http 5.0.0 → 5.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cc5c5ebaa25630442cf182d6cc9925d112dccbfeb4030f07951cfaad72f35bde
-  data.tar.gz: bdb8d0148f8fd0cdb3634ab743db153a998bfa8f8be28295bb8d95bae5833d68
+  metadata.gz: 92001458b2f36332dfd042ab8750595408d2be8e941ed52be9237e11c071fef7
+  data.tar.gz: de00f9d0a8f59f3af1605f479e503269741c751b397d62d618c8866e58929140
 SHA512:
-  metadata.gz: d74104f964a90c0d0689df9f5af8082fcd5d4902dfa46bf9bdc22ed1a2a86d48211c29fd42b20c037afee958f89ef1f5e7d442285083f169852ccf31bd522818
-  data.tar.gz: 6bac3882bc504513b6a05eb7facf5823b4f46ea55a737933b75305a336b23a97a21914f77378f8a67d7ab262a3b16ec46c592f224036491254f1bb0363e3d294
+  metadata.gz: 63249cd08800a312ffba0ed4b9a508e3890b3088058956e5433c71a60957bfe9985070225855b926d78f5a64c3b587a122c52137788b54e10da65076b39f541f
+  data.tar.gz: 89605690a8dd8ac3bf23447de8a75f90bc37a77d8ff0e85d84b0748daf2cf06b69011d8e19cc4b22067e479decdfc9d8ca46f7fc0495ec90c25a433e10c1eac8

data/.github/workflows/ci.yml

@@ -2,9 +2,9 @@ name: CI
 
 on:
   push:
-    branches: [ master ]
+    branches: [ main ]
   pull_request:
-    branches: [ master ]
+    branches: [ main ]
 
 env:
   BUNDLE_WITHOUT: "development"

data/CHANGES.md

@@ -1,3 +1,65 @@
+## 5.0.4 (2021-10-07)
+
+* [#698](https://github.com/httprb/http/pull/698)
+  Fix `HTTP::Timeout::Global#connect_ssl`.
+  ([@tarcieri])
+
+## 5.0.3 (2021-10-06)
+
+* [#695](https://github.com/httprb/http/pull/695)
+  Revert DNS resolving feature.
+  ([@PhilCoggins])
+
+* [#694](https://github.com/httprb/http/pull/694)
+  Fix cookies extraction.
+  ([@flosacca])
+
+## 5.0.2 (2021-09-10)
+
+* [#686](https://github.com/httprb/http/pull/686)
+  Correctly reset the parser.
+  ([@bryanp])
+
+* [#684](https://github.com/httprb/http/pull/684)
+  Don't set Content-Length for GET, HEAD, DELETE, or CONNECT requests without a BODY.
+  ([@jyn514])
+
+* [#679](https://github.com/httprb/http/pull/679)
+  Use features on redirected requests.
+  ([@nomis])
+
+* [#678](https://github.com/schwern)
+  Restore `HTTP::Response` `:uri` option for backwards compatibility.
+  ([@schwern])
+
+* [#676](https://github.com/httprb/http/pull/676)
+  Update addressable because of CVE-2021-32740.
+  ([@matheussilvasantos])
+
+* [#653](https://github.com/httprb/http/pull/653)
+  Avoid force encodings on frozen strings.
+  ([@bvicenzo])
+
+* [#638](https://github.com/httprb/http/pull/638)
+  DNS failover handling.
+  ([@midnight-wonderer])  
+
+
+## 5.0.1 (2021-06-26)
+
+* [#670](https://github.com/httprb/http/pull/670)
+  Revert `Response#parse` behavior introduced in [#540].
+  ([@DannyBen])
+
+* [#669](https://github.com/httprb/http/pull/669)
+  Prevent bodies from being resubmitted when following unsafe redirects.
+  ([@odinhb])
+
+* [#664](https://github.com/httprb/http/pull/664)
+  Bump llhttp-ffi to 0.3.0.
+  ([@bryanp])
+
+
 ## 5.0.0 (2021-05-12)
 
 * [#656](https://github.com/httprb/http/pull/656)
@@ -53,6 +115,12 @@
   Preserve header names casing.
   ([@joshuaflanagan])
 
