http.rb 0.18.3 → 0.19.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG +11 -0
- data/README.md +4 -0
- data/lib/HTTP/VERSION.rb +1 -1
- data/lib/HTTP/request.rb +1 -1
- data/spec/HTTP/delete_spec.rb +5 -5
- data/spec/HTTP/get_spec.rb +31 -5
- data/spec/HTTP/post_spec.rb +6 -6
- data/spec/HTTP/put_spec.rb +5 -5
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 114eef76572ba0ee1ef7efbb61fe704870a80c9bdc7d45cd5fca467de12658f6
|
|
4
|
+
data.tar.gz: bc249e876babf5aa7a4369272675e6194fc25f1816d474ef8080ad107fa1c60c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 516e828dced10204ba4b850904d7c195c027166b1dc0dcd575e09403ef5b26da936b925ab7fdfd4c0fb3c7a3e3cf8c44585a562ac647ffbf4451804b35aa9b9a
|
|
7
|
+
data.tar.gz: f3c7dc2350bd17d98abdfe9c2deb98b0923def00ea790fffbc8919280399cb5c3d5e65eaed530abb86850a54e2e790591a1c1e9f6a91a03ff2c90611c08d2760
|
data/CHANGELOG
CHANGED
|
@@ -1,5 +1,16 @@
|
|
|
1
1
|
# CHANGELOG
|
|
2
2
|
|
|
3
|
+
# 20260522
|
|
4
|
+
# 0.19.0: Change default verify_mode to VERIFY_PEER.
|
|
5
|
+
1. ~ HTTP.request: Default verify_mode changed from OpenSSL::SSL::VERIFY_NONE to OpenSSL::SSL::VERIFY_PEER. Callers needing the old behaviour can pass verify_mode: OpenSSL::SSL::VERIFY_NONE explicitly through the options hash.
|
|
6
|
+
2. ~ spec/HTTP/get_spec.rb: + specs for default verify_mode and explicit VERIFY_NONE override; /verify_mode: 0/verify_mode: OpenSSL::SSL::VERIFY_PEER/ in redirect specs.
|
|
7
|
+
3. ~ spec/HTTP/post_spec.rb: /verify_mode: 0/verify_mode: OpenSSL::SSL::VERIFY_PEER/ in redirect specs.
|
|
8
|
+
4. ~ spec/HTTP/put_spec.rb: /verify_mode: 0/verify_mode: OpenSSL::SSL::VERIFY_PEER/ in redirect specs.
|
|
9
|
+
5. ~ spec/HTTP/delete_spec.rb: /verify_mode: 0/verify_mode: OpenSSL::SSL::VERIFY_PEER/ in redirect specs.
|
|
10
|
+
6. ~ README.md: Note the new verify_mode default and how to opt back into VERIFY_NONE.
|
|
11
|
+
7. ~ HTTP::VERSION: /0.18.3/0.19.0/
|
|
12
|
+
8. ~ CHANGELOG: + 0.19.0 entry
|
|
13
|
+
|
|
3
14
|
# 20260521
|
|
4
15
|
# 0.18.3: Fix verb preservation on 307/308 redirects.
|
|
5
16
|
1. ~ HTTP.request: Use original verb when following 307 or 308 redirects, per RFC 7231 §6.4.7 and RFC 7538. 301/302/303 keep legacy GET-on-redirect behaviour.
|
data/README.md
CHANGED
|
@@ -241,6 +241,10 @@ verify_mode
|
|
|
241
241
|
# SSL/TLS session.
|
|
242
242
|
#
|
|
243
243
|
# OpenSSL::SSL::VERIFY_NONE or OpenSSL::SSL::VERIFY_PEER are acceptable.
|
|
244
|
+
#
|
|
245
|
+
# Defaults to OpenSSL::SSL::VERIFY_PEER as of 0.19.0. To opt back into the
|
|
246
|
+
# previous behaviour, pass verify_mode: OpenSSL::SSL::VERIFY_NONE through
|
|
247
|
+
# the options hash.
|
|
244
248
|
```
|
|
245
249
|
|
|
246
250
|
## Contributing
|
data/lib/HTTP/VERSION.rb
CHANGED
data/lib/HTTP/request.rb
CHANGED
|
@@ -16,7 +16,7 @@ module HTTP
|
|
|
16
16
|
http = Net::HTTP.new(uri.host, uri.port)
|
|
17
17
|
no_redirect = options.delete(:no_redirect)
|
|
18
18
|
options[:use_ssl] ||= uri.use_ssl?
