excon 0.62.0 → 0.85.0

data/excon.gemspec

@@ -11,8 +11,13 @@ Gem::Specification.new do |s|
   s.license          = 'MIT'
   s.rdoc_options     = ["--charset=UTF-8"]
   s.extra_rdoc_files = %w[README.md CONTRIBUTORS.md CONTRIBUTING.md]
-  s.files            = `git ls-files -z`.split("\x0")
-  s.test_files       = s.files.select { |path| path =~ /^[spec|tests]\/.*_[spec|tests]\.rb/ }
+  s.files            = `git ls-files -- data/* lib/*`.split("\n") + [
+    "CONTRIBUTING.md",
+    "CONTRIBUTORS.md",
+    "LICENSE.md",
+    "README.md",
+    "excon.gemspec"
+  ]
 
   s.add_development_dependency('rspec', '>= 3.5.0')
   s.add_development_dependency('activesupport')
@@ -26,4 +31,14 @@ Gem::Specification.new do |s|
   s.add_development_dependency('sinatra-contrib')
   s.add_development_dependency('json', '>= 1.8.5')
   s.add_development_dependency('puma')
+  s.add_development_dependency('webrick')
+
+  s.metadata = {
+    'homepage_uri'      => 'https://github.com/excon/excon',
+    'bug_tracker_uri'   => 'https://github.com/excon/excon/issues',
+    'changelog_uri'     => 'https://github.com/excon/excon/blob/master/changelog.txt',
+    'documentation_uri' => 'https://github.com/excon/excon/blob/master/README.md',
+    'source_code_uri'   => 'https://github.com/excon/excon',
+    'wiki_uri'          => 'https://github.com/excon/excon/wiki'
+  }
 end

data/lib/excon.rb

@@ -23,11 +23,11 @@ require 'excon/middlewares/instrumentor'
 require 'excon/middlewares/mock'
 require 'excon/middlewares/response_parser'
 
+require 'excon/error'
 require 'excon/constants'
 require 'excon/utils'
 
 require 'excon/connection'
-require 'excon/error'
 require 'excon/headers'
 require 'excon/response'
 require 'excon/middlewares/decompress'
@@ -61,6 +61,14 @@ module Excon
       if $VERBOSE || ENV['EXCON_DEBUG']
         $stderr.puts "[excon][WARNING] #{warning}\n#{ caller.join("\n") }"
       end
+
+      if @raise_on_warnings
+        raise Error::Warning.new(warning)
+      end
+    end
+
+    def set_raise_on_warnings!(should_raise)
+      @raise_on_warnings = should_raise
     end
 
     # Status of mocking
@@ -105,9 +113,9 @@ module Excon
 
     # @see Connection#initialize
     # Initializes a new keep-alive session for a given remote host
-    #   @param [String] url The destination URL
-    #   @param [Hash<Symbol, >] params One or more option params to set on the Connection instance
-    #   @return [Connection] A new Excon::Connection instance
+    # @param [String] url The destination URL
+    # @param [Hash<Symbol, >] params One or more option params to set on the Connection instance
+    # @return [Connection] A new Excon::Connection instance
     def new(url, params = {})
       uri_parser = params[:uri_parser] || defaults[:uri_parser]
       uri = uri_parser.parse(url)
@@ -135,13 +143,13 @@ module Excon
     end
 
     # push an additional stub onto the list to check for mock requests
-    #   @param [Hash<Symbol, >] request params to match against, omitted params match all
-    #   @param [Hash<Symbol, >] response params to return from matched request or block to call with params
-    def stub(request_params = {}, response_params = nil)
-      if method = request_params.delete(:method)
+    # @param request_params [Hash<Symbol, >] request params to match against, omitted params match all
+    # @param response_params [Hash<Symbol, >] response params to return from matched request or block to call with params
+    def stub(request_params = {}, response_params = nil, &block)
+      if (method = request_params.delete(:method))
         request_params[:method] = method.to_s.downcase.to_sym
       end
-      if url = request_params.delete(:url)
+      if (url = request_params.delete(:url))
         uri = URI.parse(url)
         request_params = {
           :host              => uri.host,
@@ -167,7 +175,7 @@ module Excon
         if response_params
           raise(ArgumentError.new("stub requires either response_params OR a block"))
         else
-          stub = [request_params, Proc.new]
+          stub = [request_params, block]
         end
       elsif response_params
         stub = [request_params, response_params]
@@ -179,10 +187,10 @@ module Excon
     end
 
     # get a stub matching params or nil
-    #   @param [Hash<Symbol, >] request params to match against, omitted params match all
-    #   @return [Hash<Symbol, >] response params to return from matched request or block to call with params
+    # @param request_params [Hash<Symbol, >] request params to match against, omitted params match all
+    # @return [Hash<Symbol, >] response params to return from matched request or block to call with params
     def stub_for(request_params={})
-      if method = request_params.delete(:method)
+      if (method = request_params.delete(:method))
         request_params[:method] = method.to_s.downcase.to_sym
       end
       Excon.stubs.each do |stub, response_params|
@@ -190,7 +198,7 @@ module Excon
         headers_match = !stub.has_key?(:headers) || stub[:headers].keys.all? do |key|
           case value = stub[:headers][key]
           when Regexp
-            if match = value.match(request_params[:headers][key])
+            if (match = value.match(request_params[:headers][key]))
               captures[:headers][key] = match.captures
             end
             match
@@ -201,7 +209,7 @@ module Excon
         non_headers_match = (stub.keys - [:headers]).all? do |key|
           case value = stub[key]
           when Regexp
-            if match = value.match(request_params[key])
+            if (match = value.match(request_params[key]))
               captures[key] = match.captures
             end
             match
@@ -228,8 +236,8 @@ module Excon
     end
 
     # remove first/oldest stub matching request_params
-    #   @param [Hash<Symbol, >] request params to match against, omitted params match all
-    #   @return [Hash<Symbol, >] response params from deleted stub
+    # @param request_params [Hash<Symbol, >] request params to match against, omitted params match all
+    # @return [Hash<Symbol, >] response params from deleted stub
     def unstub(request_params = {})
       stub = stub_for(request_params)
       Excon.stubs.delete_at(Excon.stubs.index(stub))

data/lib/excon/connection.rb

@@ -1,4 +1,6 @@
 # frozen_string_literal: true
+require 'ipaddr'
+
 module Excon
   class Connection
     include Utils
@@ -38,27 +40,27 @@ module Excon
       end
     end
     def logger=(logger)
-      Excon::LoggingInstrumentor.logger = logger
       @data[:instrumentor] = Excon::LoggingInstrumentor
+      @data[:logger] = logger
     end
 
     # Initializes a new Connection instance
-    #   @param [Hash<Symbol, >] params One or more optional params
-    #     @option params [String] :body Default text to be sent over a socket. Only used if :body absent in Connection#request params
-    #     @option params [Hash<Symbol, String>] :headers The default headers to supply in a request. Only used if params[:headers] is not supplied to Connection#request
-    #     @option params [String] :host The destination host's reachable DNS name or IP, in the form of a String. IPv6 addresses must be wrapped (e.g. [::1]).  See URI#host.
-    #     @option params [String] :hostname Same as host, but usable for socket connections. IPv6 addresses must not be wrapped (e.g. ::1).  See URI#hostname.
-    #     @option params [String] :path Default path; appears after 'scheme://host:port/'. Only used if params[:path] is not supplied to Connection#request
-    #     @option params [Fixnum] :port The port on which to connect, to the destination host
-    #     @option params [Hash]   :query Default query; appended to the 'scheme://host:port/path/' in the form of '?key=value'. Will only be used if params[:query] is not supplied to Connection#request
-    #     @option params [String] :scheme The protocol; 'https' causes OpenSSL to be used
-    #     @option params [String] :socket The path to the unix socket (required for 'unix://' connections)
-    #     @option params [String] :ciphers Only use the specified SSL/TLS cipher suites; use OpenSSL cipher spec format e.g. 'HIGH:!aNULL:!3DES' or 'AES256-SHA:DES-CBC3-SHA'
-    #     @option params [String] :proxy Proxy server; e.g. 'http://myproxy.com:8888'
-    #     @option params [Fixnum] :retry_limit Set how many times we'll retry a failed request.  (Default 4)
-    #     @option params [Fixnum] :retry_interval Set how long to wait between retries. (Default 0)
-    #     @option params [Class] :instrumentor Responds to #instrument as in ActiveSupport::Notifications
-    #     @option params [String] :instrumentor_name Name prefix for #instrument events.  Defaults to 'excon'
+    # @param [Hash<Symbol, >] params One or more optional params
+    # @option params [String] :body Default text to be sent over a socket. Only used if :body absent in Connection#request params
+    # @option params [Hash<Symbol, String>] :headers The default headers to supply in a request. Only used if params[:headers] is not supplied to Connection#request
+    # @option params [String] :host The destination host's reachable DNS name or IP, in the form of a String. IPv6 addresses must be wrapped (e.g. [::1]).  See URI#host.
+    # @option params [String] :hostname Same as host, but usable for socket connections. IPv6 addresses must not be wrapped (e.g. ::1).  See URI#hostname.
+    # @option params [String] :path Default path; appears after 'scheme://host:port/'. Only used if params[:path] is not supplied to Connection#request
+    # @option params [Fixnum] :port The port on which to connect, to the destination host
+    # @option params [Hash]   :query Default query; appended to the 'scheme://host:port/path/' in the form of '?key=value'. Will only be used if params[:query] is not supplied to Connection#request
+    # @option params [String] :scheme The protocol; 'https' causes OpenSSL to be used
+    # @option params [String] :socket The path to the unix socket (required for 'unix://' connections)
+    # @option params [String] :ciphers Only use the specified SSL/TLS cipher suites; use OpenSSL cipher spec format e.g. 'HIGH:!aNULL:!3DES' or 'AES256-SHA:DES-CBC3-SHA'
+    # @option params [String] :proxy Proxy server; e.g. 'http://myproxy.com:8888'
+    # @option params [Fixnum] :retry_limit Set how many times we'll retry a failed request.  (Default 4)
+    # @option params [Fixnum] :retry_interval Set how long to wait between retries. (Default 0)
+    # @option params [Class] :instrumentor Responds to #instrument as in ActiveSupport::Notifications
+    # @option params [String] :instrumentor_name Name prefix for #instrument events.  Defaults to 'excon'
     def initialize(params = {})
       @data = Excon.defaults.dup
       # merge does not deep-dup, so make sure headers is not the original
@@ -67,12 +69,17 @@ module Excon
       # the same goes for :middlewares
       @data[:middlewares] = @data[:middlewares].dup
 
-      params = validate_params(:connection, params)
       @data.merge!(params)
+      validate_params(:connection, @data, @data[:middlewares])
+
+      if @data.key?(:host) && !@data.key?(:hostname)
+        Excon.display_warning('hostname is missing! For IPv6 support, provide both host and hostname: Excon::Connection#new(:host => uri.host, :hostname => uri.hostname, ...).')
+        @data[:hostname] = @data[:host]
+      end
 
       setup_proxy
 
-      if  ENV.has_key?('EXCON_STANDARD_INSTRUMENTOR')
+      if ENV.has_key?('EXCON_STANDARD_INSTRUMENTOR')
         @data[:instrumentor] = Excon::StandardInstrumentor
       end
 
@@ -108,7 +115,7 @@ module Excon
           # we already have data from a middleware, so bail
           return datum
         else
-          socket.data = datum
+          socket(datum).data = datum
           # start with "METHOD /path"
           request = datum[:method].to_s.upcase + ' '
           if datum[:proxy] && datum[:scheme] != HTTPS
@@ -137,31 +144,25 @@ module Excon
           end
 
           # add headers to request
-          datum[:headers].each do |key, values|
-            [values].flatten.each do |value|
-              request << key.to_s << ': ' << value.to_s << CR_NL
-            end
-          end
+          request << Utils.headers_hash_to_s(datum[:headers])
 