+* [#540](https://github.com/httprb/http/pull/540)
+  [#538](https://github.com/httprb/http/issues/538)
+  **BREAKING CHANGE**
+  Require explicit MIME type for Response#parse
+  ([@ixti])
+
 * [#532](https://github.com/httprb/http/pull/532)
   Fix pipes support in request bodies.
   ([@ixti])
@@ -79,6 +147,9 @@
   Drop Ruby 2.3.x support.
   ([@ixti])
 
+* [3ed0c31](https://github.com/httprb/http/commit/3ed0c318eab6a8c390654cda17bf6df9e963c7d6)
+  Drop Ruby 2.4.x support.
+
 
 ## 4.4.0 (2020-03-25)
 
@@ -887,3 +958,13 @@ end
 [@semenyukdmitry]: https://github.com/semenyukdmitry
 [@bryanp]: https://github.com/bryanp
 [@meanphil]: https://github.com/meanphil
+[@odinhb]: https://github.com/odinhb
+[@DannyBen]: https://github.com/DannyBen
+[@jyn514]: https://github.com/jyn514
+[@bvicenzo]: https://github.com/bvicenzo
+[@nomis]: https://github.com/nomis
+[@midnight-wonderer]: https://github.com/midnight-wonderer
+[@schwern]: https://github.com/schwern
+[@matheussilvasantos]: https://github.com/matheussilvasantos
+[@PhilCoggins]: https://github.com/PhilCoggins
+[@flosacca]: https://github.com/flosacca

data/Gemfile

@@ -27,7 +27,7 @@ group :test do
 
   gem "backports"
 
-  gem "rubocop"
+  gem "rubocop", "~> 1.21"
   gem "rubocop-performance"
   gem "rubocop-rake"
   gem "rubocop-rspec"

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2011-2016 Tony Arcieri, Erik Michaels-Ober, Alexey V. Zapparov, Zachary Anker
+Copyright (c) 2011-2021 Tony Arcieri, Erik Michaels-Ober, Alexey V. Zapparov, Zachary Anker
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -1,16 +1,12 @@
-# ![http.rb](https://raw.github.com/httprb/http.rb/master/logo.png)
+# ![http.rb](https://raw.github.com/httprb/http.rb/main/logo.png)
 
-[![Gem Version](https://img.shields.io/gem/v/http?logo=ruby)](https://rubygems.org/gems/http)
-[![Build Status](https://github.com/httprb/http/workflows/CI/badge.svg)](https://github.com/httprb/http/actions?query=workflow:CI)
-[![Code Climate](https://codeclimate.com/github/httprb/http.svg?branch=master)](https://codeclimate.com/github/httprb/http)
-[![MIT licensed](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/httprb/http/blob/master/LICENSE.txt)
+[![Gem Version][gem-image]][gem-link]
+[![MIT licensed][license-image]][license-link]
+[![Build Status][build-image]][build-link]
+[![Code Climate][codeclimate-image]][codeclimate-link]
 
 [Documentation]
 
-_NOTE: This is the 5.x **development** branch.  For the 4.x **stable** branch, please see:_
-
-https://github.com/httprb/http/tree/4-x-stable
-
 ## About
 
 HTTP (The Gem! a.k.a. http.rb) is an easy-to-use client library for making requests
@@ -21,63 +17,16 @@ Under the hood, http.rb uses the [llhttp] parser, a fast HTTP parsing native ext
 This library isn't just yet another wrapper around `Net::HTTP`. It implements the HTTP
 protocol natively and outsources the parsing to native extensions.
 
-[requests]: http://docs.python-requests.org/en/latest/
-[llhttp]: https://llhttp.org/
-
-
-## Another Ruby HTTP library? Why should I care?
-
-There are a lot of HTTP libraries to choose from in the Ruby ecosystem.
-So why would you choose this one?
+### Why http.rb?
 
-Top three reasons:
-
-1. **Clean API**: http.rb offers an easy-to-use API that should be a
+- **Clean API**: http.rb offers an easy-to-use API that should be a
    breath of fresh air after using something like Net::HTTP.
 
-2. **Maturity**: http.rb is one of the most mature Ruby HTTP clients, supporting
+- **Maturity**: http.rb is one of the most mature Ruby HTTP clients, supporting
    features like persistent connections and fine-grained timeouts.
 
