18

I have this code I use to get avatars from Facebook...

if auth.info.image.present?
      user.update_attribute(:avatar, URI.parse(auth.info.image))
end

When I try to load the code now I get this error:

A RuntimeError occurred in authentications#create:

  redirection forbidden: http://graph.facebook.com/672086173/picture?type=square -> https://fbcdn-profile-a.akamaihd.net/hprofile-ak-prn2/t5.0-1/1086349_672086173_156380036_q.jpg
  /home/ubuntu/.rvm/rubies/ruby-2.1.0/lib/ruby/2.1.0/open-uri.rb:223:in `open_loop'

I understand that this is a problem with Open-URI not allowing HTTP to HTTPS redirections... and I understand that this can be solved with Open-Uri-Redirections plugin https://github.com/jaimeiniesta/open_uri_redirections

But there are two things I don't understand:

  1. This was working just fine YESTERDAY... and I've changed nothing. So why, suddenly, can Paperclip not get the correct URL?

  2. The instructions for Open-Uri-redirections give the following example:

    open('http://github.com', :allow_redirections => :safe)

How would I reconcile this with my code above?

mystic cola
  • 1,465
  • 1
  • 21
  • 39

5 Answers5

43

I actually think the cleanest way of handling this is directly requesting the avatar through https. To do that, just use

https://graph.facebook.com/672086173/picture?type=square

instead of

http://graph.facebook.com/672086173/picture?type=square

If you're using omniauth-facebook, you'll need to specify secure_image_url: true in your omniauth initializer to generate that url. Like so:

config.omniauth :facebook, "XXXX", "XXXX",
                           image_size: { width: 500, height: 500 },
                           secure_image_url: true

Your omniauth initializer should be in your config/initializers directory, probably called omniauth.rb or devise.rb if you're using it together with devise.

deivid
  • 4,808
  • 2
  • 33
  • 38
29

Update

If you are using omniauth-facebook please follow deivid's answer.

Another way to solve this issue is to replace http with https. In that way it will redirect from https to https and you won't get a redirection forbidden error.

Example

> url = auth.info.image
=> "http://graph.facebook.com/672086173/picture?type=square"

> avatar_url =url.gsub("­http","htt­ps")
=> "https://graph.facebook.com/672086173/picture?type=square"

I had the exact same problem. I solve it with following steps

First in your gemfile add

gem 'open_uri_redirections'

and run bundle install to install the gem

And then in your model 

private

  def process_uri(uri)
    require 'open-uri'
    require 'open_uri_redirections'
    open(uri, :allow_redirections => :safe) do |r|
      r.base_uri.to_s
    end
  end

Now process the avatar url with the method like

if auth.info.image.present?
   avatar_url = process_uri(auth.info.image)
   user.update_attribute(:avatar, URI.parse(avatar_url))
end

Hope this helps anyone else that may be having this issue.

Monideep
  • 2,790
  • 18
  • 19
  • Getting the following error: A Paperclip::AdapterRegistry::NoHandlerError occurred in authentications#create: No handler found for "https://fbcdn-profile-a.akamaihd.net/hprofile-ak-prn2/t5.0-1/1086349_672086173_156380036_q.jpg" paperclip (3.4.2) lib/paperclip/io_adapters/registry.rb:19:in `handler_for' – mystic cola Mar 26 '14 at 16:04
  • 3
    This line should be: user.update_attribute(:avatar, URI.parse(avatar_url)) NOW it works. :) – mystic cola Mar 26 '14 at 16:12
  • Where does the 'process the avatar url' method go...? should it go in the create block? – Peege151 Apr 14 '14 at 22:01
  • @mysticcola I have a similar question [here](http://stackoverflow.com/questions/23071386/redirection-forbidden-facebook-paperclip-image) – Peege151 Apr 14 '14 at 22:17
  • For some reason I keep getting a NoMethodError undefined method for process_uri even though it's clearly in my User.rb model. Any ideas ? – Tom Maxwell Jul 31 '14 at 22:14
5

open_uri_redirections was not working for me. I could get it working by changing the original facebook image url to https from http. That way the redirect to the akamai CDN on https is not a http -> https redirect, but a https - https redirect.

in your example

user.update_attribute(:avatar, URI.parse(auth.info.image))

would become

uri = URI.parse(auth.info.image)
uri.scheme = 'https'
user.update_attribute(:avatar, URI.parse(uri))
Josh Crews
  • 779
  • 2
  • 11
  • 21
1

I was with the same error. Yesterday it was working. So, i've used the following solution without gem:

url = URI.parse('<YOUR FACEBOOK URL>')

h = Net::HTTP.new url.host, url.port
h.use_ssl = url.scheme == 'https'

head = h.start do |u|
  u.head url.path
end

new_url = head['location']

I hope it can help you.

Franzé Jr.
  • 1,194
  • 13
  • 20
0

FWIW, @deep's solution wasn't quite working for me, although it did bring me significantly closer.

I ended up doing this:

private
    def process_uri(uri)
        require 'open-uri'
        require 'open_uri_redirections'
        open(uri, :allow_redirections => :safe) do |r|
            r.base_uri.to_s
        end
    end

And then: 

avatar_url = process_uri(auth[:info][:image])
new_user.update_attribute(:remote_avatar_url, avatar_url)
Mic Fok
  • 837
  • 11
  • 12
  • A number of people have mentioned that Deep's answer didn't work for them... I can't quite figure out "why" though... What was the error you were getting? It worked perfect for me the first time... (well... the SECOND time, after I modified his process uri) – mystic cola Apr 08 '14 at 09:57