From 714387055124e47561ee660a57ab51413e2949d7 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 28 Sep 2017 23:20:08 +0200 Subject: [PATCH] Change max redirects followed to 2 (#5136) I see no reason to allow more than that. Usually a redirect is HTTP->HTTPS, then maybe URL structure changed, but more than that is highly unlikely to be a legitimate use case. --- app/lib/request.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/lib/request.rb b/app/lib/request.rb index b083edaf77..61311df6e4 100644 --- a/app/lib/request.rb +++ b/app/lib/request.rb @@ -85,6 +85,6 @@ class Request end def http_client - HTTP.timeout(:per_operation, timeout).follow + HTTP.timeout(:per_operation, timeout).follow(max_hops: 2) end end