-3. **Performance**: using native parsers and a clean, lightweight implementation,
-   http.rb achieves the best performance of any Ruby HTTP library which
-   implements the HTTP protocol in Ruby instead of C:
-
-  | HTTP client              | Time   | Implementation        |
-  |--------------------------|--------|-----------------------|
-  | curb (persistent)        | 2.519  | libcurl wrapper       |
-  | em-http-request          | 2.731  | EM + http_parser.rb   |
-  | Typhoeus                 | 2.851  | libcurl wrapper       |
-  | StreamlyFFI (persistent) | 2.853  | libcurl wrapper       |
-  | http.rb (persistent)     | 2.970  | Ruby + http_parser.rb |
-  | http.rb                  | 3.588  | Ruby + http_parser.rb |
-  | HTTParty                 | 3.931  | Net::HTTP wrapper     |
-  | Net::HTTP                | 3.959  | Pure Ruby             |
-  | Net::HTTP (persistent)   | 4.043  | Pure Ruby             |
-  | open-uri                 | 4.479  | Net::HTTP wrapper     |
-  | Excon (persistent)       | 4.618  | Pure Ruby             |
-  | Excon                    | 4.701  | Pure Ruby             |
-  | RestClient               | 26.838 | Net::HTTP wrapper     |
-
-Benchmarks performed using excon's benchmarking tool
-
-DISCLAIMER: Most benchmarks you find in READMEs are crap,
-including this one. These are out-of-date. If you care about
-performance, benchmark for yourself for your own use cases!
-
-## Help and Discussion
-
-If you need help or just want to talk about the http.rb,
-visit the http.rb Google Group:
-
-https://groups.google.com/forum/#!forum/httprb
-
-You can join by email by sending a message to:
-
-[httprb+subscribe@googlegroups.com](mailto:httprb+subscribe@googlegroups.com)
-
-If you believe you've found a bug, please report it at:
-
-https://github.com/httprb/http/issues
+- **Performance**: using native parsers and a clean, lightweight implementation,
+   http.rb achieves high performance while implementing HTTP in Ruby instead of C.
 
 
 ## Installation
@@ -112,10 +61,9 @@ for more detailed documentation and usage notes.
 
 The following API documentation is also available:
 
-* [YARD API documentation](https://www.rubydoc.info/github/httprb/http)
-* [Chainable module (all chainable methods)](https://www.rubydoc.info/github/httprb/http/HTTP/Chainable)
+- [YARD API documentation](https://www.rubydoc.info/github/httprb/http)
+- [Chainable module (all chainable methods)](https://www.rubydoc.info/github/httprb/http/HTTP/Chainable)
 
-[documentation]: https://github.com/httprb/http/wiki
 
 ### Basic Usage
 
@@ -142,7 +90,7 @@ We can also obtain an `HTTP::Response::Body` object for this response:
 ```
 
 The response body can be streamed with `HTTP::Response::Body#readpartial`.
-In practice, you'll want to bind the HTTP::Response::Body to a local variable
+In practice, you'll want to bind the `HTTP::Response::Body` to a local variable
 and call `#readpartial` on it repeatedly until it returns `nil`:
 
 ```ruby
@@ -159,13 +107,13 @@ and call `#readpartial` on it repeatedly until it returns `nil`:
 
 ## Supported Ruby Versions
 
-This library aims to support and is [tested against][travis] the following Ruby
-versions:
+This library aims to support and is [tested against][build-link]
+the following Ruby  versions:
 
-* Ruby 2.6
-* Ruby 2.7
-* Ruby 3.0
-* JRuby 9.2
+- Ruby 2.6
+- Ruby 2.7
+- Ruby 3.0
+- JRuby 9.2
 
 If something doesn't work on one of these versions, it's a bug.
 
@@ -180,20 +128,36 @@ patches in a timely fashion. If critical issues for a particular implementation
 exist at the time of a major release, support for that Ruby version may be
 dropped.
 
-[travis]: http://travis-ci.org/httprb/http
-
 
 ## Contributing to http.rb
 
-* Fork http.rb on GitHub
-* Make your changes
-* Ensure all tests pass (`bundle exec rake`)
-* Send a pull request
-* If we like them we'll merge them
-* If we've accepted a patch, feel free to ask for commit access!
+- Fork http.rb on GitHub
+- Make your changes
+- Ensure all tests pass (`bundle exec rake`)
+- Send a pull request
+- If we like them we'll merge them
+- If we've accepted a patch, feel free to ask for commit access!
 
 
 ## Copyright
 
-Copyright (c) 2011-2021 Tony Arcieri, Alexey V. Zapparov, Erik Michaels-Ober, Zachary Anker.
+Copyright © 2011-2021 Tony Arcieri, Alexey V. Zapparov, Erik Michaels-Ober, Zachary Anker.
 See LICENSE.txt for further details.
+
+
+[//]: # (badges)
+
+[gem-image]: https://img.shields.io/gem/v/http?logo=ruby
+[gem-link]: https://rubygems.org/gems/http
+[license-image]: https://img.shields.io/badge/license-MIT-blue.svg
+[license-link]: https://github.com/httprb/http/blob/main/LICENSE.txt
+[build-image]: https://github.com/httprb/http/workflows/CI/badge.svg
+[build-link]: https://github.com/httprb/http/actions/workflows/ci.yml
+[codeclimate-image]: https://codeclimate.com/github/httprb/http.svg?branch=main
+[codeclimate-link]: https://codeclimate.com/github/httprb/http
+
+[//]: # (links)
+
+[documentation]: https://github.com/httprb/http/wiki
+[requests]: http://docs.python-requests.org/en/latest/
+[llhttp]: https://llhttp.org/

data/http.gemspec

@@ -27,10 +27,10 @@ Gem::Specification.new do |gem|
 
   gem.required_ruby_version = ">= 2.5"
 
-  gem.add_runtime_dependency "addressable",    "~> 2.3"
+  gem.add_runtime_dependency "addressable",    "~> 2.8"
   gem.add_runtime_dependency "http-cookie",    "~> 1.0"
   gem.add_runtime_dependency "http-form_data", "~> 2.2"
-  gem.add_runtime_dependency "llhttp-ffi",     "~> 0.0.1"
+  gem.add_runtime_dependency "llhttp-ffi",     "~> 0.4.0"
 
   gem.add_development_dependency "bundler", "~> 2.0"
 

data/lib/http/client.rb

@@ -32,7 +32,7 @@ module HTTP
       return res unless opts.follow
 
       Redirector.new(opts.follow).perform(req, res) do |request|
-        perform(request, opts)
+        perform(wrap_request(request, opts), opts)
       end
     end
 
@@ -52,9 +52,7 @@ module HTTP
         :body           => body
       )
 
-      opts.features.inject(req) do |request, (_name, feature)|
-        feature.wrap_request(request)
-      end
+      wrap_request(req, opts)
     end
 
     # @!method persistent?
@@ -104,6 +102,12 @@ module HTTP
 
     private
 
+    def wrap_request(req, opts)
+      opts.features.inject(req) do |request, (_name, feature)|
+        feature.wrap_request(request)
+      end
+    end
+
     def build_response(req, options)
       Response.new(
         :status        => @connection.status_code,

data/lib/http/features/auto_inflate.rb

@@ -21,8 +21,6 @@ module HTTP
           :request       => response.request
         }
 
-        options[:uri] = response.uri if response.uri
-
         Response.new(options)
       end
 

data/lib/http/request/writer.rb

@@ -47,7 +47,11 @@ module HTTP
       # Adds the headers to the header array for the given request body we are working
       # with
       def add_body_type_headers
-        return if @headers[Headers::CONTENT_LENGTH] || chunked?
+        return if @headers[Headers::CONTENT_LENGTH] || chunked? || (
+          @body.source.nil? && %w[GET HEAD DELETE CONNECT].any? do |method|
+            @request_header[0].start_with?("#{method} ")
+          end
+        )
 
         @request_header << "#{Headers::CONTENT_LENGTH}: #{@body.size}"
       end
@@ -57,7 +61,7 @@ module HTTP
       def join_headers
         # join the headers array with crlfs, stick two on the end because
         # that ends the request header
-        @request_header.join(CRLF) + CRLF * 2
+        @request_header.join(CRLF) + (CRLF * 2)
       end
 
       # Writes HTTP request data into the socket.

data/lib/http/request.rb

@@ -104,12 +104,26 @@ module HTTP
       headers = self.headers.dup
       headers.delete(Headers::HOST)
 
+      new_body = body.source
+      if verb == :get
+        # request bodies should not always be resubmitted when following a redirect
+        # some servers will close the connection after receiving the request headers
+        # which may cause Errno::ECONNRESET: Connection reset by peer
+        # see https://github.com/httprb/http/issues/649
+        # new_body = Request::Body.new(nil)
+        new_body = nil
+        # the CONTENT_TYPE header causes problems if set on a get request w/ an empty body
+        # the server might assume that there should be content if it is set to multipart
+        # rack raises EmptyContentError if this happens
+        headers.delete(Headers::CONTENT_TYPE)
+      end
+
       self.class.new(
         :verb           => verb,
         :uri            => @uri.join(uri),
         :headers        => headers,
         :proxy          => proxy,
-        :body           => body.source,
+        :body           => new_body,
         :version        => version,
         :uri_normalizer => uri_normalizer
       )

data/lib/http/response/body.rb

@@ -27,7 +27,9 @@ module HTTP
       # (see HTTP::Client#readpartial)
       def readpartial(*args)
         stream!
-        @stream.readpartial(*args)&.force_encoding(@encoding)
+        chunk = @stream.readpartial(*args)
+
+        String.new(chunk, :encoding => @encoding) if chunk
       end
 
       # Iterate over the body, allowing it to be enumerable
@@ -45,11 +47,11 @@ module HTTP
 
         begin
           @streaming  = false
-          @contents   = String.new("").force_encoding(@encoding)
+          @contents   = String.new("", :encoding => @encoding)
 
           while (chunk = @stream.readpartial)
-            @contents << chunk.force_encoding(@encoding)
-            chunk.clear # deallocate string
+            @contents << String.new(chunk, :encoding => @encoding)
+            chunk = nil # deallocate string
           end
         rescue
           @contents = nil

data/lib/http/response/parser.rb

@@ -15,7 +15,7 @@ module HTTP
       end
 
       def reset
-        @parser.finish
+        @parser.reset
         @handler.reset
         @header_finished = false
         @message_finished = false

data/lib/http/response.rb

@@ -40,10 +40,11 @@ module HTTP
     # @option opts [HTTP::Connection] :connection
     # @option opts [String] :encoding Encoding to use when reading body
     # @option opts [String] :body
-    # @option opts [HTTP::Request] request
+    # @option opts [HTTP::Request] request The request this is in response to.
+    # @option opts [String] :uri (DEPRECATED) used to populate a missing request
     def initialize(opts)
       @version       = opts.fetch(:version)
-      @request       = opts.fetch(:request)
+      @request       = init_request(opts)
       @status        = HTTP::Response::Status.new(opts.fetch(:status))
       @headers       = HTTP::Headers.coerce(opts[:headers] || {})
       @proxy_headers = HTTP::Headers.coerce(opts[:proxy_headers] || {})
@@ -137,8 +138,8 @@ module HTTP
     def_delegator :content_type, :charset
 
     def cookies
-      @cookies ||= headers.each_with_object CookieJar.new do |(k, v), jar|
-        jar.parse(v, uri) if k == Headers::SET_COOKIE
+      @cookies ||= headers.get(Headers::SET_COOKIE).each_with_object CookieJar.new do |v, jar|
+        jar.parse(v, uri)
       end
     end
 
@@ -156,13 +157,30 @@ module HTTP
     # @param type [#to_s] Parse as given MIME type.
     # @raise (see MimeType.[])
     # @return [Object]
-    def parse(type)
-      MimeType[type].decode to_s
+    def parse(type = nil)
+      MimeType[type || mime_type].decode to_s
     end
 
     # Inspect a response
     def inspect
       "#<#{self.class}/#{@version} #{code} #{reason} #{headers.to_h.inspect}>"
     end
+
+    private
+
+    # Initialize an HTTP::Request from options.
+    #
+    # @return [HTTP::Request]
+    def init_request(opts)
+      raise ArgumentError, ":uri is for backwards compatibilty and conflicts with :request" \
+        if opts[:request] && opts[:uri]
+
+      # For backwards compatibilty
+      if opts[:uri]
+        HTTP::Request.new(:uri => opts[:uri], :verb => :get)
+      else
+        opts.fetch(:request)
+      end
+    end
   end
 end

data/lib/http/timeout/global.rb

@@ -35,12 +35,10 @@ module HTTP
         begin
           @socket.connect_nonblock
         rescue IO::WaitReadable
-          IO.select([@socket], nil, nil, @time_left)
-          log_time
+          wait_readable_or_timeout
           retry
         rescue IO::WaitWritable
-          IO.select(nil, [@socket], nil, @time_left)
-          log_time
+          wait_writable_or_timeout
           retry
         end
       end

data/lib/http/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module HTTP
-  VERSION = "5.0.0"
+  VERSION = "5.0.4"
 end

data/spec/lib/http/client_spec.rb

@@ -4,6 +4,7 @@
 require "support/http_handling_shared"
 require "support/dummy_server"
 require "support/ssl_helper"
+require "logger"
 
