetch(:standards_compliant, false) end
def update_env(env, request_body, response)
def update_env(env, request_body, response) redirect_from_url = env[:url].to_s redirect_to_url = safe_escape(response['location'] || '') env[:url] += redirect_to_url ENV_TO_CLEAR.each { |key| env.delete key } if convert_to_get?(response) env[:method] = :get env[:body] = nil else env[:body] = request_body end clear_authorization_header(env, redirect_from_url, redirect_to_url) env end