           # add additional "\r\n" to indicate end of headers
           request << CR_NL
 
           if datum.has_key?(:request_block)
-            socket.write(request) # write out request + headers
+            socket(datum).write(request) # write out request + headers
             while true # write out body with chunked encoding
               chunk = datum[:request_block].call
-              if FORCE_ENC
-                chunk.force_encoding('BINARY')
-              end
+              chunk = binary_encode(chunk)
               if chunk.length > 0
-                socket.write(chunk.length.to_s(16) << CR_NL << chunk << CR_NL)
+                socket(datum).write(chunk.length.to_s(16) << CR_NL << chunk << CR_NL)
               else
-                socket.write(String.new("0#{CR_NL}#{CR_NL}"))
+                socket(datum).write(String.new("0#{CR_NL}#{CR_NL}"))
                 break
               end
             end
           elsif body.nil?
-            socket.write(request) # write out request + headers
+            socket(datum).write(request) # write out request + headers
           else # write out body
             if body.respond_to?(:binmode) && !body.is_a?(StringIO)
               body.binmode
@@ -171,27 +172,23 @@ module Excon
             end
 
             # if request + headers is less than chunk size, fill with body
-            if FORCE_ENC
-              request.force_encoding('BINARY')
-            end
+            request = binary_encode(request)
             chunk = body.read([datum[:chunk_size] - request.length, 0].max)
             if chunk
-              if FORCE_ENC
-                chunk.force_encoding('BINARY')
-              end
-              socket.write(request << chunk)
+              chunk = binary_encode(chunk)
+              socket(datum).write(request << chunk)
             else
-              socket.write(request) # write out request + headers
+              socket(datum).write(request) # write out request + headers
             end
 
-            while chunk = body.read(datum[:chunk_size])
-              socket.write(chunk)
+            while (chunk = body.read(datum[:chunk_size]))
+              socket(datum).write(chunk)
             end
           end
         end
       rescue => error
         case error
-        when Excon::Errors::StubNotFound, Excon::Errors::Timeout
+        when Excon::Errors::InvalidHeaderKey, Excon::Errors::InvalidHeaderValue, Excon::Errors::StubNotFound, Excon::Errors::Timeout
           raise(error)
         else
           raise_socket_error(error)
@@ -216,18 +213,24 @@ module Excon
     end
 
     # Sends the supplied request to the destination host.
-    #   @yield [chunk] @see Response#self.parse
-    #   @param [Hash<Symbol, >] params One or more optional params, override defaults set in Connection.new
-    #     @option params [String] :body text to be sent over a socket
-    #     @option params [Hash<Symbol, String>] :headers The default headers to supply in a request
-    #     @option params [String] :path appears after 'scheme://host:port/'
-    #     @option params [Hash]   :query appended to the 'scheme://host:port/path/' in the form of '?key=value'
+    # @yield [chunk] @see Response#self.parse
+    # @param [Hash<Symbol, >] params One or more optional params, override defaults set in Connection.new
+    # @option params [String] :body text to be sent over a socket
+    # @option params [Hash<Symbol, String>] :headers The default headers to supply in a request
+    # @option params [String] :path appears after 'scheme://host:port/'
+    # @option params [Hash]   :query appended to the 'scheme://host:port/path/' in the form of '?key=value'
     def request(params={}, &block)
-      params = validate_params(:request, params)
       # @data has defaults, merge in new params to override
       datum = @data.merge(params)
       datum[:headers] = @data[:headers].merge(datum[:headers] || {})
 
+      validate_params(:request, params, datum[:middlewares])
+      # If the user passed in new middleware, we want to validate that the original connection parameters
+      # are still valid with the provided middleware.
+      if params[:middlewares]
+        validate_params(:connection, @data, datum[:middlewares])
+      end
+
       if datum[:user] || datum[:password]
         user, pass = Utils.unescape_uri(datum[:user].to_s), Utils.unescape_uri(datum[:password].to_s)
         datum[:headers]['Authorization'] ||= 'Basic ' + ["#{user}:#{pass}"].pack('m').delete(Excon::CR_NL)
@@ -238,7 +241,12 @@ module Excon
       else
         datum[:headers]['Host']   ||= datum[:host] + port_string(datum)
       end
-      datum[:retries_remaining] ||= datum[:retry_limit]
+
+      # RFC 7230, section 5.4, states that the Host header SHOULD be the first one # to be present.
+      # Some web servers will reject the request if it comes too late, so let's hoist it to the top.
+      if (host = datum[:headers].delete('Host'))
+        datum[:headers] = { 'Host' => host }.merge(datum[:headers])
+      end
 
       # if path is empty or doesn't start with '/', insert one
       unless datum[:path][0, 1] == '/'
@@ -247,11 +255,16 @@ module Excon
 
       if block_given?
         Excon.display_warning('Excon requests with a block are deprecated, pass :response_block instead.')
-        datum[:response_block] = Proc.new
+        datum[:response_block] = block
       end
 
       datum[:connection] = self
 
+      # cleanup data left behind on persistent connection after interrupt
+      if datum[:persistent] && !@persistent_socket_reusable
+        reset
+      end
+
       datum[:stack] = datum[:middlewares].map do |middleware|
         lambda {|stack| middleware.new(stack)}
       end.reverse.inject(self) do |middlewares, middleware|
@@ -260,10 +273,12 @@ module Excon
       datum = datum[:stack].request_call(datum)
 
       unless datum[:pipeline]
+        @persistent_socket_reusable = false
         datum = response(datum)
+        @persistent_socket_reusable = true
 
         if datum[:persistent]
-          if key = datum[:response][:headers].keys.detect {|k| k.casecmp('Connection') == 0 }
+          if (key = datum[:response][:headers].keys.detect {|k| k.casecmp('Connection') == 0 })
             if datum[:response][:headers][key].casecmp('close') == 0
               reset
             end
@@ -278,6 +293,10 @@ module Excon
       end
     rescue => error
       reset
+
+      # If we didn't get far enough to initialize datum and the middleware stack, just raise
+      raise error if !datum
+
       datum[:error] = error
       if datum[:stack]
         datum[:stack].error_call(datum)
@@ -287,7 +306,7 @@ module Excon
     end
 
     # Sends the supplied requests to the destination host using pipelining.
-    #   @pipeline_params [Array<Hash>] pipeline_params An array of one or more optional params, override defaults set in Connection.new, see #request for details
+    # @param pipeline_params [Array<Hash>] An array of one or more optional params, override defaults set in Connection.new, see #request for details
     def requests(pipeline_params)
       pipeline_params.each {|params| params.merge!(:pipeline => true, :persistent => true) }
       pipeline_params.last.merge!(:persistent => @data[:persistent])
@@ -299,7 +318,7 @@ module Excon
       end
 
       if @data[:persistent]
-        if key = responses.last[:headers].keys.detect {|k| k.casecmp('Connection') == 0 }
+        if (key = responses.last[:headers].keys.detect {|k| k.casecmp('Connection') == 0 })
           if responses.last[:headers][key].casecmp('close') == 0
             reset
           end
@@ -314,7 +333,7 @@ module Excon
     # Sends the supplied requests to the destination host using pipelining in
     # batches of @limit [Numeric] requests. This is your soft file descriptor
     # limit by default, typically 256.
-    #   @pipeline_params [Array<Hash>] pipeline_params An array of one or more optional params, override defaults set in Connection.new, see #request for details
+    # @param pipeline_params [Array<Hash>] An array of one or more optional params, override defaults set in Connection.new, see #request for details
     def batch_requests(pipeline_params, limit = nil)
       limit ||= Process.respond_to?(:getrlimit) ? Process.getrlimit(:NOFILE).first : 256
       responses = []
@@ -327,9 +346,10 @@ module Excon
     end
 
     def reset
-      if old_socket = sockets.delete(@socket_key)
+      if (old_socket = sockets.delete(@socket_key))
         old_socket.close rescue nil
       end
+      @persistent_socket_reusable = true
     end
 
     # Generate HTTP request verb methods
@@ -355,15 +375,7 @@ module Excon
       vars = instance_variables.inject({}) do |accum, var|
         accum.merge!(var.to_sym => instance_variable_get(var))
       end
-      if vars[:'@data'][:headers].has_key?('Authorization')
-        vars[:'@data'] = vars[:'@data'].dup
-        vars[:'@data'][:headers] = vars[:'@data'][:headers].dup
-        vars[:'@data'][:headers]['Authorization'] = REDACTED
-      end
-      if vars[:'@data'][:password]
-        vars[:'@data'] = vars[:'@data'].dup
-        vars[:'@data'][:password] = REDACTED
-      end
+      vars[:'@data'] = Utils.redact(vars[:'@data'])
       inspection = '#<Excon::Connection:'
       inspection += (object_id << 1).to_s(16)
       vars.each do |key, value|
@@ -373,6 +385,10 @@ module Excon
       inspection
     end
 
+    def valid_request_keys(middlewares)
+      valid_middleware_keys(middlewares) + Excon::VALID_REQUEST_KEYS
+    end
+
     private
 
     def detect_content_length(body)
@@ -387,60 +403,77 @@ module Excon
       end
     end
 
-    def validate_params(validation, params)
+    def valid_middleware_keys(middlewares)
+      middlewares.flat_map do |middleware|
+        if middleware.respond_to?(:valid_parameter_keys)
+          middleware.valid_parameter_keys
+        else
+          Excon.display_warning(
+            "Excon middleware #{middleware} does not define #valid_parameter_keys"
+          )
+          []
+        end
+      end
+    end
+
+    def validate_params(validation, params, middlewares)
       valid_keys = case validation
       when :connection
-        Excon::VALID_CONNECTION_KEYS
+        valid_middleware_keys(middlewares) + Excon::VALID_CONNECTION_KEYS
       when :request
-        Excon::VALID_REQUEST_KEYS
+        valid_request_keys(middlewares)
+      else
+        raise ArgumentError.new("Invalid validation type '#{validation}'")
       end
+
       invalid_keys = params.keys - valid_keys
       unless invalid_keys.empty?
         Excon.display_warning("Invalid Excon #{validation} keys: #{invalid_keys.map(&:inspect).join(', ')}")
-        # FIXME: for now, just warn, don't mutate, give things (ie fog) a chance to catch up
-        #params = params.dup
-        #invalid_keys.each {|key| params.delete(key) }
-      end
 
-      if validation == :connection && params.key?(:host) && !params.key?(:hostname)
-        Excon.display_warning('hostname is missing! For IPv6 support, provide both host and hostname: Excon::Connection#new(:host => uri.host, :hostname => uri.hostname, ...).')
-        params[:hostname] = params[:host]
+        if validation == :request
+          deprecated_keys = invalid_keys & Excon::DEPRECATED_VALID_REQUEST_KEYS.keys
+          mw_msg = deprecated_keys.map do |k|
+            "#{k}: #{Excon::DEPRECATED_VALID_REQUEST_KEYS[k]}"
+          end.join(', ')
+          Excon.display_warning(
+            "The following request keys are only valid with the associated middleware: #{mw_msg}"
+          )
+        end
       end
-
-      params
     end
 
     def response(datum={})
       datum[:stack].response_call(datum)
     rescue => error
       case error
-      when Excon::Errors::HTTPStatusError, Excon::Errors::Timeout
+      when Excon::Errors::HTTPStatusError, Excon::Errors::Timeout, Excon::Errors::TooManyRedirects
         raise(error)
       else
         raise_socket_error(error)
       end
     end
 
-    def socket
-      unix_proxy = @data[:proxy] ? @data[:proxy][:scheme] == UNIX : false
-      sockets[@socket_key] ||= if @data[:scheme] == UNIX || unix_proxy
-        Excon::UnixSocket.new(@data)
-      elsif @data[:ssl_uri_schemes].include?(@data[:scheme])
-        Excon::SSLSocket.new(@data)
+    def socket(datum = @data)
+      unix_proxy = datum[:proxy] ? datum[:proxy][:scheme] == UNIX : false
+      sockets[@socket_key] ||= if datum[:scheme] == UNIX || unix_proxy
+        Excon::UnixSocket.new(datum)
+      elsif datum[:ssl_uri_schemes].include?(datum[:scheme])
+        Excon::SSLSocket.new(datum)
       else
-        Excon::Socket.new(@data)
+        Excon::Socket.new(datum)
       end
     end
 
     def sockets
       @_excon_sockets ||= {}
+      @_excon_sockets.compare_by_identity
 
       if @data[:thread_safe_sockets]
         # In a multi-threaded world, if the same connection is used by multiple
         # threads at the same time to connect to the same destination, they may
         # stomp on each other's sockets.  This ensures every thread gets their
         # own socket cache, within the context of a single connection.
-        @_excon_sockets[Thread.current.object_id] ||= {}
+        @_excon_sockets[Thread.current] ||= {}
       else
         @_excon_sockets
       end
@@ -454,6 +487,47 @@ module Excon
       end
     end
 
+    def proxy_match_host_port(host, port)
+        host_match = if host.is_a? IPAddr
+                       begin
+                         host.include? @data[:host]
+                       rescue IPAddr::Error
+                         false
+                       end
+                     else
+                       /(^|\.)#{host}$/.match(@data[:host])
+                     end
+        host_match && (port.nil? || port.to_i == @data[:port])
+    end
+
+    def proxy_from_env
+      if (no_proxy_env = ENV['no_proxy'] || ENV['NO_PROXY'])
+        no_proxy_list = no_proxy_env.scan(/\s*(?:\[([\dA-Fa-f:\/]+)\]|\*?\.?([^\s,:]+))(?::(\d+))?\s*/i).map { |e|
+          if e[0]
+            begin
+              [IPAddr.new(e[0]), e[2]]
+            rescue IPAddr::Error
+              nil
+            end
+          else
+            begin
+              [IPAddr.new(e[1]), e[2]]
+            rescue IPAddr::Error
+              [e[1], e[2]]
+            end
+          end
+        }.reject { |e| e.nil? || e[0].nil? }
+      end
+
+      unless no_proxy_env && no_proxy_list.index { |h| proxy_match_host_port(h[0], h[1]) }
+        if @data[:scheme] == HTTPS && (ENV.has_key?('https_proxy') || ENV.has_key?('HTTPS_PROXY'))
+          @data[:proxy] = ENV['https_proxy'] || ENV['HTTPS_PROXY']
+        elsif (ENV.has_key?('http_proxy') || ENV.has_key?('HTTP_PROXY'))
+          @data[:proxy] = ENV['http_proxy'] || ENV['HTTP_PROXY']
+        end
+      end
+    end
+
     def setup_proxy
       if @data[:disable_proxy]
         if @data[:proxy]
@@ -462,64 +536,57 @@ module Excon
         return
       end
 
-      unless @data[:scheme] == UNIX
-        if no_proxy_env = ENV["no_proxy"] || ENV["NO_PROXY"]
-          no_proxy_list = no_proxy_env.scan(/\*?\.?([^\s,:]+)(?::(\d+))?/i).map { |s| [s[0], s[1]] }
+      return if @data[:scheme] == UNIX
+
+      proxy_from_env
+
+      case @data[:proxy]
+      when nil
+        @data.delete(:proxy)
+      when ''
+        @data.delete(:proxy)
+      when Hash
+        # no processing needed
+      when String, URI
+        uri = @data[:proxy].is_a?(String) ? URI.parse(@data[:proxy]) : @data[:proxy]
+        @data[:proxy] = {
+          :host       => uri.host,
+          :hostname   => uri.hostname,
+          # path is only sensible for a Unix socket proxy
+          :path       => uri.scheme == UNIX ? uri.path : nil,
+          :port       => uri.port,
+          :scheme     => uri.scheme,
+        }
+        if uri.password
+          @data[:proxy][:password] = uri.password
         end
-
-        unless no_proxy_env && no_proxy_list.index { |h| /(^|\.)#{h[0]}$/.match(@data[:host]) && (h[1].nil? || h[1].to_i == @data[:port]) }
-          if @data[:scheme] == HTTPS && (ENV.has_key?('https_proxy') || ENV.has_key?('HTTPS_PROXY'))
-            @data[:proxy] = ENV['https_proxy'] || ENV['HTTPS_PROXY']
-          elsif (ENV.has_key?('http_proxy') || ENV.has_key?('HTTP_PROXY'))
-            @data[:proxy] = ENV['http_proxy'] || ENV['HTTP_PROXY']
-          end
+        if uri.user
+          @data[:proxy][:user] = uri.user
         end
-
-        case @data[:proxy]
-        when nil
-          @data.delete(:proxy)
-        when ''
-          @data.delete(:proxy)
-        when Hash
-          # no processing needed
-        when String, URI
-          uri = @data[:proxy].is_a?(String) ? URI.parse(@data[:proxy]) : @data[:proxy]
-          @data[:proxy] = {
-            :host       => uri.host,
-            :hostname   => uri.hostname,
-            # path is only sensible for a Unix socket proxy
-            :path       => uri.scheme == UNIX ? uri.path : nil,
-            :port       => uri.port,
-            :scheme     => uri.scheme,
-          }
-          if uri.password
-            @data[:proxy][:password] = uri.password
-          end
-          if uri.user
-            @data[:proxy][:user] = uri.user
-          end
-          if @data[:proxy][:scheme] == UNIX
-            if @data[:proxy][:host]
-              raise ArgumentError, "The `:host` parameter should not be set for `unix://` proxies.\n" +
-                                   "When supplying a `unix://` URI, it should start with `unix:/` or `unix:///`."
-            end
-          else
-            unless uri.host && uri.port && uri.scheme
-              raise Excon::Errors::ProxyParse, "Proxy is invalid"
-            end
+        if @data[:ssl_proxy_headers] && !@data[:ssl_uri_schemes].include?(@data[:scheme])
+          raise ArgumentError, "The `:ssl_proxy_headers` parameter should only be used with HTTPS requests."
+        end
+        if @data[:proxy][:scheme] == UNIX
+          if @data[:proxy][:host]
+            raise ArgumentError, "The `:host` parameter should not be set for `unix://` proxies.\n" +
+                                 "When supplying a `unix://` URI, it should start with `unix:/` or `unix:///`."
           end
         else
-          raise Excon::Errors::ProxyParse, "Proxy is invalid"
+          unless uri.host && uri.port && uri.scheme
+            raise Excon::Errors::ProxyParse, "Proxy is invalid"
+          end
         end
+      else
+        raise Excon::Errors::ProxyParse, "Proxy is invalid"
+      end
 
-        if @data.has_key?(:proxy) && @data[:scheme] == 'http'
-          @data[:headers]['Proxy-Connection'] ||= 'Keep-Alive'
-          # https credentials happen in handshake
-          if @data[:proxy].has_key?(:user) || @data[:proxy].has_key?(:password)
-            user, pass = Utils.unescape_form(@data[:proxy][:user].to_s), Utils.unescape_form(@data[:proxy][:password].to_s)
-            auth = ["#{user}:#{pass}"].pack('m').delete(Excon::CR_NL)
-            @data[:headers]['Proxy-Authorization'] = 'Basic ' + auth
-          end
+      if @data.has_key?(:proxy) && @data[:scheme] == 'http'
+        @data[:headers]['Proxy-Connection'] ||= 'Keep-Alive'
+        # https credentials happen in handshake
+        if @data[:proxy].has_key?(:user) || @data[:proxy].has_key?(:password)
+          user, pass = Utils.unescape_form(@data[:proxy][:user].to_s), Utils.unescape_form(@data[:proxy][:password].to_s)
+          auth = ["#{user}:#{pass}"].pack('m').delete(Excon::CR_NL)
+          @data[:headers]['Proxy-Authorization'] = 'Basic ' + auth
         end
       end
     end