Fail gracefully when attempting to request from an unknown URI schemeseg-fail-invalid-uri-schemes

2 files changed, 22 insertions, 0 deletions

diff --git a/lib/bundler/fetcher/downloader.rb b/lib/bundler/fetcher/downloader.rb
index c8d714c05a..ee1aa1a972 100644
--- a/lib/bundler/fetcher/downloader.rb
+++ b/lib/bundler/fetcher/downloader.rb
@@ -38,6 +38,8 @@ module Bundler
       end
 
       def request(uri, options)
+        validate_uri_scheme!(uri)
+
         Bundler.ui.debug "HTTP GET #{uri}"
         req = Net::HTTP::Get.new uri.request_uri, options
         if uri.user
@@ -61,6 +63,15 @@ module Bundler
           raise HTTPError, "Network error while fetching #{URICredentialsFilter.credential_filtered_uri(uri)}"
         end
       end
+
+    private
+
+      def validate_uri_scheme!(uri)
+        return if uri.scheme =~ /\Ahttps?\z/
+        raise InvalidOption,
+          "The request uri `#{uri}` has an invalid scheme (`#{uri.scheme}`). " \
+          "Did you mean `http` or `https`?"
+      end
     end
   end
 end
diff --git a/spec/install/gems/compact_index_spec.rb b/spec/install/gems/compact_index_spec.rb
index a800a6ad7b..228d8ddcc9 100644
--- a/spec/install/gems/compact_index_spec.rb
+++ b/spec/install/gems/compact_index_spec.rb
@@ -696,6 +696,17 @@ The checksum of /versions does not match the checksum provided by the server! So
     expect(the_bundle).to include_gems "rack 1.0.0"
   end
 
+  it "fails gracefully when the source URI has an invalid scheme" do
+    install_gemfile <<-G
+      source "htps://rubygems.org"
+      gem "rack"
+    G
+    expect(exitstatus).to eq(15) if exitstatus
+    expect(out).to end_with(<<-E.strip)
+      The request uri `htps://index.rubygems.org/versions` has an invalid scheme (`htps`). Did you mean `http` or `https`?
+    E
+  end
+
   describe "checksum validation", :rubygems => ">= 2.3.0" do
     it "raises when the checksum does not match" do
       install_gemfile <<-G, :artifice => "compact_index_wrong_gem_checksum"