|
|
19
|
-
options[:verify_mode] ||= OpenSSL::SSL::
|
|
19
|
+
options[:verify_mode] ||= OpenSSL::SSL::VERIFY_PEER
|
|
20
20
|
http.options = options
|
|
21
21
|
request_object.headers = headers
|
|
22
22
|
request_object.basic_auth(uri.user, uri.password) if uri.user
|
data/spec/HTTP/delete_spec.rb
CHANGED
|
@@ -148,7 +148,7 @@ describe ".delete" do
|
|
|
148
148
|
|
|
149
149
|
it "does a redirect" do
|
|
150
150
|
expect(HTTP).to receive(:delete).once.with(request_uri).and_call_original
|
|
151
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
151
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
152
152
|
response = HTTP.delete(request_uri)
|
|
153
153
|
expect(response.success?).to eq(true)
|
|
154
154
|
end
|
|
@@ -163,7 +163,7 @@ describe ".delete" do
|
|
|
163
163
|
|
|
164
164
|
it "does a redirect" do
|
|
165
165
|
expect(HTTP).to receive(:delete).once.with(request_uri).and_call_original
|
|
166
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
166
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
167
167
|
response = HTTP.delete(request_uri)
|
|
168
168
|
expect(response.success?).to eq(true)
|
|
169
169
|
end
|
|
@@ -190,7 +190,7 @@ describe ".delete" do
|
|
|
190
190
|
|
|
191
191
|
it "does a redirect" do
|
|
192
192
|
expect(HTTP).to receive(:delete).once.with(request_uri).and_call_original
|
|
193
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
193
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
194
194
|
response = HTTP.delete(request_uri)
|
|
195
195
|
expect(response.success?).to eq(true)
|
|
196
196
|
end
|
|
@@ -205,7 +205,7 @@ describe ".delete" do
|
|
|
205
205
|
|
|
206
206
|
it "does a redirect" do
|
|
207
207
|
expect(HTTP).to receive(:delete).once.with(request_uri).and_call_original
|
|
208
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
208
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
209
209
|
response = HTTP.delete(request_uri)
|
|
210
210
|
expect(response.success?).to eq(true)
|
|
211
211
|
end
|
|
@@ -227,7 +227,7 @@ describe ".delete" do
|
|
|
227
227
|
|
|
228
228
|
it "preserves the verb" do
|
|
229
229
|
expect(HTTP).to receive(:delete).with(request_uri).and_call_original.ordered
|
|
230
|
-
expect(HTTP).to receive(:delete).with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
230
|
+
expect(HTTP).to receive(:delete).with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original.ordered
|
|
231
231
|
response = HTTP.delete(request_uri)
|
|
232
232
|
expect(response.success?).to eq(true)
|
|
233
233
|
end
|
data/spec/HTTP/get_spec.rb
CHANGED
|
@@ -115,6 +115,32 @@ describe ".get" do
|
|
|
115
115
|
end
|
|
116
116
|
end
|
|
117
117
|
|
|
118
|
+
context "with default verify_mode" do
|
|
119
|
+
let(:uri){'http://example.com/path'}
|
|
120
|
+
let(:parsed_uri){URI.parse(uri)}
|
|
121
|
+
let(:net_http_object){Net::HTTP.new(parsed_uri.host, parsed_uri.port)}
|
|
122
|
+
|
|
123
|
+
before do
|
|
124
|
+
stub_request(:get, uri).
|
|
125
|
+
with(headers: {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
|
|
126
|
+
to_return(status: 200, body: '', headers: {})
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
it "defaults verify_mode to OpenSSL::SSL::VERIFY_PEER" do
|
|
130
|
+
allow(Net::HTTP).to receive(:new).with(parsed_uri.host, parsed_uri.port).and_return(net_http_object)
|
|
131
|
+
response = HTTP.get(uri)
|
|
132
|
+
expect(net_http_object.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER)
|
|
133
|
+
expect(response.success?).to eq(true)
|
|
134
|
+
end
|
|
135
|
+
|
|
136
|
+
it "allows opting back into VERIFY_NONE via options" do
|
|
137
|
+
allow(Net::HTTP).to receive(:new).with(parsed_uri.host, parsed_uri.port).and_return(net_http_object)
|
|
138
|
+
response = HTTP.get(uri, {}, {}, {verify_mode: OpenSSL::SSL::VERIFY_NONE})
|
|
139
|
+
expect(net_http_object.verify_mode).to eq(OpenSSL::SSL::VERIFY_NONE)
|
|
140
|
+
expect(response.success?).to eq(true)
|
|
141
|
+
end
|
|
142
|
+
end
|
|
143
|
+
|
|
118
144
|
context "with block supplied" do
|
|
119
145
|
let(:uri){'http://example.com/path'}
|
|
120
146
|
|
|
@@ -148,7 +174,7 @@ describe ".get" do
|
|
|
148
174
|
|
|
149
175
|
it "does a redirect" do
|
|
150
176
|
expect(HTTP).to receive(:get).once.with(request_uri).and_call_original
|
|
151
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
177
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
152
178
|
response = HTTP.get(request_uri)
|
|
153
179
|
expect(response.success?).to eq(true)
|
|
154
180
|
end
|
|
@@ -163,7 +189,7 @@ describe ".get" do
|
|
|
163
189
|
|
|
164
190
|
it "does a redirect" do
|
|
165
191
|
expect(HTTP).to receive(:get).once.with(request_uri).and_call_original
|
|
166
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
192
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
167
193
|
response = HTTP.get(request_uri)
|
|
168
194
|
expect(response.success?).to eq(true)
|
|
169
195
|
end
|
|
@@ -190,7 +216,7 @@ describe ".get" do
|
|
|
190
216
|
|
|
191
217
|
it "does a redirect" do
|
|
192
218
|
expect(HTTP).to receive(:get).once.with(request_uri).and_call_original
|
|
193
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
219
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
194
220
|
response = HTTP.get(request_uri)
|
|
195
221
|
expect(response.success?).to eq(true)
|
|
196
222
|
end
|
|
@@ -205,7 +231,7 @@ describe ".get" do
|
|
|
205
231
|
|
|
206
232
|
it "does a redirect" do
|
|
207
233
|
expect(HTTP).to receive(:get).once.with(request_uri).and_call_original
|
|
208
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
234
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
209
235
|
response = HTTP.get(request_uri)
|
|
210
236
|
expect(response.success?).to eq(true)
|
|
211
237
|
end
|
|
@@ -228,7 +254,7 @@ describe ".get" do
|
|
|
228
254
|
|
|
229
255
|
it "preserves the HTTPS scheme on a relative redirect" do
|
|
230
256
|
expect(HTTP).to receive(:get).once.with(request_uri).and_call_original
|
|
231
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: true, verify_mode:
|
|
257
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: true, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
232
258
|
response = HTTP.get(request_uri)
|
|
233
259
|
expect(response.success?).to eq(true)
|
|
234
260
|
end
|
data/spec/HTTP/post_spec.rb
CHANGED
|
@@ -286,7 +286,7 @@ describe ".post" do
|
|
|
286
286
|
|
|
287
287
|
it "does a redirect" do
|
|
288
288
|
expect(HTTP).to receive(:post).once.with(request_uri).and_call_original
|
|
289
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
289
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
290
290
|
response = HTTP.post(request_uri)
|
|
291
291
|
expect(response.success?).to eq(true)
|
|
292
292
|
end
|
|
@@ -301,7 +301,7 @@ describe ".post" do
|
|
|
301
301
|
|
|
302
302
|
it "does a redirect" do
|
|
303
303
|
expect(HTTP).to receive(:post).once.with(request_uri).and_call_original
|
|
304
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
304
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
305
305
|
response = HTTP.post(request_uri)
|
|
306
306
|
expect(response.success?).to eq(true)
|
|
307
307
|
end
|
|
@@ -328,7 +328,7 @@ describe ".post" do
|
|
|
328
328
|
|
|
329
329
|
it "does a redirect" do
|
|
330
330
|
expect(HTTP).to receive(:post).once.with(request_uri).and_call_original
|
|
331
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
331
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
332
332
|
response = HTTP.post(request_uri)
|
|
333
333
|
expect(response.success?).to eq(true)
|
|
334
334
|
end
|
|
@@ -343,7 +343,7 @@ describe ".post" do
|
|
|
343
343
|
|
|
344
344
|
it "does a redirect" do
|
|
345
345
|
expect(HTTP).to receive(:post).once.with(request_uri).and_call_original
|
|
346
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
346
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
347
347
|
response = HTTP.post(request_uri)
|
|
348
348
|
expect(response.success?).to eq(true)
|
|
349
349
|
end
|
|
@@ -369,7 +369,7 @@ describe ".post" do
|
|
|
369
369
|
|
|
370
370
|
it "preserves the verb" do
|
|
371
371
|
expect(HTTP).to receive(:post).with(request_uri).and_call_original.ordered
|
|
372
|
-
expect(HTTP).to receive(:post).with(redirect_uri, '', {}, {use_ssl: false, verify_mode:
|
|
372
|
+
expect(HTTP).to receive(:post).with(redirect_uri, '', {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original.ordered
|
|
373
373
|
response = HTTP.post(request_uri)
|
|
374
374
|
expect(response.success?).to eq(true)
|
|
375
375
|
end
|
|
@@ -384,7 +384,7 @@ describe ".post" do
|
|
|
384
384
|
|
|
385
385
|
it "preserves the verb" do
|
|
386
386
|
expect(HTTP).to receive(:post).with(request_uri).and_call_original.ordered
|
|
387
|
-
expect(HTTP).to receive(:post).with(redirect_uri, '', {}, {use_ssl: false, verify_mode:
|
|
387
|
+
expect(HTTP).to receive(:post).with(redirect_uri, '', {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original.ordered
|
|
388
388
|
response = HTTP.post(request_uri)
|
|
389
389
|
expect(response.success?).to eq(true)
|
|
390
390
|
end
|
data/spec/HTTP/put_spec.rb
CHANGED
|
@@ -286,7 +286,7 @@ describe ".put" do
|
|
|
286
286
|
|
|
287
287
|
it "does a redirect" do
|
|
288
288
|
expect(HTTP).to receive(:put).once.with(request_uri).and_call_original
|
|
289
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
289
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
290
290
|
response = HTTP.put(request_uri)
|
|
291
291
|
expect(response.success?).to eq(true)
|
|
292
292
|
end
|
|
@@ -301,7 +301,7 @@ describe ".put" do
|
|
|
301
301
|
|
|
302
302
|
it "does a redirect" do
|
|
303
303
|
expect(HTTP).to receive(:put).once.with(request_uri).and_call_original
|
|
304
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
304
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
305
305
|
response = HTTP.put(request_uri)
|
|
306
306
|
expect(response.success?).to eq(true)
|
|
307
307
|
end
|
|
@@ -328,7 +328,7 @@ describe ".put" do
|
|
|
328
328
|
|
|
329
329
|
it "does a redirect" do
|
|
330
330
|
expect(HTTP).to receive(:put).once.with(request_uri).and_call_original
|
|
331
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
331
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
332
332
|
response = HTTP.put(request_uri)
|
|
333
333
|
expect(response.success?).to eq(true)
|
|
334
334
|
end
|
|
@@ -343,7 +343,7 @@ describe ".put" do
|
|
|
343
343
|
|
|
344
344
|
it "does a redirect" do
|
|
345
345
|
expect(HTTP).to receive(:put).once.with(request_uri).and_call_original
|
|
346
|
-
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode:
|
|
346
|
+
expect(HTTP).to receive(:get).once.with(redirect_uri, {}, {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original
|
|
347
347
|
response = HTTP.put(request_uri)
|
|
348
348
|
expect(response.success?).to eq(true)
|
|
349
349
|
end
|
|
@@ -365,7 +365,7 @@ describe ".put" do
|
|
|
365
365
|
|
|
366
366
|
it "preserves the verb" do
|
|
367
367
|
expect(HTTP).to receive(:put).with(request_uri).and_call_original.ordered
|
|
368
|
-
expect(HTTP).to receive(:put).with(redirect_uri, '', {}, {use_ssl: false, verify_mode:
|
|
368
|
+
expect(HTTP).to receive(:put).with(redirect_uri, '', {}, {use_ssl: false, verify_mode: OpenSSL::SSL::VERIFY_PEER}).and_call_original.ordered
|
|
369
369
|
response = HTTP.put(request_uri)
|
|
370
370
|
expect(response.success?).to eq(true)
|
|
371
371
|
end
|