Replace insecure URI.open with URI.parse#open (#982)

koic · andreibondarev · web-flow · commit 3624e4e62085 · 2025-05-15T22:25:52.000-04:00
`URI.open` is not safe because it can execute commands like those shown below: ```console $ ruby -ropen-uri -e 'p URI.open(%q{| echo "hi"}).read' "hi\n" ``` Replacing it with `URI.parse#open`, as already used in `Langchain::Loader`, makes it more secure: https://github.com/patterns-ai-core/langchainrb/blob/0.19.5/lib/langchain/loader.rb#L95 ```console $ ruby -ropen-uri -e 'p URI.parse(%q{| echo "hi"}).open.read' /Users/koic/.rbenv/versions/3.4.3/lib/ruby/gems/3.4.0/gems/uri-1.0.3/lib/uri/rfc3986_parser.rb:130: in 'URI::RFC3986_Parser#split': bad URI (is not URI?): "| echo \"hi\"" (URI::InvalidURIError) from /Users/koic/.rbenv/versions/3.4.3/lib/ruby/gems/3.4.0/gems/uri-1.0.3/lib/uri/rfc3986_parser.rb:135: in 'URI::RFC3986_Parser#parse' from /Users/koic/.rbenv/versions/3.4.3/lib/ruby/gems/3.4.0/gems/uri-1.0.3/lib/uri/common.rb:212:in 'URI.parse' from -e:1:in '<main>' ``` It likely makes sense also in terms of reusing the parsed `uri` object. Co-authored-by: Andrei Bondarev <andrei@sourcelabs.io>
diff --git a/lib/langchain/utils/image_wrapper.rb b/lib/langchain/utils/image_wrapper.rb
@@ -30,7 +30,8 @@ def open_image
         # TODO: Make it work with local files
         uri = URI.parse(image_url)
         raise URI::InvalidURIError, "Invalid URL scheme" unless %w[http https].include?(uri.scheme)
-        @open_image ||= URI.open(image_url) # rubocop:disable Security/Open
+
+        @open_image ||= uri.open
       end
     end
   end
diff --git a/spec/langchain/utils/image_wrapper_spec.rb b/spec/langchain/utils/image_wrapper_spec.rb
@@ -2,9 +2,12 @@
 
 RSpec.describe Langchain::Utils::ImageWrapper do
   let(:image_url) { "https://example.com/sf-cable-car.jpeg" }
+  let(:uri_https) { instance_double(URI::HTTPS) }
 
   before do
-    allow(URI).to receive(:open).with(image_url).and_return(File.open("./spec/fixtures/loaders/sf-cable-car.jpeg"))
+    allow(URI).to receive(:parse).with(image_url).and_return(uri_https)
+    allow(uri_https).to receive(:scheme).and_return("https")
+    allow(uri_https).to receive(:open).and_return(File.open("./spec/fixtures/loaders/sf-cable-car.jpeg"))
   end
 
   subject { described_class.new(image_url) }