 RSpec.describe HTTP::Client do
   run_server(:dummy) { DummyServer.new }
@@ -115,6 +116,39 @@ RSpec.describe HTTP::Client do
     end
   end
 
+  describe "following redirects with logging" do
+    let(:logger) do
+      logger           = Logger.new(logdev)
+      logger.formatter = ->(severity, _, _, message) { format("** %s **\n%s\n", severity, message) }
+      logger.level     = Logger::INFO
+      logger
+    end
+
+    let(:logdev) { StringIO.new }
+
+    it "logs all requests" do
+      client = StubbedClient.new(:follow => true, :features => { :logging => { :logger => logger } }).stub(
+        "http://example.com/"  => redirect_response("/1"),
+        "http://example.com/1" => redirect_response("/2"),
+        "http://example.com/2" => redirect_response("/3"),
+        "http://example.com/3" => simple_response("OK")
+      )
+
+      expect { client.get("http://example.com/") }.not_to raise_error
+
+      expect(logdev.string).to eq <<~OUTPUT
+        ** INFO **
+        > GET http://example.com/
+        ** INFO **
+        > GET http://example.com/1
+        ** INFO **
+        > GET http://example.com/2
+        ** INFO **
+        > GET http://example.com/3
+      OUTPUT
+    end
+  end
+
   describe "parsing params" do
     let(:client) { HTTP::Client.new }
     before { allow(client).to receive :perform }

data/spec/lib/http/features/auto_inflate_spec.rb

@@ -74,7 +74,6 @@ RSpec.describe HTTP::Features::AutoInflate do
           :status     => 200,
           :headers    => {:content_encoding => "gzip"},
           :connection => connection,
-          :uri        => "https://example.com",
           :request    => HTTP::Request.new(:verb => :get, :uri => "https://example.com")
         )
       end

data/spec/lib/http/features/instrumentation_spec.rb

@@ -46,7 +46,6 @@ RSpec.describe HTTP::Features::Instrumentation do
     let(:response) do
       HTTP::Response.new(
         :version => "1.1",
-        :uri     => "https://example.com",
         :status  => 200,
         :headers => {:content_type => "application/json"},
         :body    => '{"success": true}',

data/spec/lib/http/features/logging_spec.rb

@@ -42,7 +42,6 @@ RSpec.describe HTTP::Features::Logging do
     let(:response) do
       HTTP::Response.new(
         :version => "1.1",
-        :uri     => "https://example.com",
         :status  => 200,
         :headers => {:content_type => "application/json"},
         :body    => '{"success": true}',

data/spec/lib/http/redirector_spec.rb

@@ -396,5 +396,49 @@ RSpec.describe HTTP::Redirector do
         end
       end
     end
+
+    describe "changing verbs during redirects" do
+      let(:options) { {:strict => false} }
+      let(:post_body) { HTTP::Request::Body.new("i might be way longer in real life") }
+      let(:cookie) { "dont eat my cookies" }
+
+      def a_dangerous_request(verb)
+        HTTP::Request.new(
+          :verb => verb, :uri => "http://example.com",
+          :body => post_body, :headers => {
+            "Content-Type" => "meme",
+            "Cookie"       => cookie
+          }
+        )
+      end
+
+      def empty_body
+        HTTP::Request::Body.new(nil)
+      end
+
+      it "follows without body/content type if it has to change verb" do
+        req = a_dangerous_request(:post)
+        res = redirect_response 302, "http://example.com/1"
+
+        redirector.perform(req, res) do |prev_req, _|
+          expect(prev_req.body).to eq(empty_body)
+          expect(prev_req.headers["Cookie"]).to eq(cookie)
+          expect(prev_req.headers["Content-Type"]).to eq(nil)
+          simple_response 200
+        end
+      end
+
+      it "leaves body/content-type intact if it does not have to change verb" do
+        req = a_dangerous_request(:post)
+        res = redirect_response 307, "http://example.com/1"
+
+        redirector.perform(req, res) do |prev_req, _|
+          expect(prev_req.body).to eq(post_body)
+          expect(prev_req.headers["Cookie"]).to eq(cookie)
+          expect(prev_req.headers["Content-Type"]).to eq("meme")
+          simple_response 200
+        end
+      end
+    end
   end
 end

data/spec/lib/http/request/body_spec.rb

@@ -118,10 +118,10 @@ RSpec.describe HTTP::Request::Body do
     end
 
     context "when body is a non-Enumerable IO" do
-      let(:body) { FakeIO.new("a" * 16 * 1024 + "b" * 10 * 1024) }
+      let(:body) { FakeIO.new(("a" * 16 * 1024) + ("b" * 10 * 1024)) }
 
       it "yields chunks of content" do
-        expect(chunks.inject("", :+)).to eq "a" * 16 * 1024 + "b" * 10 * 1024
+        expect(chunks.inject("", :+)).to eq ("a" * 16 * 1024) + ("b" * 10 * 1024)
       end
     end
 
@@ -148,7 +148,7 @@ RSpec.describe HTTP::Request::Body do
     end
 
     context "when body is an Enumerable IO" do
-      let(:data) { "a" * 16 * 1024 + "b" * 10 * 1024 }
+      let(:data) { ("a" * 16 * 1024) + ("b" * 10 * 1024) }
       let(:body) { StringIO.new data }
 
       it "yields chunks of content" do

data/spec/lib/http/request/writer_spec.rb

@@ -47,9 +47,20 @@ RSpec.describe HTTP::Request::Writer do
       end
     end
 
-    context "when body is empty" do
+    context "when body is not set" do
       let(:body) { HTTP::Request::Body.new(nil) }
 
+      it "doesn't write anything to the socket and doesn't set Content-Length" do
+        writer.stream
+        expect(io.string).to eq [
+          "#{headerstart}\r\n\r\n"
+        ].join
+      end
+    end
+
+    context "when body is empty" do
+      let(:body) { HTTP::Request::Body.new("") }
+
       it "doesn't write anything to the socket and sets Content-Length" do
         writer.stream
         expect(io.string).to eq [

data/spec/lib/http/response/body_spec.rb

@@ -2,7 +2,7 @@
 
 RSpec.describe HTTP::Response::Body do
   let(:connection) { double(:sequence_id => 0) }
-  let(:chunks)     { [String.new("Hello, "), String.new("World!")] }
+  let(:chunks)     { ["Hello, ", "World!"] }
 
   before do
     allow(connection).to receive(:readpartial) { chunks.shift }
@@ -16,7 +16,7 @@ RSpec.describe HTTP::Response::Body do
   end
 
   context "when body empty" do
-    let(:chunks) { [String.new("")] }
+    let(:chunks) { [""] }
 
     it "returns responds to empty? with true" do
       expect(subject).to be_empty
@@ -45,12 +45,12 @@ RSpec.describe HTTP::Response::Body do
     it "returns content in specified encoding" do
       body = described_class.new(connection)
       expect(connection).to receive(:readpartial).
-        and_return(String.new("content").force_encoding(Encoding::UTF_8))
+        and_return(String.new("content", :encoding => Encoding::UTF_8))
       expect(body.readpartial.encoding).to eq Encoding::BINARY
 
       body = described_class.new(connection, :encoding => Encoding::UTF_8)
       expect(connection).to receive(:readpartial).
-        and_return(String.new("content").force_encoding(Encoding::BINARY))
+        and_return(String.new("content", :encoding => Encoding::BINARY))
       expect(body.readpartial.encoding).to eq Encoding::UTF_8
     end
   end
@@ -59,7 +59,7 @@ RSpec.describe HTTP::Response::Body do
     let(:chunks) do
       body = Zlib::Deflate.deflate("Hi, HTTP here ☺")
       len  = body.length
-      [String.new(body[0, len / 2]), String.new(body[(len / 2)..-1])]
+      [body[0, len / 2], body[(len / 2)..-1]]
     end
     subject(:body) do
       inflater = HTTP::Response::Inflater.new(connection)

data/spec/lib/http/response/parser_spec.rb

@@ -46,9 +46,9 @@ RSpec.describe HTTP::Response::Parser do
   context "when got 100 Continue response" do
     let :raw_response do
       "HTTP/1.1 100 Continue\r\n\r\n" \
-      "HTTP/1.1 200 OK\r\n" \
-      "Content-Length: 12\r\n\r\n" \
-      "Hello World!"
+        "HTTP/1.1 200 OK\r\n" \
+        "Content-Length: 12\r\n\r\n" \
+        "Hello World!"
     end
 
     context "when response is feeded in one part" do

data/spec/lib/http/response_spec.rb

@@ -4,6 +4,7 @@ RSpec.describe HTTP::Response do
   let(:body)          { "Hello world!" }
   let(:uri)           { "http://example.com/" }
   let(:headers)       { {} }
+  let(:request)       { HTTP::Request.new(:verb => :get, :uri => uri) }
 
   subject(:response) do
     HTTP::Response.new(
@@ -11,8 +12,7 @@ RSpec.describe HTTP::Response do
       :version => "1.1",
       :headers => headers,
       :body    => body,
-      :uri     => uri,
-      :request => HTTP::Request.new(:verb => :get, :uri => "http://example.com")
+      :request => request
     )
   end
 
