ably-em-http-request 1.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. checksums.yaml +7 -0
  2. data/.gemtest +0 -0
  3. data/.github/workflows/ci.yml +22 -0
  4. data/.gitignore +9 -0
  5. data/.rspec +0 -0
  6. data/Changelog.md +78 -0
  7. data/Gemfile +14 -0
  8. data/LICENSE +21 -0
  9. data/README.md +66 -0
  10. data/Rakefile +10 -0
  11. data/ably-em-http-request.gemspec +33 -0
  12. data/benchmarks/clients.rb +170 -0
  13. data/benchmarks/em-excon.rb +87 -0
  14. data/benchmarks/em-profile.gif +0 -0
  15. data/benchmarks/em-profile.txt +65 -0
  16. data/benchmarks/server.rb +48 -0
  17. data/examples/.gitignore +1 -0
  18. data/examples/digest_auth/client.rb +25 -0
  19. data/examples/digest_auth/server.rb +28 -0
  20. data/examples/fetch.rb +30 -0
  21. data/examples/fibered-http.rb +51 -0
  22. data/examples/multi.rb +25 -0
  23. data/examples/oauth-tweet.rb +35 -0
  24. data/examples/socks5.rb +23 -0
  25. data/lib/em/io_streamer.rb +51 -0
  26. data/lib/em-http/client.rb +343 -0
  27. data/lib/em-http/core_ext/bytesize.rb +6 -0
  28. data/lib/em-http/decoders.rb +252 -0
  29. data/lib/em-http/http_client_options.rb +51 -0
  30. data/lib/em-http/http_connection.rb +408 -0
  31. data/lib/em-http/http_connection_options.rb +72 -0
  32. data/lib/em-http/http_encoding.rb +151 -0
  33. data/lib/em-http/http_header.rb +85 -0
  34. data/lib/em-http/http_status_codes.rb +59 -0
  35. data/lib/em-http/middleware/digest_auth.rb +114 -0
  36. data/lib/em-http/middleware/json_response.rb +17 -0
  37. data/lib/em-http/middleware/oauth.rb +42 -0
  38. data/lib/em-http/middleware/oauth2.rb +30 -0
  39. data/lib/em-http/multi.rb +59 -0
  40. data/lib/em-http/request.rb +25 -0
  41. data/lib/em-http/version.rb +7 -0
  42. data/lib/em-http-request.rb +1 -0
  43. data/lib/em-http.rb +20 -0
  44. data/spec/client_fiber_spec.rb +23 -0
  45. data/spec/client_spec.rb +1000 -0
  46. data/spec/digest_auth_spec.rb +48 -0
  47. data/spec/dns_spec.rb +41 -0
  48. data/spec/encoding_spec.rb +49 -0
  49. data/spec/external_spec.rb +146 -0
  50. data/spec/fixtures/google.ca +16 -0
  51. data/spec/fixtures/gzip-sample.gz +0 -0
  52. data/spec/gzip_spec.rb +91 -0
  53. data/spec/helper.rb +27 -0
  54. data/spec/http_proxy_spec.rb +268 -0
  55. data/spec/middleware/oauth2_spec.rb +15 -0
  56. data/spec/middleware_spec.rb +143 -0
  57. data/spec/multi_spec.rb +104 -0
  58. data/spec/pipelining_spec.rb +62 -0
  59. data/spec/redirect_spec.rb +430 -0
  60. data/spec/socksify_proxy_spec.rb +56 -0
  61. data/spec/spec_helper.rb +25 -0
  62. data/spec/ssl_spec.rb +67 -0
  63. data/spec/stallion.rb +334 -0
  64. data/spec/stub_server.rb +45 -0
  65. metadata +269 -0
@@ -0,0 +1,430 @@
1
+ require 'helper'
2
+
3
+ class RedirectMiddleware
4
+ attr_reader :call_count
5
+
6
+ def initialize
7
+ @call_count = 0
8
+ end
9
+
10
+ def request(c, h, r)
11
+ @call_count += 1
12
+ [h.merge({'EM-Middleware' => @call_count.to_s}), r]
13
+ end
14
+ end
15
+
16
+ class PickyRedirectMiddleware < RedirectMiddleware
17
+ def response(r)
18
