RubyGems - excon - Versions diffs - 0.62.0 → 0.92.3 - Mend

excon 0.62.0 → 0.92.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (125) hide show

checksums.yaml +5 -5
data/CONTRIBUTING.md +0 -1
data/LICENSE.md +1 -1
data/README.md +7 -6
data/data/cacert.pem +1220 -1828
data/excon.gemspec +19 -3
data/lib/excon/connection.rb +216 -139
data/lib/excon/constants.rb +38 -13
data/lib/excon/error.rb +15 -0
data/lib/excon/headers.rb +4 -3
data/lib/excon/instrumentors/logging_instrumentor.rb +5 -16
data/lib/excon/instrumentors/standard_instrumentor.rb +2 -9
data/lib/excon/middlewares/base.rb +6 -0
data/lib/excon/middlewares/capture_cookies.rb +1 -1
data/lib/excon/middlewares/decompress.rb +11 -4
data/lib/excon/middlewares/expects.rb +7 -1
data/lib/excon/middlewares/idempotent.rb +20 -3
data/lib/excon/middlewares/instrumentor.rb +8 -0
data/lib/excon/middlewares/mock.rb +12 -3
data/lib/excon/middlewares/redirect_follower.rb +25 -3
data/lib/excon/middlewares/response_parser.rb +3 -0
data/lib/excon/pretty_printer.rb +1 -8
data/lib/excon/response.rb +12 -9
data/lib/excon/socket.rb +59 -42
data/lib/excon/ssl_socket.rb +37 -15
data/lib/excon/test/plugin/server/exec.rb +5 -2
data/lib/excon/test/plugin/server/puma.rb +4 -1
data/lib/excon/test/plugin/server/unicorn.rb +5 -0
data/lib/excon/test/plugin/server/webrick.rb +4 -1
data/lib/excon/test/server.rb +1 -1
data/lib/excon/unix_socket.rb +1 -0
data/lib/excon/utils.rb +59 -5
data/lib/excon/version.rb +1 -1
data/lib/excon.rb +25 -17
metadata +27 -98
data/.document +0 -5
data/.gitignore +0 -13
data/.rspec +0 -3
data/.travis.yml +0 -29
data/Gemfile +0 -19
data/Rakefile +0 -41
data/benchmarks/class_vs_lambda.rb +0 -50
data/benchmarks/concat_vs_insert.rb +0 -21
data/benchmarks/concat_vs_interpolate.rb +0 -22
data/benchmarks/cr_lf.rb +0 -21
data/benchmarks/downcase-eq-eq_vs_casecmp.rb +0 -169
data/benchmarks/excon.rb +0 -69
data/benchmarks/excon_vs.rb +0 -165
data/benchmarks/for_vs_array_each.rb +0 -27
data/benchmarks/for_vs_hash_each.rb +0 -27
data/benchmarks/has_key-vs-lookup.rb +0 -177
data/benchmarks/headers_case_sensitivity.rb +0 -83
data/benchmarks/headers_split_vs_match.rb +0 -34
data/benchmarks/implicit_block-vs-explicit_block.rb +0 -98
data/benchmarks/merging.rb +0 -21
data/benchmarks/single_vs_double_quotes.rb +0 -21
data/benchmarks/string_ranged_index.rb +0 -87
data/benchmarks/strip_newline.rb +0 -115
data/benchmarks/vs_stdlib.rb +0 -82
data/changelog.txt +0 -1083
data/spec/excon/error_spec.rb +0 -139
data/spec/excon/test/server_spec.rb +0 -28
data/spec/excon_spec.rb +0 -7
data/spec/helpers/file_path_helpers.rb +0 -22
data/spec/requests/basic_spec.rb +0 -40
data/spec/requests/eof_requests_spec.rb +0 -36
data/spec/requests/unix_socket_spec.rb +0 -46
data/spec/spec_helper.rb +0 -24
data/spec/support/shared_contexts/test_server_context.rb +0 -83
data/spec/support/shared_examples/shared_example_for_clients.rb +0 -218
data/spec/support/shared_examples/shared_example_for_streaming_clients.rb +0 -20
data/spec/support/shared_examples/shared_example_for_test_servers.rb +0 -16
data/tests/authorization_header_tests.rb +0 -29
data/tests/bad_tests.rb +0 -47
data/tests/basic_tests.rb +0 -351
data/tests/batch_requests.rb +0 -133
data/tests/complete_responses.rb +0 -31
data/tests/data/127.0.0.1.cert.crt +0 -20
data/tests/data/127.0.0.1.cert.key +0 -27
data/tests/data/excon.cert.crt +0 -20
data/tests/data/excon.cert.key +0 -27
data/tests/data/xs +0 -1
data/tests/error_tests.rb +0 -145
data/tests/header_tests.rb +0 -119
data/tests/middlewares/canned_response_tests.rb +0 -34
data/tests/middlewares/capture_cookies_tests.rb +0 -34
data/tests/middlewares/decompress_tests.rb +0 -157
data/tests/middlewares/escape_path_tests.rb +0 -36
data/tests/middlewares/idempotent_tests.rb +0 -206
data/tests/middlewares/instrumentation_tests.rb +0 -315
data/tests/middlewares/mock_tests.rb +0 -304
data/tests/middlewares/redirect_follower_tests.rb +0 -112
data/tests/pipeline_tests.rb +0 -40
data/tests/proxy_tests.rb +0 -306
data/tests/query_string_tests.rb +0 -87
data/tests/rackups/basic.rb +0 -41
data/tests/rackups/basic.ru +0 -3
data/tests/rackups/basic_auth.ru +0 -14
data/tests/rackups/deflater.ru +0 -4
data/tests/rackups/proxy.ru +0 -18
data/tests/rackups/query_string.ru +0 -13
data/tests/rackups/redirecting.ru +0 -23
data/tests/rackups/redirecting_with_cookie.ru +0 -40
data/tests/rackups/request_headers.ru +0 -15
data/tests/rackups/request_methods.ru +0 -21
data/tests/rackups/response_header.ru +0 -18
data/tests/rackups/ssl.ru +0 -16
data/tests/rackups/ssl_mismatched_cn.ru +0 -15
data/tests/rackups/ssl_verify_peer.ru +0 -16
data/tests/rackups/streaming.ru +0 -30
data/tests/rackups/thread_safety.ru +0 -17
data/tests/rackups/timeout.ru +0 -14
data/tests/rackups/webrick_patch.rb +0 -34
data/tests/request_headers_tests.rb +0 -21
data/tests/request_method_tests.rb +0 -47
data/tests/request_tests.rb +0 -59
data/tests/response_tests.rb +0 -197
data/tests/servers/bad.rb +0 -20
data/tests/servers/eof.rb +0 -17
data/tests/servers/error.rb +0 -20
data/tests/servers/good.rb +0 -350
data/tests/test_helper.rb +0 -306
data/tests/thread_safety_tests.rb +0 -39
data/tests/timeout_tests.rb +0 -12
data/tests/utils_tests.rb +0 -81

data/lib/excon/socket.rb CHANGED Viewed

@@ -1,4 +1,6 @@
 # frozen_string_literal: true
+require 'resolv'
 module Excon
   class Socket
     include Utils
@@ -7,6 +9,23 @@ module Excon
     attr_accessor :data
+    # read/write drawn from https://github.com/ruby-amqp/bunny/commit/75d9dd79551b31a5dd3d1254c537bad471f108cf
+    CONNECT_RETRY_EXCEPTION_CLASSES = if defined?(IO::EINPROGRESSWaitWritable) # Ruby >= 2.1
+      [Errno::EINPROGRESS, IO::EINPROGRESSWaitWritable]
+    else # Ruby <= 2.0
+      [Errno::EINPROGRESS]
+    end
+    READ_RETRY_EXCEPTION_CLASSES = if defined?(IO::EAGAINWaitReadable) # Ruby >= 2.1
+      [Errno::EAGAIN, Errno::EWOULDBLOCK, IO::WaitReadable, IO::EAGAINWaitReadable, IO::EWOULDBLOCKWaitReadable]
+    else # Ruby <= 2.0
+      [Errno::EAGAIN, Errno::EWOULDBLOCK, IO::WaitReadable]
+    end
+    WRITE_RETRY_EXCEPTION_CLASSES = if defined?(IO::EAGAINWaitWritable) # Ruby >= 2.1
+      [Errno::EAGAIN, Errno::EWOULDBLOCK, IO::WaitWritable, IO::EAGAINWaitWritable, IO::EWOULDBLOCKWaitWritable]
+    else # Ruby <= 2.0
+      [Errno::EAGAIN, Errno::EWOULDBLOCK, IO::WaitWritable]
+    end
     def params
       Excon.display_warning('Excon::Socket#params is deprecated use Excon::Socket#data instead.')
       @data
@@ -41,29 +60,18 @@ module Excon
     end
     def readline
-      return legacy_readline if RUBY_VERSION.to_f <= 1.8_7
-      buffer = String.new
-      begin
-        buffer << @socket.read_nonblock(1) while buffer[-1] != "\n"
+      if @nonblock && RUBY_VERSION.to_f > 1.8_7
+        buffer = String.new
+        buffer << (read_nonblock(1) || raise(EOFError)) while buffer[-1] != "\n"
         buffer
-      rescue Errno::EAGAIN, Errno::EWOULDBLOCK, IO::WaitReadable
-        select_with_timeout(@socket, :read) && retry
-      rescue OpenSSL::SSL::SSLError => error
-        if error.message == 'read would block'
-          select_with_timeout(@socket, :read) && retry
-        else
-          raise(error)
-        end
-      end
-    end
-    def legacy_readline
-      begin
-        Timeout.timeout(@data[:read_timeout]) do
-          @socket.readline
+      else # nonblock/legacy
+        begin
+          Timeout.timeout(@data[:read_timeout]) do
+            @socket.readline
+          end
+        rescue Timeout::Error
+          raise Excon::Errors::Timeout.new('read timeout reached')
         end
-      rescue Timeout::Error
-        raise Excon::Errors::Timeout.new('read timeout reached')
       end
     end
@@ -88,32 +96,30 @@ module Excon
     def connect
       @socket = nil
       exception = nil
+      hostname = @data[:hostname]
+      port = @port
+      family = @data[:family]
       if @data[:proxy]
-        family = @data[:proxy][:family] || ::Socket::Constants::AF_UNSPEC
-        args = [@data[:proxy][:hostname], @data[:proxy][:port], family, ::Socket::Constants::SOCK_STREAM]
-      else
-        family = @data[:family] || ::Socket::Constants::AF_UNSPEC
-        args = [@data[:hostname], @port, family, ::Socket::Constants::SOCK_STREAM]
-      end
-      if RUBY_VERSION >= '1.9.2' && defined?(RUBY_ENGINE) && RUBY_ENGINE == 'ruby'
-        args << nil << nil << false # no reverse lookup
+        hostname = @data[:proxy][:hostname]
+        port = @data[:proxy][:port]
+        family = @data[:proxy][:family]
       end
-      addrinfo = ::Socket.getaddrinfo(*args)
-      addrinfo.each do |_, port, _, ip, a_family, s_type|
+      Resolv.each_address(hostname) do |ip|
         # already succeeded on previous addrinfo
         if @socket
           break
         end
         @remote_ip = ip
+        @data[:remote_ip] = ip
         # nonblocking connect
         begin
           sockaddr = ::Socket.sockaddr_in(port, ip)
-          socket = ::Socket.new(a_family, s_type, 0)
+          addrinfo = Addrinfo.getaddrinfo(ip, port, family, :STREAM).first
+          socket = ::Socket.new(addrinfo.pfamily, addrinfo.socktype, addrinfo.protocol)
           if @data[:reuseaddr]
             socket.setsockopt(::Socket::Constants::SOL_SOCKET, ::Socket::Constants::SO_REUSEADDR, true)
@@ -128,7 +134,7 @@ module Excon
             socket.connect(sockaddr)
           end
           @socket = socket
-        rescue Errno::EINPROGRESS
+        rescue *CONNECT_RETRY_EXCEPTION_CLASSES
           select_with_timeout(socket, :connect_write)
           begin
             socket.connect_nonblock(sockaddr)
@@ -143,6 +149,8 @@ module Excon
         end
       end
+      exception ||= Resolv::ResolvError.new("no address for #{hostname}")
       # this will be our last encountered exception
       fail exception unless @socket
@@ -151,6 +159,17 @@ module Excon
                            ::Socket::TCP_NODELAY,
                            true)
       end
+      if @data[:keepalive]
+        if [:SOL_SOCKET, :SO_KEEPALIVE, :SOL_TCP, :TCP_KEEPIDLE, :TCP_KEEPINTVL, :TCP_KEEPCNT].all?{|c| ::Socket.const_defined? c}
+          @socket.setsockopt(::Socket::SOL_SOCKET, ::Socket::SO_KEEPALIVE, true)
+          @socket.setsockopt(::Socket::SOL_TCP, ::Socket::TCP_KEEPIDLE, @data[:keepalive][:time])
+          @socket.setsockopt(::Socket::SOL_TCP, ::Socket::TCP_KEEPINTVL, @data[:keepalive][:intvl])
+          @socket.setsockopt(::Socket::SOL_TCP, ::Socket::TCP_KEEPCNT, @data[:keepalive][:probes])
+        else
+          Excon.display_warning('Excon::Socket keepalive was set, but is not supported by Ruby version.')
+        end
+      end
     end
     def read_nonblock(max_length)
@@ -170,7 +189,7 @@ module Excon
         else
           raise(error)
         end
-      rescue Errno::EAGAIN, Errno::EWOULDBLOCK, IO::WaitReadable
+      rescue *READ_RETRY_EXCEPTION_CLASSES
         if @read_buffer.empty?
           # if we didn't read anything, try again...
           select_with_timeout(@socket, :read) && retry
@@ -199,7 +218,7 @@ module Excon
       else
         raise(error)
       end
-    rescue Errno::EAGAIN, Errno::EWOULDBLOCK, IO::WaitReadable
+    rescue *READ_RETRY_EXCEPTION_CLASSES
       if @read_buffer.empty?
         select_with_timeout(@socket, :read) && retry
       end
@@ -208,9 +227,7 @@ module Excon
     end
     def write_nonblock(data)
-      if FORCE_ENC
-        data.force_encoding('BINARY')
-      end
+      data = binary_encode(data)
       loop do
         written = nil
         begin
@@ -225,7 +242,7 @@ module Excon
           else
             raise error
           end
-        rescue OpenSSL::SSL::SSLError, Errno::EAGAIN, Errno::EWOULDBLOCK, IO::WaitWritable => error
+        rescue OpenSSL::SSL::SSLError, *WRITE_RETRY_EXCEPTION_CLASSES => error
           if error.is_a?(OpenSSL::SSL::SSLError) && error.message != 'write would block'
             raise error
           else
@@ -246,7 +263,7 @@ module Excon
     def write_block(data)
       @socket.write(data)
-    rescue OpenSSL::SSL::SSLError, Errno::EAGAIN, Errno::EWOULDBLOCK, IO::WaitWritable => error
+    rescue OpenSSL::SSL::SSLError, *WRITE_RETRY_EXCEPTION_CLASSES => error
       if error.is_a?(OpenSSL::SSL::SSLError) && error.message != 'write would block'
         raise error
       else

data/lib/excon/ssl_socket.rb CHANGED Viewed

@@ -12,6 +12,11 @@ module Excon
       # create ssl context
       ssl_context = OpenSSL::SSL::SSLContext.new
+      # set the security level before setting other parameters affected by it
+      if @data[:ssl_security_level]
+        ssl_context.security_level = @data[:ssl_security_level]
+      end
       # disable less secure options, when supported
       ssl_context_options = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:options]
       if defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS)
@@ -27,26 +32,35 @@ module Excon
       if @data[:ssl_version]
         ssl_context.ssl_version = @data[:ssl_version]
       end
+      if @data[:ssl_min_version]
+        ssl_context.min_version = @data[:ssl_min_version]
+      end
+      if @data[:ssl_max_version]
+        ssl_context.max_version = @data[:ssl_max_version]
+      end
       if @data[:ssl_verify_peer]
         # turn verification on
         ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER
-        if ca_file = @data[:ssl_ca_file] || ENV['SSL_CERT_FILE']
+        if (ca_file = @data[:ssl_ca_file] || ENV['SSL_CERT_FILE'])
           ssl_context.ca_file = ca_file
         end
-        if ca_path = @data[:ssl_ca_path] || ENV['SSL_CERT_DIR']
+        if (ca_path = @data[:ssl_ca_path] || ENV['SSL_CERT_DIR'])
           ssl_context.ca_path = ca_path
         end
-        if cert_store = @data[:ssl_cert_store]
+        if (cert_store = @data[:ssl_cert_store])
           ssl_context.cert_store = cert_store
         end
-        # no defaults, fallback to bundled
-        unless ca_file || ca_path || cert_store
+        if cert_store.nil?
           ssl_context.cert_store = OpenSSL::X509::Store.new
           ssl_context.cert_store.set_default_paths
+        end
+        # no defaults, fallback to bundled
+        unless ca_file || ca_path || cert_store
           # workaround issue #257 (JRUBY-6970)
           ca_file = DEFAULT_CA_FILE
           ca_file = ca_file.gsub(/^jar:/, '') if ca_file =~ /^jar:file:\//
@@ -58,7 +72,7 @@ module Excon
           end
         end
-        if verify_callback = @data[:ssl_verify_callback]
+        if (verify_callback = @data[:ssl_verify_callback])
           ssl_context.verify_callback = verify_callback
         end
       else
@@ -66,6 +80,9 @@ module Excon
         ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
       end
+      # Verify certificate hostname if supported (ruby >= 2.4.0)
+      ssl_context.verify_hostname = @data[:ssl_verify_hostname] if ssl_context.respond_to?(:verify_hostname=)
       if client_cert_data && client_key_data
         ssl_context.cert = OpenSSL::X509::Certificate.new client_cert_data
         if OpenSSL::PKey.respond_to? :read
@@ -94,13 +111,20 @@ module Excon
         request += "Proxy-Connection: Keep-Alive#{Excon::CR_NL}"
+        if @data[:ssl_proxy_headers]
+          request << Utils.headers_hash_to_s(@data[:ssl_proxy_headers])
+        end
         request += Excon::CR_NL
         # write out the proxy setup request
         @socket.write(request)
         # eat the proxy's connection response
-        Excon::Response.parse(self,  :expects => 200, :method => 'CONNECT')
+        response = Excon::Response.parse(self,  :expects => 200, :method => 'CONNECT')
+        if response[:response][:status] != 200
+          raise(Excon::Errors::ProxyConnectionError.new("proxy connection could not be established", request, response))
+        end
       end
       # convert Socket to OpenSSL::SSL::SSLSocket
@@ -132,18 +156,16 @@ module Excon
       if @data[:ssl_verify_peer]
         @socket.post_connection_check(@data[:ssl_verify_peer_host] || @data[:host])
       end
-      @socket
     end
     private
     def client_cert_data
-      @client_cert_data ||= if ccd = @data[:client_cert_data]
+      @client_cert_data ||= if (ccd = @data[:client_cert_data])
                               ccd
-                            elsif path = @data[:client_cert]
+                            elsif (path = @data[:client_cert])
                               File.read path
-                            elsif path = @data[:certificate_path]
+                            elsif (path = @data[:certificate_path])
                               warn ":certificate_path is no longer supported and will be deprecated. Please use :client_cert or :client_cert_data"
                               File.read path
                             end
@@ -156,11 +178,11 @@ module Excon
     end
     def client_key_data
-      @client_key_data ||= if ckd = @data[:client_key_data]
+      @client_key_data ||= if (ckd = @data[:client_key_data])
                              ckd
-                           elsif path = @data[:client_key]
+                           elsif (path = @data[:client_key])
                              File.read path
-                           elsif path = @data[:private_key_path]
+                           elsif (path = @data[:private_key_path])
                              warn ":private_key_path is no longer supported and will be deprecated. Please use :client_key or :client_key_data"
                              File.read path
                            end

data/lib/excon/test/plugin/server/exec.rb CHANGED Viewed

@@ -4,13 +4,16 @@ module Excon
       module Server
         module Exec
           def start(app_str = app)
+            open_process(app_str)
+            process_stderr = ""
             line = ''
-            open_process(app)
             until line =~ /\Aready\Z/
               line = error.gets
+              raise process_stderr if line.nil?
+              process_stderr << line
               fatal_time = elapsed_time > timeout
               if fatal_time
-                msg = "executable #{app} has taken too long to start"
+                msg = "executable #{app_str} has taken too long to start"
                 raise msg
               end
             end

data/lib/excon/test/plugin/server/puma.rb CHANGED Viewed

@@ -4,10 +4,13 @@ module Excon
       module Server
         module Puma
           def start(app_str = app, bind_uri = bind)
-            open_process('puma', '-b', bind_uri.to_s, app_str)
+            open_process(RbConfig.ruby, '-S', 'puma', '-b', bind_uri.to_s, app_str)
+            process_stderr = ""
             line = ''
             until line =~ /Use Ctrl-C to stop/
               line = read.gets
+              raise process_stderr if line.nil?
+              process_stderr << line
               fatal_time = elapsed_time > timeout
               raise 'puma server has taken too long to start' if fatal_time
             end

data/lib/excon/test/plugin/server/unicorn.rb CHANGED Viewed

@@ -13,6 +13,8 @@ module Excon
               bind_str = "#{host}:#{bind_uri.port}"
             end
             args = [
+              RbConfig.ruby,
+              '-S',
               'unicorn',
               '--no-default-middleware',
               '-l',
@@ -20,9 +22,12 @@ module Excon
               app_str
             ]
             open_process(*args)
+            process_stderr = ''
             line = ''
             until line =~ /worker\=0 ready/
               line = error.gets
+              raise process_stderr if line.nil?
+              process_stderr << line
               fatal_time = elapsed_time > timeout
               raise 'unicorn server has taken too long to start' if fatal_time
             end

data/lib/excon/test/plugin/server/webrick.rb CHANGED Viewed

@@ -7,10 +7,13 @@ module Excon
             bind_uri = URI.parse(bind_uri) unless bind_uri.is_a? URI::Generic
             host = bind_uri.host.gsub(/[\[\]]/, '')
             port = bind_uri.port.to_s
-            open_process('rackup', '-s', 'webrick', '--host', host, '--port', port, app_str)
+            open_process(RbConfig.ruby, '-S', 'rackup', '-s', 'webrick', '--host', host, '--port', port, app_str)
+            process_stderr = ""
             line = ''
             until line =~ /HTTPServer#start/
               line = error.gets
+              raise process_stderr if line.nil?
+              process_stderr << line
               fatal_time = elapsed_time > timeout
               raise 'webrick server has taken too long to start' if fatal_time
             end

data/lib/excon/test/server.rb CHANGED Viewed

@@ -72,7 +72,7 @@ module Excon
       end
       def dump_errors
         lines = error.read.split($/)
-        while line = lines.shift
+        while (line = lines.shift)
           case line
             when /(ERROR|Error)/
               unless line =~ /(null cert chain|did not return a certificate|SSL_read:: internal error)/

data/lib/excon/unix_socket.rb CHANGED Viewed

@@ -20,6 +20,7 @@ module Excon
           begin
             @socket.connect_nonblock(sockaddr)
           rescue Errno::EISCONN
+            0 # same return as connect_nonblock success
           end
         end
       else

data/lib/excon/utils.rb CHANGED Viewed

@@ -10,6 +10,18 @@ module Excon
     UNESCAPED = /([#{ Regexp.escape(CONTROL + ' ' + DELIMS + UNWISE + NONASCII) }])/
     ESCAPED   = /%([0-9a-fA-F]{2})/
+    def binary_encode(string)
+      if FORCE_ENC && string.encoding != Encoding::ASCII_8BIT
+        if string.frozen?
+          string.dup.force_encoding('BINARY')
+        else
+          string.force_encoding('BINARY')
+        end
+      else
+        string
+      end
+    end
     def connection_uri(datum = @data)
       unless datum
         raise ArgumentError, '`datum` must be given unless called on a Connection'
@@ -21,6 +33,30 @@ module Excon
       end
     end
+    # Redact sensitive info from provided data
+    def redact(datum)
+      datum = datum.dup
+      if datum.has_key?(:headers)
+        if datum[:headers].has_key?('Authorization') || datum[:headers].has_key?('Proxy-Authorization')
+          datum[:headers] = datum[:headers].dup
+        end
+        if datum[:headers].has_key?('Authorization')
+          datum[:headers]['Authorization'] = REDACTED
+        end
+        if datum[:headers].has_key?('Proxy-Authorization')
+          datum[:headers]['Proxy-Authorization'] = REDACTED
+        end
+      end
+      if datum.has_key?(:password)
+        datum[:password] = REDACTED
+      end
+      if datum.has_key?(:proxy) && datum[:proxy] && datum[:proxy].has_key?(:password)
+        datum[:proxy] = datum[:proxy].dup
+        datum[:proxy][:password] = REDACTED
+      end
+      datum
+    end
     def request_uri(datum)
       connection_uri(datum) + datum[:path] + query_string(datum)
     end
@@ -59,31 +95,49 @@ module Excon
     def split_header_value(str)
       return [] if str.nil?
       str = str.dup.strip
-      str.force_encoding('BINARY') if FORCE_ENC
-      str.scan(%r'\G((?:"(?:\\.|[^"])+?"|[^",]+)+)
+      str = binary_encode(str)
+      str.scan(%r'\G((?:"(?:\\.|[^"])+?"|[^",])+)
                     (?:,\s*|\Z)'xn).flatten
     end
     # Escapes HTTP reserved and unwise characters in +str+
     def escape_uri(str)
       str = str.dup
-      str.force_encoding('BINARY') if FORCE_ENC
+      str = binary_encode(str)
       str.gsub(UNESCAPED) { "%%%02X" % $1[0].ord }
     end
     # Unescapes HTTP reserved and unwise characters in +str+
     def unescape_uri(str)
       str = str.dup
-      str.force_encoding('BINARY') if FORCE_ENC
+      str = binary_encode(str)
       str.gsub(ESCAPED) { $1.hex.chr }
     end
     # Unescape form encoded values in +str+
     def unescape_form(str)
       str = str.dup
-      str.force_encoding('BINARY') if FORCE_ENC
+      str = binary_encode(str)
       str.gsub!(/\+/, ' ')
       str.gsub(ESCAPED) { $1.hex.chr }
     end
+    # Performs validation on the passed header hash and returns a string representation of the headers
+    def headers_hash_to_s(headers)
+      headers_str = String.new
+      headers.each do |key, values|
+        if key.to_s.match(/[\r\n]/)
+          raise Excon::Errors::InvalidHeaderKey.new(key.to_s.inspect + ' contains forbidden "\r" or "\n"')
+        end
+        [values].flatten.each do |value|
+          if value.to_s.match(/[\r\n]/)
+            # Don't include the potentially sensitive header value (i.e. authorization token) in the message
+            raise Excon::Errors::InvalidHeaderValue.new(key.to_s + ' header value contains forbidden "\r" or "\n"')
+          end
+          headers_str << key.to_s << ': ' << value.to_s << CR_NL
+        end
+      end
+      headers_str
+    end
   end
 end

data/lib/excon/version.rb CHANGED Viewed

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module Excon
-  VERSION = '0.62.0'
+  VERSION = '0.92.3'
 end

data/lib/excon.rb CHANGED Viewed

@@ -23,11 +23,11 @@ require 'excon/middlewares/instrumentor'
 require 'excon/middlewares/mock'
 require 'excon/middlewares/response_parser'
+require 'excon/error'
 require 'excon/constants'
 require 'excon/utils'
 require 'excon/connection'
-require 'excon/error'
 require 'excon/headers'
 require 'excon/response'
 require 'excon/middlewares/decompress'
@@ -61,6 +61,14 @@ module Excon
       if $VERBOSE || ENV['EXCON_DEBUG']
         $stderr.puts "[excon][WARNING] #{warning}\n#{ caller.join("\n") }"
       end
+      if @raise_on_warnings
+        raise Error::Warning.new(warning)
+      end
+    end
+    def set_raise_on_warnings!(should_raise)
+      @raise_on_warnings = should_raise
     end
     # Status of mocking
@@ -105,9 +113,9 @@ module Excon
     # @see Connection#initialize
     # Initializes a new keep-alive session for a given remote host
-    #   @param [String] url The destination URL
-    #   @param [Hash<Symbol, >] params One or more option params to set on the Connection instance
-    #   @return [Connection] A new Excon::Connection instance
+    # @param [String] url The destination URL
+    # @param [Hash<Symbol, >] params One or more option params to set on the Connection instance
+    # @return [Connection] A new Excon::Connection instance
     def new(url, params = {})
       uri_parser = params[:uri_parser] || defaults[:uri_parser]
       uri = uri_parser.parse(url)
@@ -135,13 +143,13 @@ module Excon
     end
     # push an additional stub onto the list to check for mock requests
-    #   @param [Hash<Symbol, >] request params to match against, omitted params match all
-    #   @param [Hash<Symbol, >] response params to return from matched request or block to call with params
-    def stub(request_params = {}, response_params = nil)
-      if method = request_params.delete(:method)
+    # @param request_params [Hash<Symbol, >] request params to match against, omitted params match all
+    # @param response_params [Hash<Symbol, >] response params to return from matched request or block to call with params
+    def stub(request_params = {}, response_params = nil, &block)
+      if (method = request_params.delete(:method))
         request_params[:method] = method.to_s.downcase.to_sym
       end
-      if url = request_params.delete(:url)
+      if (url = request_params.delete(:url))
         uri = URI.parse(url)
         request_params = {
           :host              => uri.host,
@@ -167,7 +175,7 @@ module Excon
         if response_params
           raise(ArgumentError.new("stub requires either response_params OR a block"))
         else
-          stub = [request_params, Proc.new]
+          stub = [request_params, block]
         end
       elsif response_params
         stub = [request_params, response_params]
@@ -179,10 +187,10 @@ module Excon
     end
     # get a stub matching params or nil
-    #   @param [Hash<Symbol, >] request params to match against, omitted params match all
-    #   @return [Hash<Symbol, >] response params to return from matched request or block to call with params
+    # @param request_params [Hash<Symbol, >] request params to match against, omitted params match all
+    # @return [Hash<Symbol, >] response params to return from matched request or block to call with params
     def stub_for(request_params={})
-      if method = request_params.delete(:method)
+      if (method = request_params.delete(:method))
         request_params[:method] = method.to_s.downcase.to_sym
       end
       Excon.stubs.each do |stub, response_params|
@@ -190,7 +198,7 @@ module Excon
         headers_match = !stub.has_key?(:headers) || stub[:headers].keys.all? do |key|
           case value = stub[:headers][key]
           when Regexp
-            if match = value.match(request_params[:headers][key])
+            if (match = value.match(request_params[:headers][key]))
               captures[:headers][key] = match.captures
             end
             match
@@ -201,7 +209,7 @@ module Excon
         non_headers_match = (stub.keys - [:headers]).all? do |key|
           case value = stub[key]
           when Regexp
-            if match = value.match(request_params[key])
+            if (match = value.match(request_params[key]))
               captures[key] = match.captures
             end
             match
@@ -228,8 +236,8 @@ module Excon
     end
     # remove first/oldest stub matching request_params
-    #   @param [Hash<Symbol, >] request params to match against, omitted params match all
-    #   @return [Hash<Symbol, >] response params from deleted stub
+    # @param request_params [Hash<Symbol, >] request params to match against, omitted params match all
+    # @return [Hash<Symbol, >] response params from deleted stub
     def unstub(request_params = {})
       stub = stub_for(request_params)
       Excon.stubs.delete_at(Excon.stubs.index(stub))