@@ -87,19 +87,32 @@ RSpec.describe HTTP::Response do
   end
 
   describe "#parse" do
-    let(:headers)   { {"Content-Type" => "application/json"} }
+    let(:headers)   { {"Content-Type" => content_type} }
     let(:body)      { '{"foo":"bar"}' }
 
-    it "fails if MIME type decoder is not found" do
-      expect { response.parse "text/html" }.to raise_error(HTTP::Error)
+    context "with known content type" do
+      let(:content_type) { "application/json" }
+      it "returns parsed body" do
+        expect(response.parse).to eq "foo" => "bar"
+      end
     end
 
-    it "uses decoder found by given MIME type" do
-      expect(response.parse("application/json")).to eq("foo" => "bar")
+    context "with unknown content type" do
+      let(:content_type) { "application/deadbeef" }
+      it "raises HTTP::Error" do
+        expect { response.parse }.to raise_error HTTP::Error
+      end
     end
 
-    it "uses decoder found by given MIME type alias" do
-      expect(response.parse(:json)).to eq("foo" => "bar")
+    context "with explicitly given mime type" do
+      let(:content_type) { "application/deadbeef" }
+      it "ignores mime_type of response" do
+        expect(response.parse("application/json")).to eq "foo" => "bar"
+      end
+
+      it "supports mime type aliases" do
+        expect(response.parse(:json)).to eq "foo" => "bar"
+      end
     end
   end
 
@@ -154,7 +167,7 @@ RSpec.describe HTTP::Response do
         :version    => "1.1",
         :status     => 200,
         :connection => connection,
-        :request    => HTTP::Request.new(:verb => :get, :uri => "http://example.com")
+        :request    => request
       )
     end
 
@@ -171,4 +184,43 @@ RSpec.describe HTTP::Response do
     end
     it { is_expected.not_to be_chunked }
   end
+
+  describe "backwards compatibilty with :uri" do
+    context "with no :verb" do
+      subject(:response) do
+        HTTP::Response.new(
+          :status  => 200,
+          :version => "1.1",
+          :headers => headers,
+          :body    => body,
+          :uri     => uri
+        )
+      end
+
+      it "defaults the uri to :uri" do
+        expect(response.request.uri.to_s).to eq uri
+      end
+
+      it "defaults to the verb to :get" do
+        expect(response.request.verb).to eq :get
+      end
+    end
+
+    context "with both a :request and :uri" do
+      subject(:response) do
+        HTTP::Response.new(
+          :status  => 200,
+          :version => "1.1",
+          :headers => headers,
+          :body    => body,
+          :uri     => uri,
+          :request => request
+        )
+      end
+
+      it "raises ArgumentError" do
+        expect { response }.to raise_error(ArgumentError)
+      end
+    end
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: http
 version: !ruby/object:Gem::Version
-  version: 5.0.0
+  version: 5.0.4
 platform: ruby
 authors:
 - Tony Arcieri
@@ -11,7 +11,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-13 00:00:00.000000000 Z
+date: 2021-10-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -19,14 +19,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: '2.8'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: '2.8'
 - !ruby/object:Gem::Dependency
   name: http-cookie
   requirement: !ruby/object:Gem::Requirement
@@ -61,14 +61,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.1
+        version: 0.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.1
+        version: 0.4.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -191,7 +191,7 @@ metadata:
   source_code_uri: https://github.com/httprb/http
   wiki_uri: https://github.com/httprb/http/wiki
   bug_tracker_uri: https://github.com/httprb/http/issues
-  changelog_uri: https://github.com/httprb/http/blob/v5.0.0/CHANGES.md
+  changelog_uri: https://github.com/httprb/http/blob/v5.0.4/CHANGES.md
 post_install_message:
 rdoc_options: []
 require_paths: