http 5.0.2 → 5.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fe455ddc7caea6475216135d2748825078dfe40aa5d474e219e054a330d54967
-  data.tar.gz: cdc04d4ccd9e7a8d45ad5db093c63bd2172720aa0c22f6e095fe93c6892e4ea2
+  metadata.gz: 3826a20981b5ed6a7e5f29fd99af814a8409dea3d556d8d4f1c1faeee0060211
+  data.tar.gz: 5f1a624d39059a53df7535df9d8094ec2eb17330ce113ee5f8201f028cb08a01
 SHA512:
-  metadata.gz: eff3f4e56087fd798ecc435ddc662b9e3b8e248c4a39448323643238cc7f8855a98ecfbe392e26f9e77b9129f18fcab13c1a3c588c819453a2f5199a24683c28
-  data.tar.gz: fe8fbd07014f69631414e2644aa48198e34cac0d085a4bce8f056a5284088a2414557a5bb83456f953ce2fdaa6b69621746a31430446664f56eca2a2b454117c
+  metadata.gz: f34965016796ff2864a48d86c45a95db18a5bd118921e9f5ab653b042d53f13332d155238b1b26d28be643b6dffea6f0bf9ac20bbc71bcab05e73e7358ca9b7d
+  data.tar.gz: dfcf6ad46848750d86cb9139b7b0ab9d4ae28624bc7c0d779450f3cfbd8de11dd6ba242855fee759210ffade294743746059157cd1eab4eb69125f644653f5e5

data/.github/workflows/ci.yml

@@ -16,11 +16,11 @@ jobs:
 
     strategy:
       matrix:
-        ruby: [ ruby-2.5, ruby-2.6, ruby-2.7, ruby-3.0 ]
+        ruby: [ ruby-2.6, ruby-2.7, ruby-3.0, ruby-3.1 ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       - uses: ruby/setup-ruby@v1
         with:
@@ -52,11 +52,11 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       - uses: ruby/setup-ruby@v1
         with:
-          ruby-version: 2.5
+          ruby-version: 2.6
           bundler-cache: true
 
       - name: bundle exec rubocop

data/.rubocop.yml

@@ -7,4 +7,4 @@ AllCops:
   DefaultFormatter: fuubar
   DisplayCopNames: true
   NewCops: enable
-  TargetRubyVersion: 2.5
+  TargetRubyVersion: 2.6

data/.rubocop_todo.yml

@@ -1,13 +1,21 @@
 # This configuration was generated by
-# `rubocop --auto-gen-config --auto-gen-only-exclude --exclude-limit 42`
-# on 2021-04-10 09:49:03 UTC using RuboCop version 1.12.1.
+# `rubocop --auto-gen-config --auto-gen-only-exclude --exclude-limit 100`
+# on 2022-06-16 14:35:44 UTC using RuboCop version 1.30.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: Include.
+# Include: **/*.gemspec
+Gemspec/DeprecatedAttributeAssignment:
+  Exclude:
+    - 'http.gemspec'
+
 # Offense count: 53
-# Cop supports --auto-correct.
+# This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: leading, trailing
 Layout/DotPosition:
@@ -22,8 +30,8 @@ Layout/DotPosition:
     - 'spec/lib/http_spec.rb'
     - 'spec/support/http_handling_shared.rb'
 
-# Offense count: 174
-# Cop supports --auto-correct.
+# Offense count: 176
+# This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBraces.
 # SupportedStyles: space, no_space, compact
 # SupportedStylesForEmptyBraces: space, no_space
@@ -66,7 +74,7 @@ Metrics/AbcSize:
     - 'lib/http/request.rb'
     - 'lib/http/response.rb'
 
-# Offense count: 66
+# Offense count: 69
 # Configuration parameters: CountComments, Max, CountAsOne, ExcludedMethods, IgnoredMethods.
 # IgnoredMethods: refine
 Metrics/BlockLength:
@@ -109,7 +117,7 @@ Metrics/CyclomaticComplexity:
     - 'lib/http/chainable.rb'
     - 'lib/http/client.rb'
 
-# Offense count: 19
+# Offense count: 18
 # Configuration parameters: CountComments, Max, CountAsOne, ExcludedMethods, IgnoredMethods.
 Metrics/MethodLength:
   Exclude:
@@ -132,8 +140,13 @@ Metrics/ModuleLength:
   Exclude:
     - 'lib/http/chainable.rb'
 
+# Offense count: 1
+Security/CompoundHash:
+  Exclude:
+    - 'lib/http/uri.rb'
+
 # Offense count: 2
-# Cop supports --auto-correct.
+# This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: separated, grouped
 Style/AccessorGrouping:
@@ -141,7 +154,7 @@ Style/AccessorGrouping:
     - 'lib/http/request.rb'
 
 # Offense count: 4
-# Cop supports --auto-correct.
+# This cop supports safe autocorrection (--autocorrect).
 Style/EmptyCaseCondition:
   Exclude:
     - 'lib/http/client.rb'
@@ -150,7 +163,7 @@ Style/EmptyCaseCondition:
     - 'lib/http/response/status.rb'
 
 # Offense count: 5
-# Cop supports --auto-correct.
+# This cop supports safe autocorrection (--autocorrect).
 Style/Encoding:
   Exclude:
     - 'spec/lib/http/client_spec.rb'
@@ -160,7 +173,7 @@ Style/Encoding:
     - 'spec/support/dummy_server/servlet.rb'
 
 # Offense count: 17
-# Configuration parameters: SuspiciousParamNames.
+# Configuration parameters: SuspiciousParamNames, Allowlist.
 # SuspiciousParamNames: options, opts, args, params, parameters
 Style/OptionHash:
   Exclude:
@@ -183,8 +196,8 @@ Style/OptionalBooleanParameter:
     - 'lib/http/uri.rb'
 
 # Offense count: 3
-# Cop supports --auto-correct.
-# Configuration parameters: AutoCorrect, Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns, IgnoredPatterns.
 # URISchemes: http, https
 Layout/LineLength:
   Exclude:

data/CHANGES.md

@@ -1,3 +1,35 @@
+## 5.1.0 (2022-06-17)
+
+* Drop ruby-2.5 support.
+
+* [#715](https://github.com/httprb/http/pull/715)
+  Set default encoding to UTF-8 for `application/json`.
+  ([@drwl])
+
+* [#712](https://github.com/httprb/http/pull/712)
+  Recognize cookies set by redirect.
+  ([@tkellogg])
+
+* [#707](https://github.com/httprb/http/pull/707)
+  Distinguish connection timeouts.
+  ([@YuLeven])
+
+## 5.0.4 (2021-10-07)
+
+* [#698](https://github.com/httprb/http/pull/698)
+  Fix `HTTP::Timeout::Global#connect_ssl`.
+  ([@tarcieri])
+
+## 5.0.3 (2021-10-06)
+
+* [#695](https://github.com/httprb/http/pull/695)
+  Revert DNS resolving feature.
+  ([@PhilCoggins])
+
+* [#694](https://github.com/httprb/http/pull/694)
+  Fix cookies extraction.
+  ([@flosacca])
+
 ## 5.0.2 (2021-09-10)
 
 * [#686](https://github.com/httprb/http/pull/686)
@@ -26,7 +58,8 @@
 
 * [#638](https://github.com/httprb/http/pull/638)
   DNS failover handling.
-  ([@midnight-wonderer])  
+  ([@midnight-wonderer])
+
 
 ## 5.0.1 (2021-06-26)
 
@@ -42,6 +75,7 @@
   Bump llhttp-ffi to 0.3.0.
   ([@bryanp])
 
+
 ## 5.0.0 (2021-05-12)
 
 * [#656](https://github.com/httprb/http/pull/656)
@@ -94,6 +128,7 @@
 
 * [#576](https://github.com/httprb/http/pull/576)
   [#524](https://github.com/httprb/http/issues/524)
+  **BREAKING CHANGE**
   Preserve header names casing.
   ([@joshuaflanagan])
 
@@ -948,3 +983,8 @@ end
 [@midnight-wonderer]: https://github.com/midnight-wonderer
 [@schwern]: https://github.com/schwern
 [@matheussilvasantos]: https://github.com/matheussilvasantos
+[@PhilCoggins]: https://github.com/PhilCoggins
+[@flosacca]: https://github.com/flosacca
+[@YuLeven]: https://github.com/YuLeven
+[@drwl]: https://github.com/drwl
+[@tkellogg]: https://github.com/tkellogg

data/Gemfile

@@ -27,7 +27,7 @@ group :test do
 
   gem "backports"
 
-  gem "rubocop"
+  gem "rubocop", "~> 1.30.0"
   gem "rubocop-performance"
   gem "rubocop-rake"
   gem "rubocop-rspec"

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2011-2021 Tony Arcieri, Erik Michaels-Ober, Alexey V. Zapparov, Zachary Anker
+Copyright (c) 2011-2022 Tony Arcieri, Erik Michaels-Ober, Alexey V. Zapparov, Zachary Anker
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -1,16 +1,12 @@
-# ![http.rb](https://raw.github.com/httprb/http.rb/master/logo.png)
+# ![http.rb](https://raw.github.com/httprb/http.rb/main/logo.png)
 
-[![Gem Version](https://img.shields.io/gem/v/http?logo=ruby)](https://rubygems.org/gems/http)
-[![Build Status](https://github.com/httprb/http/workflows/CI/badge.svg)](https://github.com/httprb/http/actions?query=workflow:CI)
-[![Code Climate](https://codeclimate.com/github/httprb/http.svg?branch=master)](https://codeclimate.com/github/httprb/http)
-[![MIT licensed](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/httprb/http/blob/master/LICENSE.txt)
+[![Gem Version][gem-image]][gem-link]
+[![MIT licensed][license-image]][license-link]
+[![Build Status][build-image]][build-link]
+[![Code Climate][codeclimate-image]][codeclimate-link]
 
 [Documentation]
 
-_NOTE: This is the 5.x **development** branch.  For the 4.x **stable** branch, please see:_
-
-https://github.com/httprb/http/tree/4-x-stable
-
 ## About
 
 HTTP (The Gem! a.k.a. http.rb) is an easy-to-use client library for making requests
@@ -21,63 +17,16 @@ Under the hood, http.rb uses the [llhttp] parser, a fast HTTP parsing native ext
 This library isn't just yet another wrapper around `Net::HTTP`. It implements the HTTP
 protocol natively and outsources the parsing to native extensions.
 
-[requests]: http://docs.python-requests.org/en/latest/
-[llhttp]: https://llhttp.org/
-
-
-## Another Ruby HTTP library? Why should I care?
-
-There are a lot of HTTP libraries to choose from in the Ruby ecosystem.
-So why would you choose this one?
+### Why http.rb?
 
-Top three reasons:
-
-1. **Clean API**: http.rb offers an easy-to-use API that should be a
+- **Clean API**: http.rb offers an easy-to-use API that should be a
    breath of fresh air after using something like Net::HTTP.
 
-2. **Maturity**: http.rb is one of the most mature Ruby HTTP clients, supporting
+- **Maturity**: http.rb is one of the most mature Ruby HTTP clients, supporting
    features like persistent connections and fine-grained timeouts.
 
-3. **Performance**: using native parsers and a clean, lightweight implementation,
-   http.rb achieves the best performance of any Ruby HTTP library which
-   implements the HTTP protocol in Ruby instead of C:
-
-  | HTTP client              | Time   | Implementation        |
-  |--------------------------|--------|-----------------------|
-  | curb (persistent)        | 2.519  | libcurl wrapper       |
-  | em-http-request          | 2.731  | EM + http_parser.rb   |
-  | Typhoeus                 | 2.851  | libcurl wrapper       |
-  | StreamlyFFI (persistent) | 2.853  | libcurl wrapper       |
-  | http.rb (persistent)     | 2.970  | Ruby + http_parser.rb |
-  | http.rb                  | 3.588  | Ruby + http_parser.rb |
-  | HTTParty                 | 3.931  | Net::HTTP wrapper     |
-  | Net::HTTP                | 3.959  | Pure Ruby             |
-  | Net::HTTP (persistent)   | 4.043  | Pure Ruby             |
-  | open-uri                 | 4.479  | Net::HTTP wrapper     |
-  | Excon (persistent)       | 4.618  | Pure Ruby             |
-  | Excon                    | 4.701  | Pure Ruby             |
-  | RestClient               | 26.838 | Net::HTTP wrapper     |
-
-Benchmarks performed using excon's benchmarking tool
-
-DISCLAIMER: Most benchmarks you find in READMEs are crap,
-including this one. These are out-of-date. If you care about
-performance, benchmark for yourself for your own use cases!
-
-## Help and Discussion
-
-If you need help or just want to talk about the http.rb,
-visit the http.rb Google Group:
-
-https://groups.google.com/forum/#!forum/httprb
-
-You can join by email by sending a message to:
-
-[httprb+subscribe@googlegroups.com](mailto:httprb+subscribe@googlegroups.com)
-
-If you believe you've found a bug, please report it at:
-
-https://github.com/httprb/http/issues
+- **Performance**: using native parsers and a clean, lightweight implementation,
+   http.rb achieves high performance while implementing HTTP in Ruby instead of C.
 
 
 ## Installation
@@ -112,10 +61,9 @@ for more detailed documentation and usage notes.
 
 The following API documentation is also available:
 
-* [YARD API documentation](https://www.rubydoc.info/github/httprb/http)
-* [Chainable module (all chainable methods)](https://www.rubydoc.info/github/httprb/http/HTTP/Chainable)
+- [YARD API documentation](https://www.rubydoc.info/github/httprb/http)
+- [Chainable module (all chainable methods)](https://www.rubydoc.info/github/httprb/http/HTTP/Chainable)
 
-[documentation]: https://github.com/httprb/http/wiki
 
 ### Basic Usage
 
@@ -142,7 +90,7 @@ We can also obtain an `HTTP::Response::Body` object for this response:
 ```
 
 The response body can be streamed with `HTTP::Response::Body#readpartial`.
-In practice, you'll want to bind the HTTP::Response::Body to a local variable
+In practice, you'll want to bind the `HTTP::Response::Body` to a local variable
 and call `#readpartial` on it repeatedly until it returns `nil`:
 
 ```ruby
@@ -159,13 +107,13 @@ and call `#readpartial` on it repeatedly until it returns `nil`:
 
 ## Supported Ruby Versions
 
-This library aims to support and is [tested against][travis] the following Ruby
-versions:
+This library aims to support and is [tested against][build-link]
+the following Ruby  versions:
 
-* Ruby 2.6
-* Ruby 2.7
-* Ruby 3.0
-* JRuby 9.2
+- Ruby 2.6
+- Ruby 2.7
+- Ruby 3.0
+- JRuby 9.2
 
 If something doesn't work on one of these versions, it's a bug.
 
@@ -180,20 +128,36 @@ patches in a timely fashion. If critical issues for a particular implementation
 exist at the time of a major release, support for that Ruby version may be
 dropped.
 
-[travis]: http://travis-ci.org/httprb/http
-
 
 ## Contributing to http.rb
 
-* Fork http.rb on GitHub
-* Make your changes
-* Ensure all tests pass (`bundle exec rake`)
-* Send a pull request
-* If we like them we'll merge them
-* If we've accepted a patch, feel free to ask for commit access!
+- Fork http.rb on GitHub
+- Make your changes
+- Ensure all tests pass (`bundle exec rake`)
+- Send a pull request
+- If we like them we'll merge them
+- If we've accepted a patch, feel free to ask for commit access!
 
 
 ## Copyright
 
-Copyright (c) 2011-2021 Tony Arcieri, Alexey V. Zapparov, Erik Michaels-Ober, Zachary Anker.
+Copyright © 2011-2022 Tony Arcieri, Alexey V. Zapparov, Erik Michaels-Ober, Zachary Anker.
 See LICENSE.txt for further details.
+
+
+[//]: # (badges)
+
+[gem-image]: https://img.shields.io/gem/v/http?logo=ruby
+[gem-link]: https://rubygems.org/gems/http
+[license-image]: https://img.shields.io/badge/license-MIT-blue.svg
+[license-link]: https://github.com/httprb/http/blob/main/LICENSE.txt
+[build-image]: https://github.com/httprb/http/workflows/CI/badge.svg
+[build-link]: https://github.com/httprb/http/actions/workflows/ci.yml
+[codeclimate-image]: https://codeclimate.com/github/httprb/http.svg?branch=main
+[codeclimate-link]: https://codeclimate.com/github/httprb/http
+
+[//]: # (links)
+
+[documentation]: https://github.com/httprb/http/wiki
+[requests]: http://docs.python-requests.org/en/latest/
+[llhttp]: https://llhttp.org/

data/SECURITY.md

@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report security issues to `bascule@gmail.com`

data/http.gemspec

@@ -25,7 +25,7 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.version       = HTTP::VERSION
 
-  gem.required_ruby_version = ">= 2.5"
+  gem.required_ruby_version = ">= 2.6"
 
   gem.add_runtime_dependency "addressable",    "~> 2.8"
   gem.add_runtime_dependency "http-cookie",    "~> 1.0"
@@ -35,9 +35,10 @@ Gem::Specification.new do |gem|
   gem.add_development_dependency "bundler", "~> 2.0"
 
   gem.metadata = {
-    "source_code_uri" => "https://github.com/httprb/http",
-    "wiki_uri"        => "https://github.com/httprb/http/wiki",
-    "bug_tracker_uri" => "https://github.com/httprb/http/issues",
-    "changelog_uri"   => "https://github.com/httprb/http/blob/v#{HTTP::VERSION}/CHANGES.md"
+    "source_code_uri"       => "https://github.com/httprb/http",
+    "wiki_uri"              => "https://github.com/httprb/http/wiki",
+    "bug_tracker_uri"       => "https://github.com/httprb/http/issues",
+    "changelog_uri"         => "https://github.com/httprb/http/blob/v#{HTTP::VERSION}/CHANGES.md",
+    "rubygems_mfa_required" => "true"
   }
 end

data/lib/http/errors.rb

@@ -19,6 +19,9 @@ module HTTP
   # Generic Timeout error
   class TimeoutError < Error; end
 
+  # Timeout when first establishing the conncetion
+  class ConnectTimeoutError < TimeoutError; end
+
   # Header value is of unexpected format (similar to Net::HTTPHeaderSyntaxError)
   class HeaderError < Error; end
 end

data/lib/http/headers.rb

@@ -111,7 +111,7 @@ module HTTP
     #
     # @return [Hash]
     def to_h
-      keys.map { |k| [k, self[k]] }.to_h
+      keys.to_h { |k| [k, self[k]] }
     end
     alias to_hash to_h
 

data/lib/http/redirector.rb

@@ -49,6 +49,8 @@ module HTTP
       @request  = request
       @response = response
       @visited  = []
+      collect_cookies_from_request
+      collect_cookies_from_response
 
       while REDIRECT_CODES.include? @response.status.code
         @visited << "#{@request.verb} #{@request.uri}"
@@ -59,8 +61,12 @@ module HTTP
         @response.flush
 
         # XXX(ixti): using `Array#inject` to return `nil` if no Location header.
-        @request  = redirect_to(@response.headers.get(Headers::LOCATION).inject(:+))
+        @request = redirect_to(@response.headers.get(Headers::LOCATION).inject(:+))
+        unless cookie_jar.empty?
+          @request.headers.set(Headers::COOKIE, cookie_jar.cookies.map { |c| "#{c.name}=#{c.value}" }.join("; "))
+        end
         @response = yield @request
+        collect_cookies_from_response
       end
 
       @response
@@ -68,6 +74,48 @@ module HTTP
 
     private
 
+    # All known cookies. On the original request, this is only the original cookies, but after that,
+    # Set-Cookie headers can add, set or delete cookies.
+    def cookie_jar
+      # it seems that @response.cookies instance is reused between responses, so we have to "clone"
+      @cookie_jar ||= HTTP::CookieJar.new
+    end
+
+    def collect_cookies_from_request
+      request_cookie_header = @request.headers["Cookie"]
+      cookies =
+        if request_cookie_header
+          HTTP::Cookie.cookie_value_to_hash(request_cookie_header)
+        else
+          {}
+        end
+
+      cookies.each do |key, value|
+        cookie_jar.add(HTTP::Cookie.new(key, value, :path => @request.uri.path, :domain => @request.host))
+      end
+    end
+
+    # Carry cookies from one response to the next. Carrying cookies to the next response ends up
+    # carrying them to the next request as well.
+    #
+    # Note that this isn't part of the IETF standard, but all major browsers support setting cookies
+    # on redirect: https://blog.dubbelboer.com/2012/11/25/302-cookie.html
+    def collect_cookies_from_response
+      # Overwrite previous cookies
+      @response.cookies.each do |cookie|
+        if cookie.value == ""
+          cookie_jar.delete(cookie)
+        else
+          cookie_jar.add(cookie)
+        end
+      end
+
+      # I wish we could just do @response.cookes = cookie_jar
+      cookie_jar.each do |cookie|
+        @response.cookies.add(cookie)
+      end
+    end
+
     # Check if we reached max amount of redirect hops
     # @return [Boolean]
     def too_many_hops?

data/lib/http/request/writer.rb

@@ -61,7 +61,7 @@ module HTTP
       def join_headers
         # join the headers array with crlfs, stick two on the end because
         # that ends the request header
-        @request_header.join(CRLF) + CRLF * 2
+        @request_header.join(CRLF) + (CRLF * 2)
       end
 
       # Writes HTTP request data into the socket.

data/lib/http/response/status.rb

@@ -69,7 +69,7 @@ module HTTP
       #   SYMBOL_CODES[:im_a_teapot]           # => 418
       #
       # @return [Hash<Symbol => Fixnum>]
-      SYMBOL_CODES = SYMBOLS.map { |k, v| [v, k] }.to_h.freeze
+      SYMBOL_CODES = SYMBOLS.to_h { |k, v| [v, k] }.freeze
 
       # @return [Fixnum] status code
       attr_reader :code

data/lib/http/response.rb

@@ -53,7 +53,7 @@ module HTTP
         @body = opts.fetch(:body)
       else
         connection = opts.fetch(:connection)
-        encoding   = opts[:encoding] || charset || Encoding::BINARY
+        encoding = opts[:encoding] || charset || default_encoding
 
         @body = Response::Body.new(connection, :encoding => encoding)
       end
@@ -138,8 +138,8 @@ module HTTP
     def_delegator :content_type, :charset
 
     def cookies
-      @cookies ||= headers.each_with_object CookieJar.new do |(k, v), jar|
-        jar.parse(v, uri) if k == Headers::SET_COOKIE
+      @cookies ||= headers.get(Headers::SET_COOKIE).each_with_object CookieJar.new do |v, jar|
+        jar.parse(v, uri)
       end
     end
 
@@ -168,6 +168,12 @@ module HTTP
 
     private
 
+    def default_encoding
+      return Encoding::UTF_8 if mime_type == "application/json"
+
+      Encoding::BINARY
+    end
+
     # Initialize an HTTP::Request from options.
     #
     # @return [HTTP::Request]

data/lib/http/timeout/global.rb

@@ -1,8 +1,7 @@
 # frozen_string_literal: true
 
-require "io/wait"
-require "resolv"
 require "timeout"
+require "io/wait"
 
 require "http/timeout/null"
 
@@ -13,9 +12,6 @@ module HTTP
         super
 
         @timeout = @time_left = options.fetch(:global_timeout)
-        @dns_resolver = options.fetch(:dns_resolver) do
-          ::Resolv.method(:getaddresses)
-        end
       end
 
       # To future me: Don't remove this again, past you was smarter.
@@ -23,28 +19,14 @@ module HTTP
         @time_left = @timeout
       end
 
-      def connect(socket_class, host_name, *args)
-        connect_operation = lambda do |host_address|
-          ::Timeout.timeout(@time_left, TimeoutError) do
-            super(socket_class, host_address, *args)
-          end
-        end
-        host_addresses = @dns_resolver.call(host_name)
-        # ensure something to iterates
-        trying_targets = host_addresses.empty? ? [host_name] : host_addresses
+      def connect(socket_class, host, port, nodelay = false)
         reset_timer
-        trying_iterator = trying_targets.lazy
-        error = nil
-        begin
-          connect_operation.call(trying_iterator.next).tap do
-            log_time
-          end
-        rescue TimeoutError => e
-          error = e
-          retry
-        rescue ::StopIteration
-          raise error
+        ::Timeout.timeout(@time_left, ConnectTimeoutError) do
+          @socket = socket_class.open(host, port)
+          @socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1) if nodelay
         end
+
+        log_time
       end
 
       def connect_ssl
@@ -53,12 +35,10 @@ module HTTP
         begin
           @socket.connect_nonblock
         rescue IO::WaitReadable
-          IO.select([@socket], nil, nil, @time_left)
-          log_time
+          wait_readable_or_timeout
           retry
         rescue IO::WaitWritable
-          IO.select(nil, [@socket], nil, @time_left)
-          log_time
+          wait_writable_or_timeout
           retry
         end
       end

data/lib/http/timeout/per_operation.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-require "resolv"
 require "timeout"
 
 require "http/timeout/null"
@@ -18,34 +17,14 @@ module HTTP
         @read_timeout = options.fetch(:read_timeout, READ_TIMEOUT)
         @write_timeout = options.fetch(:write_timeout, WRITE_TIMEOUT)
         @connect_timeout = options.fetch(:connect_timeout, CONNECT_TIMEOUT)
-        @dns_resolver = options.fetch(:dns_resolver) do
-          ::Resolv.method(:getaddresses)
-        end
       end
 
-      # TODO: refactor
-      # rubocop:disable Metrics/MethodLength
-      def connect(socket_class, host_name, *args)
-        connect_operation = lambda do |host_address|
-          ::Timeout.timeout(@connect_timeout, TimeoutError) do
-            super(socket_class, host_address, *args)
-          end
-        end
-        host_addresses = @dns_resolver.call(host_name)
-        # ensure something to iterates
-        trying_targets = host_addresses.empty? ? [host_name] : host_addresses
-        trying_iterator = trying_targets.lazy
-        error = nil
-        begin
-          connect_operation.call(trying_iterator.next)
-        rescue TimeoutError => e
-          error = e
-          retry
-        rescue ::StopIteration
-          raise error
+      def connect(socket_class, host, port, nodelay = false)
+        ::Timeout.timeout(@connect_timeout, ConnectTimeoutError) do
+          @socket = socket_class.open(host, port)
+          @socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1) if nodelay
         end
       end
-      # rubocop:enable Metrics/MethodLength
 
       def connect_ssl
         rescue_readable(@connect_timeout) do

data/lib/http/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module HTTP
-  VERSION = "5.0.2"
+  VERSION = "5.1.0"
 end

data/spec/lib/http/client_spec.rb

@@ -389,8 +389,8 @@ RSpec.describe HTTP::Client do
           client.use(:test_feature => feature_instance).
             timeout(0.001).
             request(:post, sleep_url)
-        end.to raise_error(HTTP::TimeoutError)
-        expect(feature_instance.captured_error).to be_a(HTTP::TimeoutError)
+        end.to raise_error(HTTP::ConnectTimeoutError)
+        expect(feature_instance.captured_error).to be_a(HTTP::ConnectTimeoutError)
       end
     end
   end

data/spec/lib/http/redirector_spec.rb

@@ -11,8 +11,12 @@ RSpec.describe HTTP::Redirector do
     )
   end
 
-  def redirect_response(status, location)
-    simple_response status, "", "Location" => location
+  def redirect_response(status, location, set_cookie = {})
+    res = simple_response status, "", "Location" => location
+    set_cookie.each do |name, value|
+      res.headers.add("Set-Cookie", "#{name}=#{value}; path=/; httponly; secure; SameSite=none; Secure")
+    end
+    res
   end
 
   describe "#strict" do
@@ -89,6 +93,61 @@ RSpec.describe HTTP::Redirector do
       expect(res.to_s).to eq "http://example.com/123"
     end
 
