Rails 3.2.17 Runtime Error Redirection Forbidden facebook

Question

I have this code I use to get avatars from Facebook...

if auth.info.image.present?
      user.update_attribute(:avatar, URI.parse(auth.info.image))
end


        

Answer 1

Update

If you are using omniauth-facebook please follow deivid's answer.

Another way to solve this issue is to replace http with https. In that way it will redirect from https to https and you won't get a redirection forbidden error.

Example

> url = auth.info.image
=> "http://graph.facebook.com/672086173/picture?type=square"

> avatar_url =url.gsub("­http","htt­ps")
=> "https://graph.facebook.com/672086173/picture?type=square"

---

I had the exact same problem. I solve it with following steps

First in your gemfile add

gem 'open_uri_redirections'

and run bundle install to install the gem

And then in your model

private

  def process_uri(uri)
    require 'open-uri'
    require 'open_uri_redirections'
    open(uri, :allow_redirections => :safe) do |r|
      r.base_uri.to_s
    end
  end

Now process the avatar url with the method like

if auth.info.image.present?
   avatar_url = process_uri(auth.info.image)
   user.update_attribute(:avatar, URI.parse(avatar_url))
end

Hope this helps anyone else that may be having this issue.

Answer 2

I was with the same error. Yesterday it was working. So, i've used the following solution without gem:

url = URI.parse('<YOUR FACEBOOK URL>')

h = Net::HTTP.new url.host, url.port
h.use_ssl = url.scheme == 'https'

head = h.start do |u|
  u.head url.path
end

new_url = head['location']

I hope it can help you.

Answer 3

I actually think the cleanest way of handling this is directly requesting the avatar through https. To do that, just use

https://graph.facebook.com/672086173/picture?type=square

instead of

http://graph.facebook.com/672086173/picture?type=square

If you're using omniauth-facebook, you'll need to specify secure_image_url: true in your omniauth initializer to generate that url. Like so:

config.omniauth :facebook, "XXXX", "XXXX",
                           image_size: { width: 500, height: 500 },
                           secure_image_url: true

Your omniauth initializer should be in your config/initializers directory, probably called omniauth.rb or devise.rb if you're using it together with devise.

Answer 4

FWIW, @deep's solution wasn't quite working for me, although it did bring me significantly closer.

I ended up doing this:

private
    def process_uri(uri)
        require 'open-uri'
        require 'open_uri_redirections'
        open(uri, :allow_redirections => :safe) do |r|
            r.base_uri.to_s
        end
    end

And then:

avatar_url = process_uri(auth[:info][:image])
new_user.update_attribute(:remote_avatar_url, avatar_url)

Answer 5

open_uri_redirections was not working for me. I could get it working by changing the original facebook image url to https from http. That way the redirect to the akamai CDN on https is not a http -> https redirect, but a https - https redirect.

in your example

user.update_attribute(:avatar, URI.parse(auth.info.image))

would become

uri = URI.parse(auth.info.image)
uri.scheme = 'https'
user.update_attribute(:avatar, URI.parse(uri))