+ if r.redirect? && r.response_header['LOCATION'][-1].chr == '3'
19
+ # set redirects to 0 to avoid further processing
20
+ r.req.redirects = 0
21
+ end
22
+ end
23
+ end
24
+
25
+ describe EventMachine::AblyHttpRequest::HttpRequest do
26
+
27
+ it "should follow location redirects" do
28
+ EventMachine.run {
29
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect').get :redirects => 1
30
+ http.errback { failed(http) }
31
+ http.callback {
32
+ http.response_header.status.should == 200
33
+ http.response_header["CONTENT_ENCODING"].should == "gzip"
34
+ http.response.should == "compressed"
35
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/gzip'
36
+ http.redirects.should == 1
37
+
38
+ EM.stop
39
+ }
40
+ }
41
+ end
42
+
43
+ it "should not follow redirects on created" do
44
+ EventMachine.run {
45
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/created').get :redirects => 1
46
+ http.errback { failed(http) }
47
+ http.callback {
48
+ http.response_header.status.should == 201
49
+ http.response.should match(/Hello/)
50
+ EM.stop
51
+ }
52
+ }
53
+ end
54
+
55
+ it "should not forward cookies across domains with http redirect" do
56
+
57
+ expires = (Date.today + 2).strftime('%a, %d %b %Y %T GMT')
58
+ response =<<-HTTP.gsub(/^ +/, '')
59
+ HTTP/1.1 301 MOVED PERMANENTLY
60
+ Location: http://localhost:8071/
61
+ Set-Cookie: foo=bar; expires=#{expires}; path=/; HttpOnly
62
+
63
+ HTTP
64
+
65
+ EventMachine.run do
66
+ @stub = StubServer.new(:host => '127.0.0.1', :port => 8070, :response => response)
67
+ @echo = StubServer.new(:host => 'localhost', :port => 8071, :echo => true)
68
+
69
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8070/').get :redirects => 1
70
+
71
+ http.errback { failed(http) }
72
+ http.callback do
73
+ http.response.should_not match(/Cookie/)
74
+ @stub.stop
75
+ @echo.stop
76
+ EM.stop
77
+ end
78
+ end
79
+ end
80
+
81
+ it "should forward valid cookies across domains with http redirect" do
82
+
83
+ expires = (Date.today + 2).strftime('%a, %d %b %Y %T GMT')
84
+ response =<<-HTTP.gsub(/^ +/, '')
85
+ HTTP/1.1 301 MOVED PERMANENTLY
86
+ Location: http://127.0.0.1:8071/
87
+ Set-Cookie: foo=bar; expires=#{expires}; path=/; HttpOnly
88
+
89
+ HTTP
90
+
91
+ EventMachine.run do
92
+ @stub = StubServer.new(:host => '127.0.0.1', :port => 8070, :response => response)
93
+ @echo = StubServer.new(:host => '127.0.0.1', :port => 8071, :echo => true)
94
+
95
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8070/').get :redirects => 1
96
+
97
+ http.errback { failed(http) }
98
+ http.callback do
99
+ http.response.should match(/Cookie/)
100
+ @stub.stop
101
+ @echo.stop
102
+ EM.stop
103
+ end
104
+ end
105
+ end
106
+
107
+
108
+ it "should normalize path and forward valid cookies across domains" do
109
+
110
+ expires = (Date.today + 2).strftime('%a, %d %b %Y %T GMT')
111
+ response =<<-HTTP.gsub(/^ +/, '')
112
+ HTTP/1.1 301 MOVED PERMANENTLY
113
+ Location: http://127.0.0.1:8071?omg=ponies
114
+ Set-Cookie: foo=bar; expires=#{expires}; path=/; HttpOnly
115
+
116
+ HTTP
117
+
118
+ EventMachine.run do
119
+ @stub = StubServer.new(:host => '127.0.0.1', :port => 8070, :response => response)
120
+ @echo = StubServer.new(:host => '127.0.0.1', :port => 8071, :echo => true)
121
+
122
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8070/').get :redirects => 1
123
+
124
+ http.errback { failed(http) }
125
+ http.callback do
126
+ http.response.should match(/Cookie/)
127
+ @stub.stop
128
+ @echo.stop
129
+ EM.stop
130
+ end
131
+ end
132
+ end
133
+
134
+ it "should redirect with missing content-length" do
135
+ EventMachine.run {
136
+ response = "HTTP/1.0 301 MOVED PERMANENTLY\r\nlocation: http://127.0.0.1:8090/redirect\r\n\r\n"
137
+ @stub = StubServer.new(:host => '127.0.0.1', :port => 8070, :response => response)
138
+
139
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8070/').get :redirects => 3
140
+ http.errback { failed(http) }
141
+
142
+ http.callback {
143
+ http.response_header.status.should == 200
144
+ http.response_header["CONTENT_ENCODING"].should == "gzip"
145
+ http.response.should == "compressed"
146
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/gzip'
147
+ http.redirects.should == 3
148
+
149
+ @stub.stop
150
+ EM.stop
151
+ }
152
+ }
153
+ end
154
+
155
+ it "should follow redirects on HEAD method" do
156
+ EventMachine.run {
157
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/head').head :redirects => 1
158
+ http.errback { failed(http) }
159
+ http.callback {
160
+ http.response_header.status.should == 200
161
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/'
162
+ EM.stop
163
+ }
164
+ }
165
+ end
166
+
167
+ it "should report last_effective_url" do
168
+ EventMachine.run {
169
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/').get
170
+ http.errback { failed(http) }
171
+ http.callback {
172
+ http.response_header.status.should == 200
173
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/'
174
+
175
+ EM.stop
176
+ }
177
+ }
178
+ end
179
+
180
+ it "should default to 0 redirects" do
181
+ EventMachine.run {
182
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect').get
183
+ http.errback { failed(http) }
184
+ http.callback {
185
+ http.response_header.status.should == 301
186
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/redirect'
187
+ http.redirects.should == 0
188
+
189
+ EM.stop
190
+ }
191
+ }
192
+ end
193
+
194
+ it "should not invoke redirect logic on failed(http) connections" do
195
+ EventMachine.run {
196
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8070/', :connect_timeout => 0.1).get :redirects => 5
197
+ http.callback { failed(http) }
198
+ http.errback {
199
+ http.redirects.should == 0
200
+ EM.stop
201
+ }
202
+ }
203
+ end
204
+
205
+ it "should normalize redirect urls" do
206
+ EventMachine.run {
207
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/bad').get :redirects => 1
208
+ http.errback { failed(http) }
209
+ http.callback {
210
+ http.last_effective_url.to_s.should match('http://127.0.0.1:8090/')
211
+ http.response.should match('Hello, World!')
212
+ EM.stop
213
+ }
214
+ }
215
+ end
216
+
217
+ it "should fail gracefully on a missing host in absolute Location header" do
218
+ EventMachine.run {
219
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/nohost').get :redirects => 1
220
+ http.callback { failed(http) }
221
+ http.errback {
222
+ http.error.should == 'Location header format error'
223
+ EM.stop
224
+ }
225
+ }
226
+ end
227
+
228
+ it "should apply timeout settings on redirects" do
229
+ EventMachine.run {
230
+ t = Time.now.to_i
231
+ EventMachine.heartbeat_interval = 0.1
232
+
233
+ conn = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/timeout', :inactivity_timeout => 0.1)
234
+ http = conn.get :redirects => 1
235
+ http.callback { failed(http) }
236
+ http.errback {
237
+ (Time.now.to_i - t).should <= 1
238
+ EM.stop
239
+ }
240
+ }
241
+ end
242
+
243
+ it "should capture and pass cookies on redirect and pass_cookies by default" do
244
+ EventMachine.run {
245
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/multiple-with-cookie').get :redirects => 2, :head => {'cookie' => 'id=2;'}
246
+ http.errback { failed(http) }
247
+ http.callback {
248
+ http.response_header.status.should == 200
249
+ http.response_header["CONTENT_ENCODING"].should == "gzip"
250
+ http.response.should == "compressed"
251
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/gzip'
252
+ http.redirects.should == 2
253
+ http.cookies.should include("id=2;")
254
+ http.cookies.should include("another_id=1")
255
+
256
+ EM.stop
257
+ }
258
+ }
259
+ end
260
+
261
+ it "should capture and not pass cookies on redirect if passing is disabled via pass_cookies" do
262
+ EventMachine.run {
263
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/multiple-with-cookie').get :redirects => 2, :pass_cookies => false, :head => {'cookie' => 'id=2;'}
264
+ http.errback { failed(http) }
265
+ http.callback {
266
+ http.response_header.status.should == 200
267
+ http.response_header["CONTENT_ENCODING"].should == "gzip"
268
+ http.response.should == "compressed"
269
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/gzip'
270
+ http.redirects.should == 2
271
+ http.cookies.should include("id=2;")
272
+ http.cookies.should_not include("another_id=1; expires=Sat, 09 Aug 2031 17:53:39 GMT; path=/;")
273
+
274
+ EM.stop
275
+ }
276
+ }
277
+ end
278
+
279
+ it "should follow location redirects with path" do
280
+ EventMachine.run {
281
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect').get :path => '/redirect', :redirects => 1
282
+ http.errback { failed(http) }
283
+ http.callback {
284
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/gzip'
285
+ http.response_header.status.should == 200
286
+ http.redirects.should == 1
287
+
288
+ EM.stop
289
+ }
290
+ }
291
+ end
292
+
293
+ it "should call middleware each time it redirects" do
294
+ EventMachine.run {
295
+ conn = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/middleware_redirects_1')
296
+ conn.use RedirectMiddleware
297
+ http = conn.get :redirects => 3
298
+ http.errback { failed(http) }
299
+ http.callback {
300
+ http.response_header.status.should == 200
301
+ http.response_header['EM_MIDDLEWARE'].to_i.should == 3
302
+ EM.stop
303
+ }
304
+ }
305
+ end
306
+
307
+ it "should call middleware which may reject a redirection" do
308
+ EventMachine.run {
309
+ conn = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/middleware_redirects_1')
310
+ conn.use PickyRedirectMiddleware
311
+ http = conn.get :redirects => 3
312
+ http.errback { failed(http) }
313
+ http.callback {
314
+ http.response_header.status.should == 301
315
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/redirect/middleware_redirects_2'
316
+ EM.stop
317
+ }
318
+ }
319
+ end
320
+
321
+ it "should not add default http port to redirect url that don't include it" do
322
+ EventMachine.run {
323
+ conn = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/http_no_port')
324
+ http = conn.get :redirects => 1
325
+ http.errback {
326
+ http.last_effective_url.to_s.should == 'http://host/'
327
+ EM.stop
328
+ }
329
+ }
330
+ end
331
+
332
+ it "should not add default https port to redirect url that don't include it" do
333
+ EventMachine.run {
334
+ conn = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/https_no_port')
335
+ http = conn.get :redirects => 1
336
+ http.errback {
337
+ http.last_effective_url.to_s.should == 'https://host/'
338
+ EM.stop
339
+ }
340
+ }
341
+ end
342
+
343
+ it "should keep default http port in redirect url that include it" do
344
+ EventMachine.run {
345
+ conn = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/http_with_port')
346
+ http = conn.get :redirects => 1
347
+ http.errback {
348
+ http.last_effective_url.to_s.should == 'http://host:80/'
349
+ EM.stop
350
+ }
351
+ }
352
+ end
353
+
354
+ it "should keep default https port in redirect url that include it" do
355
+ EventMachine.run {
356
+ conn = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/https_with_port')
357
+ http = conn.get :redirects => 1
358
+ http.errback {
359
+ http.last_effective_url.to_s.should == 'https://host:443/'
360
+ EM.stop
361
+ }
362
+ }
363
+ end
364
+
365
+ it "should ignore query option when redirecting" do
366
+ EventMachine.run {
367
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8090/redirect/ignore_query_option').get :redirects => 1, :query => 'ignore=1'
368
+ http.errback { failed(http) }
369
+ http.callback {
370
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/redirect/url'
371
+ http.redirects.should == 1
372
+
373
+ redirect_url = http.response
374
+ redirect_url.should == http.last_effective_url.to_s
375
+
376
+ EM.stop
377
+ }
378
+ }
379
+ end
380
+
381
+ it "should work with keep-alive connections with cross-origin redirect" do
382
+ Timeout.timeout(1) {
383
+ EventMachine.run {
384
+ response =<<-HTTP.gsub(/^ +/, '')
385
+ HTTP/1.1 301 MOVED PERMANENTLY
386
+ Location: http://127.0.0.1:8090/
387
+ Content-Length: 0
388
+
389
+ HTTP
390
+
391
+ stub_server = StubServer.new(:host => '127.0.0.1', :port => 8070, :keepalive => true, :response => response)
392
+ conn = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8070/', :inactivity_timeout => 60)
393
+ http = conn.get :redirects => 1, :keepalive => true
394
+ http.errback { failed(http) }
395
+ http.callback {
396
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8090/'
397
+ http.redirects.should == 1
398
+
399
+ stub_server.stop
400
+ EM.stop
401
+ }
402
+ }
403
+ }
404
+ end
405
+
406
+ it "should work with keep-alive connections with same-origin redirect" do
407
+ Timeout.timeout(1) {
408
+ EventMachine.run {
409
+ response =<<-HTTP.gsub(/^ +/, '')
410
+ HTTP/1.1 301 MOVED PERMANENTLY
411
+ Location: http://127.0.0.1:8070/
412
+ Content-Length: 0
413
+
414
+ HTTP
415
+
416
+ stub_server = StubServer.new(:host => '127.0.0.1', :port => 8070, :keepalive => true, :response => response)
417
+ conn = EventMachine::AblyHttpRequest::HttpRequest.new('http://127.0.0.1:8070/', :inactivity_timeout => 60)
418
+ http = conn.get :redirects => 1, :keepalive => true
419
+ http.errback { failed(http) }
420
+ http.callback {
421
+ http.last_effective_url.to_s.should == 'http://127.0.0.1:8070/'
422
+ http.redirects.should == 1
423
+
424
+ stub_server.stop
425
+ EM.stop
426
+ }
427
+ }
428
+ }
429
+ end
430
+ end
@@ -0,0 +1,56 @@
1
+ require 'helper'
2
+
3
+ requires_port(8080) do
4
+ describe EventMachine::AblyHttpRequest::HttpRequest do
5
+
6
+ # ssh -D 8080 igvita
7
+ let(:proxy) { {:proxy => { :host => '127.0.0.1', :port => 8080, :type => :socks5 }} }
8
+
9
+ it "should use SOCKS5 proxy" do
10
+ EventMachine.run {
11
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://jsonip.com/', proxy).get
12
+
13
+ http.errback { failed(http) }
14
+ http.callback {
15
+ http.response_header.status.should == 200
16
+ http.response.should match('173.230.151.99')
17
+ EventMachine.stop
18
+ }
19
+ }
20
+ end
21
+ end
22
+ end
23
+
24
+ requires_port(8081) do
25
+ describe EventMachine::AblyHttpRequest::HttpRequest do
26
+
27
+ # brew install tinyproxy
28
+ let(:http_proxy) { {:proxy => { :host => '127.0.0.1', :port => 8081 }} }
29
+
30
+ it "should use HTTP proxy by default" do
31
+ EventMachine.run {
32
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('http://jsonip.com/', http_proxy).get
33
+
34
+ http.errback { failed(http) }
35
+ http.callback {
36
+ http.response_header.status.should == 200
37
+ http.response.should match(/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/)
38
+ EventMachine.stop
39
+ }
40
+ }
41
+ end
42
+
43
+ it "should auto CONNECT via HTTP proxy for HTTPS requests" do
44
+ EventMachine.run {
45
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('https://ipjson.herokuapp.com/', http_proxy).get
46
+
47
+ http.errback { failed(http) }
48
+ http.callback {
49
+ http.response_header.status.should == 200
50
+ http.response.should match(/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/)
51
+ EventMachine.stop
52
+ }
53
+ }
54
+ end
55
+ end
56
+ end
@@ -0,0 +1,25 @@
1
+ PROXY_ENV_VARS = %w[HTTP_PROXY http_proxy HTTPS_PROXY https_proxy ALL_PROXY]
2
+
3
+ RSpec.configure do |config|
4
+ proxy_envs = {}
5
+
6
+ config.mock_with :rspec do |c|
7
+ c.syntax = [:should, :expect]
8
+ end
9
+ config.expect_with :rspec do |c|
10
+ c.syntax = [:should, :expect]
11
+ end
12
+
13
+ config.before :all do
14
+ # Back-up ENV *_PROXY vars
15
+ orig_proxy_envs = Hash[
16
+ PROXY_ENV_VARS.select {|k| ENV.key? k }.map {|k| [k, ENV.delete(k)] }
17
+ ]
18
+ proxy_envs.replace(orig_proxy_envs)
19
+ end
20
+
21
+ config.after :all do
22
+ # Restore ENV *_PROXY vars
23
+ ENV.update(proxy_envs)
24
+ end
25
+ end
data/spec/ssl_spec.rb ADDED
@@ -0,0 +1,67 @@
1
+ require 'helper'
2
+
3
+ describe EventMachine::AblyHttpRequest::HttpRequest do
4
+ it "should initiate SSL/TLS on HTTPS connections" do
5
+ EventMachine.run {
6
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('https://mail.google.com:443/mail/').get
7
+
8
+ http.errback { failed(http) }
9
+ http.callback {
10
+ http.response_header.status.should == 301
11
+ EventMachine.stop
12
+ }
13
+ }
14
+ end
15
+
16
+ describe "TLS hostname verification" do
17
+ before do
18
+ @cve_warning = "[WARNING; ably-em-http-request] TLS server certificate validation is disabled (use 'tls: {verify_peer: true}'), see" +
19
+ " CVE-2020-13482 and https://github.com/igrigorik/em-http-request/issues/339 for details"
20
+ @orig_stderr = $stderr
21
+ $stderr = StringIO.new
22
+ end
23
+
24
+ after do
25
+ $stderr = @orig_stderr
26
+ end
27
+
28
+ it "should not warn if verify_peer is specified" do
29
+ EventMachine.run {
30
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('https://mail.google.com:443/mail', {tls: {verify_peer: false}}).get
31
+
32
+ http.callback {
33
+ $stderr.rewind
34
+ $stderr.string.chomp.should_not eq(@cve_warning)
35
+
36
+ EventMachine.stop
37
+ }
38
+ }
39
+ end
40
+
41
+ it "should not warn if verify_peer is true" do
42
+ EventMachine.run {
43
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('https://mail.google.com:443/mail', {tls: {verify_peer: true}}).get
44
+
45
+ http.callback {
46
+ $stderr.rewind
47
+ $stderr.string.chomp.should_not eq(@cve_warning)
48
+
49
+ EventMachine.stop
50
+ }
51
+ }
52
+ end
53
+
54
+ it "should warn if verify_peer is unspecified" do
55
+ EventMachine.run {
56
+ http = EventMachine::AblyHttpRequest::HttpRequest.new('https://mail.google.com:443/mail').get
57
+
58
+ http.callback {
59
+ $stderr.rewind
60
+ $stderr.string.chomp.should eq(@cve_warning)
61
+
62
+ EventMachine.stop
63
+ }
64
+ }
65
+ end
66
+ end
67
+ end