method

_ensure_url_is_http_header_safe

Importance_0
v6.1.7.7 - Show latest stable - 0 notes - Class: ActionController::Redirecting
_ensure_url_is_http_header_safe(url) private

No documentation

This method has no description. You can help the Ruby on Rails community by adding new notes.

Hide source
# File actionpack/lib/action_controller/metal/redirecting.rb, line 141
      def _ensure_url_is_http_header_safe(url)
        # Attempt to comply with the set of valid token characters
        # defined for an HTTP header value in
        # https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.6
        if url.match(ILLEGAL_HEADER_VALUE_REGEX)
          msg = "The redirect URL #{url} contains one or more illegal HTTP header field character. "              "Set of legal characters defined in https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.6"
          raise UnsafeRedirectError, msg
        end
      end
Register or log in to add new notes.