eat 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. data/CHANGELOG +2 -0
  2. data/README.rdoc +9 -6
  3. data/lib/eat.rb +4 -2
  4. data/lib/eat/version.rb +1 -1
  5. data/test/test_eat.rb +18 -0
  6. metadata +4 -4
data/CHANGELOG CHANGED
@@ -1,3 +1,5 @@
1
+ 0.1.1
2
+ * SSL certificates are now verified by default (use :openssl_verify_mode => 'none' to disable) per @codahale http://bit.ly/kZr9Jc
1
3
  0.1.0
2
4
  * no longer tries to open file with sudo if it gets a permission error
3
5
  * remove Eat::Config.timeout global option
data/README.rdoc CHANGED
@@ -15,19 +15,22 @@ Try <tt>#eat</tt>, which ALWAYS returns a <tt>String</tt>:
15
15
 
16
16
  ==Options
17
17
 
18
- eat('http://yahoo.com', :timeout => 10) # timeout after 10 seconds
19
- eat('http://yahoo.com', :limit => 1024) # only read the first 1024 chars
18
+ eat('http://yahoo.com', :timeout => 10) # timeout after 10 seconds
19
+ eat('http://yahoo.com', :limit => 1024) # only read the first 1024 chars
20
+ eat('https://yahoo.com', :openssl_verify_mode => 'none) # don't bother verifying SSL certificate
20
21
 
21
- ==Warning: doesn't verify SSL certs
22
+ ==Warning: DOES verify SSL certs
22
23
 
23
- If you need to check SSL certificates, please don't use this gem. It always sets
24
+ If you want to disable verification of SSL certificates, use
24
25
 
25
- http.verify_mode = ::OpenSSL::SSL::VERIFY_NONE
26
+ :openssl_verify_mode => 'none'
27
+
28
+ Thanks @codahale and @peterc for their suggestions.
26
29
 
27
30
  ==Supported schemas
28
31
 
29
32
  * local filesystem
30
33
  * http
31
- * https (it won't check the SSL certificate... if you want security, don't use this!)
34
+ * https
32
35
 
33
36
  Copyright 2011 Seamus Abshere
data/lib/eat.rb CHANGED
@@ -13,6 +13,7 @@ module Eat
13
13
  # Options:
14
14
  # * <tt>:timeout</tt> in seconds
15
15
  # * <tt>:limit</tt> is characters (bytes in Ruby 1.8)
16
+ # * <tt>:openssl_verify_mode</tt> set to 'none' if you don't want to verify SSL certificates
16
17
  #
17
18
  # Example:
18
19
  # eat('http://brighterplanet.com') #=> '...'
@@ -21,6 +22,8 @@ module Eat
21
22
  def eat(url, options = {})
22
23
  timeout = options[:timeout] || options['timeout'] || 2
23
24
  limit = options[:limit] || options['limit'] || ::Infinity
25
+ openssl_verify_mode = options[:openssl_verify_mode] || options['openssl_verify_mode']
26
+
24
27
  uri = ::URI.parse url.to_s
25
28
 
26
29
  body = []
@@ -45,8 +48,7 @@ module Eat
45
48
  http = ::Net::HTTP.new uri.host, uri.port
46
49
  if uri.scheme == 'https'
47
50
  http.use_ssl = true
48
- # if you were trying to be real safe, you wouldn't use this library
49
- http.verify_mode = ::OpenSSL::SSL::VERIFY_NONE
51
+ http.verify_mode = ::OpenSSL::SSL::VERIFY_NONE if openssl_verify_mode.to_s == 'none'
50
52
  end
51
53
  http.start do |session|
52
54
  catch :stop do
data/lib/eat/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Eat
2
- VERSION = "0.1.0"
2
+ VERSION = "0.1.1"
3
3
  end
data/test/test_eat.rb CHANGED
@@ -52,4 +52,22 @@ class TestEat < Test::Unit::TestCase
52
52
  assert_equal 'Use', eat(::URI.parse('http://brighterplanet.com/robots.txt'), :timeout => 10, :limit => 3)
53
53
  assert_equal 'User-', eat(::URI.parse('http://brighterplanet.com/robots.txt'), :timeout => 10, :limit => 5)
54
54
  end
55
+
56
+ def test_ssl
57
+ assert_nothing_raised do
58
+ eat 'https://brighterplanet.com'
59
+ end
60
+ end
61
+
62
+ def test_openssl_verify_on_by_default
63
+ assert_raises(OpenSSL::SSL::SSLError) do
64
+ eat 'https://foo.bar.brighterplanet.com'
65
+ end
66
+ end
67
+
68
+ def test_disable_openssl_verify
69
+ assert_nothing_raised do
70
+ eat 'https://foo.bar.brighterplanet.com', :openssl_verify_mode => 'none'
71
+ end
72
+ end
55
73
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: eat
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,11 +9,11 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2011-06-27 00:00:00.000000000Z
12
+ date: 2011-06-30 00:00:00.000000000Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: test-unit
16
- requirement: &2153835220 !ruby/object:Gem::Requirement
16
+ requirement: &2164601920 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ! '>='
@@ -21,7 +21,7 @@ dependencies:
21
21
  version: '0'
22
22
  type: :development
23
23
  prerelease: false
24
- version_requirements: *2153835220
24
+ version_requirements: *2164601920
25
25
  description: Lets you open local and remote files by immediately returning their contents
26
26
  as a string.
27
27
  email: