excon 0.19.5 → 0.20.0

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    excon (0.19.5)
+    excon (0.20.0)
 
 GEM
   remote: http://rubygems.org/

data/changelog.txt

@@ -1,3 +1,9 @@
+0.20.0 03/08/2013
+=================
+
+redact password from inspect/instrument
+downgrade severity of invalid keys from error to warning
+
 0.19.5 03/04/2013
 =================
 

data/excon.gemspec

@@ -13,8 +13,8 @@ Gem::Specification.new do |s|
   ## If your rubyforge_project name is different, then edit it and comment out
   ## the sub! line in the Rakefile
   s.name              = 'excon'
-  s.version           = '0.19.5'
-  s.date              = '2013-03-04'
+  s.version           = '0.20.0'
+  s.date              = '2013-03-08'
   s.rubyforge_project = 'excon'
 
   ## Make sure your summary is short. The description may be as long

data/lib/excon/connection.rb

@@ -21,13 +21,6 @@ module Excon
       @data[:proxy] = new_proxy
     end
 
-    def assert_valid_keys_for_argument!(argument, valid_keys)
-      invalid_keys = argument.keys - valid_keys
-      return true if invalid_keys.empty?
-      raise ArgumentError, "The following keys are invalid: #{invalid_keys.map(&:inspect).join(', ')}"
-    end
-    private :assert_valid_keys_for_argument!
-
     # Initializes a new Connection instance
     #   @param [Hash<Symbol, >] params One or more optional params
     #     @option params [String] :body Default text to be sent over a socket. Only used if :body absent in Connection#request params
@@ -42,7 +35,7 @@ module Excon
     #     @option params [Class] :instrumentor Responds to #instrument as in ActiveSupport::Notifications
     #     @option params [String] :instrumentor_name Name prefix for #instrument events.  Defaults to 'excon'
     def initialize(params = {})
-      assert_valid_keys_for_argument!(params, Excon::VALID_CONNECTION_KEYS)
+      invalid_keys_warning(params, Excon::VALID_CONNECTION_KEYS)
       @data = Excon.defaults.dup
       # merge does not deep-dup, so make sure headers is not the original
       @data[:headers] = @data[:headers].dup
@@ -202,7 +195,7 @@ module Excon
     def request(params, &block)
       # @data has defaults, merge in new params to override
       datum = @data.merge(params)
-      assert_valid_keys_for_argument!(params, VALID_CONNECTION_KEYS)
+      invalid_keys_warning(params, VALID_CONNECTION_KEYS)
       datum[:headers] = @data[:headers].merge(datum[:headers] || {})
       datum[:headers]['Host']   ||= '' << datum[:host] << ':' << datum[:port].to_s
       datum[:retries_remaining] ||= datum[:retry_limit]
@@ -288,6 +281,10 @@ module Excon
         vars[:'@data'][:headers] = vars[:'@data'][:headers].dup
         vars[:'@data'][:headers]['Authorization'] = REDACTED
       end
+      if vars[:'@data'][:password]
+        vars[:'@data'] = vars[:'@data'].dup
+        vars[:'@data'][:password] = REDACTED
+      end
       inspection = '#<Excon::Connection:'
       inspection << (object_id << 1).to_s(16)
       vars.each do |key, value|
@@ -317,6 +314,13 @@ module Excon
       end
     end
 
+    def invalid_keys_warning(argument, valid_keys)
+      invalid_keys = argument.keys - valid_keys
+      unless invalid_keys.empty?
+        $stderr.puts("The following keys are invalid: #{invalid_keys.map(&:inspect).join(', ')}")
+      end
+    end
+
     def response(datum={})
       unless datum.has_key?(:response)
         datum = Excon::Response.parse(socket, datum)

data/lib/excon/constants.rb

@@ -71,7 +71,7 @@ module Excon
     :write_timeout
   ]
 
-  VERSION = '0.19.5'
+  VERSION = '0.20.0'
 
   unless ::IO.const_defined?(:WaitReadable)
     class ::IO

data/lib/excon/standard_instrumentor.rb

@@ -1,11 +1,14 @@
 module Excon
   class StandardInstrumentor
     def self.instrument(name, params = {}, &block)
+      params = params.dup
       if params.has_key?(:headers) && params[:headers].has_key?('Authorization')
-        params = params.dup
         params[:headers] = params[:headers].dup
         params[:headers]['Authorization'] = REDACTED
       end
+      if params.has_key?(:password)
+        params[:password] = REDACTED
+      end
       $stderr.puts("#{name}  #{params.inspect}")
       if block_given?
         yield

data/tests/authorization_header_tests.rb

@@ -7,6 +7,7 @@ with_rackup('basic_auth.ru') do
             ]
     cases.each do |desc,url,auth_header|
       conn = Excon.new(url)
+
       test("authorization header concealed for #{desc}") do
         !conn.inspect.include?(auth_header)
       end
@@ -15,6 +16,16 @@ with_rackup('basic_auth.ru') do
         conn.data[:headers]['Authorization'] == auth_header
       end
 
+      if conn.data[:password]
+        test("password param concealed for #{desc}") do
+          !conn.inspect.include?(conn.data[:password])
+        end
+      end
+
+      test("password param remains correct for #{desc}") do
+        conn.data[:password] == URI.parse(url).password
+      end
+
     end
   end
 end

data/tests/middlewares/instrumentation_tests.rb

@@ -180,8 +180,8 @@ Shindo.tests('Excon instrumentation') do
 
       @auth_header = 'Basic dXNlcjpwYXNz'
 
-      tests('does not appear in response') do
-        !@captured_stderr.include?(@auth_header)
+      test('does not appear in response') do
+        !@captured_stderr.string.include?(@auth_header)
       end
 
       test('does not mutate Authorization value') do
@@ -190,6 +190,36 @@ Shindo.tests('Excon instrumentation') do
 
     end
 
+    tests('password REDACT') do
+
+      begin
+        original_stderr = $stderr
+        $stderr = @captured_stderr = StringIO.new
+        stub_failure
+        @connection = Excon.new(
+          'http://user:pass@127.0.0.1:9292',
+          :instrumentor => Excon::StandardInstrumentor,
+          :mock         => true
+          )
+        raises(Excon::Errors::SocketError) do
+          @connection.get(:idempotent => true)
+        end
+      ensure
+        $stderr = original_stderr
+      end
+
+      @password_param = '"pass"'
+
+      test('does not appear in response') do
+        !@captured_stderr.string.include?(@password_param)
+      end
+
+      test('does not mutate password value') do
+        @connection.data[:password] == "pass"
+      end
+
+    end
+
   end
 
   tests('use our own instrumentor').returns(

metadata

@@ -1,7 +1,8 @@
 --- !ruby/object:Gem::Specification
 name: excon
 version: !ruby/object:Gem::Version
-  version: 0.19.5
+  version: 0.20.0
+  prerelease: 
 platform: ruby
 authors:
 - dpiddy (Dan Peterson)
@@ -10,118 +11,134 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-03-04 00:00:00.000000000 Z
+date: 2013-03-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: delorean
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: eventmachine
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: open4
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rdoc
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: shindo
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: sinatra
   requirement: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
+    none: false
     requirements:
-    - - '>='
+    - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
 description: EXtended http(s) CONnections
@@ -203,25 +220,29 @@ files:
 - tests/timeout_tests.rb
 homepage: https://github.com/geemus/excon
 licenses: []
-metadata: {}
 post_install_message: 
 rdoc_options:
 - --charset=UTF-8
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
-  - - '>='
+  - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
+      segments:
+      - 0
+      hash: 48330626036390266
 required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
-  - - '>='
+  - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: excon
-rubygems_version: 2.0.0
+rubygems_version: 1.8.23
 signing_key: 
 specification_version: 2
 summary: speed, persistence, http(s)

checksums.yaml

@@ -1,7 +0,0 @@
----
-SHA1:
-  metadata.gz: 011663647a49596558289285f614722d7c7d25e0
-  data.tar.gz: a186c587cb11914ff50538e899f0200d9aa2ed1e
-SHA512:
-  metadata.gz: 2d93b80b63fe2c974fe505c4848f5914344d9407f369493d0de80731105f669950876208437cc4945e9ee2e7a4e86f01d72cf2ff0ceb56f66874b1e50c33f9a9
-  data.tar.gz: 052441cfb4ab36f4db7c1d3390eeb5968f81d4c319fc851b17b7decfef874ed2405099ccbd5e71282a78727544af6370db2bf1c08dab14e510d7e9f3fd9a0d72