async-http 0.59.3 → 0.59.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ccef95a0cce84077c1782720ea14a582822ef0431d60fa98303b88437d072636
-  data.tar.gz: 397a5e8ed0cb1d4ed5ca58190e1c7ab344cabfff040d90df57fe1c49c1ca5360
+  metadata.gz: bdec9955ffb3564757b70e1745e2cea19a63961da0431e38eca773c22b2c6008
+  data.tar.gz: 2d005a43f0e8b43f25834566cbed86fbccc7cfebd6e27a64fdc69c65d0fec700
 SHA512:
-  metadata.gz: 8e0194004b779c0107157cae272fbd9f3c75a050736b2c682d82507a26a88c7dd15e74dc1f3ca1e513ba8f2c1d0697103acf5a5edf172e617c5833cb11094dde
-  data.tar.gz: 3c19cffb3030cf3b6b88091ef6818cf0339f01f5f52e6e35c704d9228d2b961af47f51d74995a7f83c19f1aa8405979d93cd612f8cd67d70492c71b02207c945
+  metadata.gz: 23a2d571edf0bb0fb73277057c84f7469648dba7f0afccf24ac2e3c15f0d1d11658e831fe3ef8a11b4dd4f28469be0c94a330bbd009aeb6a3e661f5323a2cb09
+  data.tar.gz: da57464924efd79a5dba6b7c5366ac883d012a1aed10492a11911137cd55b809e24a757ec4481e83a45092f2bd7286aca6852376075e5b07564fdca2ae56ed99

data/lib/async/http/relative_location.rb

@@ -23,6 +23,7 @@ require_relative 'endpoint'
 require_relative 'reference'
 
 require 'protocol/http/middleware'
+require 'protocol/http/body/rewindable'
 
 module Async
 	module HTTP
@@ -30,8 +31,28 @@ module Async
 		end
 		
 		# A client wrapper which transparently handles both relative and absolute redirects to a given maximum number of hops.
+		#
+		# The best reference for these semantics is defined by the [Fetch specification](https://fetch.spec.whatwg.org/#http-redirect-fetch).
+		#
+		# | Redirect using GET                        | Permanent | Temporary |
+		# |:-----------------------------------------:|:---------:|:---------:|
+		# | Allowed                                   | 301       | 302       |
+		# | Preserve original method                  | 308       | 307       |
+		#
+		# For the specific details of the redirect handling, see:
+		# - <https://datatracker.ietf.org/doc/html/rfc7231#section-6-4-2> 301 Moved Permanently.
+		# - <https://datatracker.ietf.org/doc/html/rfc7231#section-6-4-3> 302 Found.
+		# - <https://datatracker.ietf.org/doc/html/rfc7538 308 Permanent Redirect.
+		# - <https://datatracker.ietf.org/doc/html/rfc7231#section-6-4-7> 307 Temporary Redirect.
+		#
 		class RelativeLocation < ::Protocol::HTTP::Middleware
-			DEFAULT_METHOD = GET
+			# Header keys which should be deleted when changing a request from a POST to a GET as defined by <https://fetch.spec.whatwg.org/#request-body-header-name>.
+			PROHIBITED_GET_HEADERS = [
+				'content-encoding',
+				'content-language',
+				'content-location',
+				'content-type',
+			]
 			
 			# maximum_hops is the max number of redirects. Set to 0 to allow 1 request with no redirects.
 			def initialize(app, maximum_hops = 3)
@@ -43,20 +64,39 @@ module Async
 			# The maximum number of hops which will limit the number of redirects until an error is thrown.
 			attr :maximum_hops
 			
+			def redirect_with_get?(request, response)
+				# We only want to switch to GET if the request method is something other than get, e.g. POST.
+				if request.method != GET
+					# According to the RFC, we should only switch to GET if the response is a 301 or 302:
+					return response.status == 301 || response.status == 302
+				end
+			end
+			
 			def call(request)
-				hops = 0
+				# We don't want to follow redirects for HEAD requests:
+				return super if request.head?
+				
+				if body = request.body
+					# We need to cache the body as it might be submitted multiple times if we get a response status of 307 or 308:
+					body = ::Protocol::HTTP::Body::Rewindable.new(body)
+					request.body = body
+				end
 				
-				# We need to cache the body as it might be submitted multiple times.
-				request.finish
+				hops = 0
 				
 				while hops <= @maximum_hops
 					response = super(request)
 					
 					if response.redirection?
 						hops += 1
+						
+						# Get the redirect location:
+						unless location = response.headers['location']
+							return response
+						end
+						
 						response.finish
 						
-						location = response.headers['location']
 						uri = URI.parse(location)
 						
 						if uri.absolute?
@@ -65,8 +105,21 @@ module Async
 							request.path = Reference[request.path] + location
 						end
 						
-						unless response.preserve_method?
-							request.method = DEFAULT_METHOD
+						if request.method == GET or response.preserve_method?
+							# We (might) need to rewind the body so that it can be submitted again:
+							body&.rewind
+						else
+							# We are changing the method to GET:
+							request.method = GET
+							
+							# Clear the request body:
+							request.finish
+							body = nil
+							
+							# Remove any headers which are not allowed in a GET request:
+							PROHIBITED_GET_HEADERS.each do |header|
+								request.headers.delete(header)
+							end
 						end
 					else
 						return response

data/lib/async/http/version.rb

@@ -22,6 +22,6 @@
 
 module Async
 	module HTTP
-		VERSION = "0.59.3"
+		VERSION = "0.59.4"
 	end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: async-http
 version: !ruby/object:Gem::Version
-  version: 0.59.3
+  version: 0.59.4
 platform: ruby
 authors:
 - Samuel Williams
@@ -52,7 +52,7 @@ cert_chain:
   Q2K9NVun/S785AP05vKkXZEFYxqG6EW012U4oLcFl5MySFajYXRYbuUpH6AY+HP8
   voD0MPg1DssDLKwXyt1eKD/+Fq0bFWhwVM/1XiAXL7lyYUyOq24KHgQ2Csg=
   -----END CERTIFICATE-----
-date: 2022-11-10 00:00:00.000000000 Z
+date: 2022-12-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: async