+    it "returns cookies in response" do
+      req  = HTTP::Request.new :verb => :head, :uri => "http://example.com"
+      hops = [
+        redirect_response(301, "http://example.com/1", {"foo" => "42"}),
+        redirect_response(301, "http://example.com/2", {"bar" => "53", "deleted" => "foo"}),
+        redirect_response(301, "http://example.com/3", {"baz" => "64", "deleted" => ""}),
+        redirect_response(301, "http://example.com/4", {"baz" => "65"}),
+        simple_response(200, "bar")
+      ]
+
+      request_cookies = [
+        {"foo" => "42"},
+        {"foo" => "42", "bar" => "53", "deleted" => "foo"},
+        {"foo" => "42", "bar" => "53", "baz" => "64"},
+        {"foo" => "42", "bar" => "53", "baz" => "65"}
+      ]
+
+      res = redirector.perform(req, hops.shift) do |request|
+        req_cookie = HTTP::Cookie.cookie_value_to_hash(request.headers["Cookie"] || "")
+        expect(req_cookie).to eq request_cookies.shift
+        hops.shift
+      end
+      expect(res.to_s).to eq "bar"
+      cookies = res.cookies.cookies.to_h { |c| [c.name, c.value] }
+      expect(cookies["foo"]).to eq "42"
+      expect(cookies["bar"]).to eq "53"
+      expect(cookies["baz"]).to eq "65"
+      expect(cookies["deleted"]).to eq nil
+    end
+
+    it "returns original cookies in response" do
+      req = HTTP::Request.new :verb => :head, :uri => "http://example.com"
+      req.headers.set("Cookie", "foo=42; deleted=baz")
+      hops = [
+        redirect_response(301, "http://example.com/1", {"bar" => "64", "deleted" => ""}),
+        simple_response(200, "bar")
+      ]
+
+      request_cookies = [
+        {"foo" => "42", "bar" => "64"},
+        {"foo" => "42", "bar" => "64"}
+      ]
+
+      res = redirector.perform(req, hops.shift) do |request|
+        req_cookie = HTTP::Cookie.cookie_value_to_hash(request.headers["Cookie"] || "")
+        expect(req_cookie).to eq request_cookies.shift
+        hops.shift
+      end
+      expect(res.to_s).to eq "bar"
+      cookies = res.cookies.cookies.to_h { |c| [c.name, c.value] }
+      expect(cookies["foo"]).to eq "42"
+      expect(cookies["bar"]).to eq "64"
+      expect(cookies["deleted"]).to eq nil
+    end
+
     context "following 300 redirect" do
       context "with strict mode" do
         let(:options) { {:strict => true} }
@@ -400,7 +459,7 @@ RSpec.describe HTTP::Redirector do
     describe "changing verbs during redirects" do
       let(:options) { {:strict => false} }
       let(:post_body) { HTTP::Request::Body.new("i might be way longer in real life") }
-      let(:cookie) { "dont eat my cookies" }
+      let(:cookie) { "dont=eat my cookies" }
 
       def a_dangerous_request(verb)
         HTTP::Request.new(

data/spec/lib/http/request/body_spec.rb

@@ -118,10 +118,10 @@ RSpec.describe HTTP::Request::Body do
     end
 
     context "when body is a non-Enumerable IO" do
-      let(:body) { FakeIO.new("a" * 16 * 1024 + "b" * 10 * 1024) }
+      let(:body) { FakeIO.new(("a" * 16 * 1024) + ("b" * 10 * 1024)) }
 
       it "yields chunks of content" do
-        expect(chunks.inject("", :+)).to eq "a" * 16 * 1024 + "b" * 10 * 1024
+        expect(chunks.inject("", :+)).to eq ("a" * 16 * 1024) + ("b" * 10 * 1024)
       end
     end
 
@@ -148,7 +148,7 @@ RSpec.describe HTTP::Request::Body do
     end
 
     context "when body is an Enumerable IO" do
-      let(:data) { "a" * 16 * 1024 + "b" * 10 * 1024 }
+      let(:data) { ("a" * 16 * 1024) + ("b" * 10 * 1024) }
       let(:body) { StringIO.new data }
 
       it "yields chunks of content" do

data/spec/lib/http/response/body_spec.rb

@@ -59,7 +59,7 @@ RSpec.describe HTTP::Response::Body do
     let(:chunks) do
       body = Zlib::Deflate.deflate("Hi, HTTP here ☺")
       len  = body.length
-      [body[0, len / 2], body[(len / 2)..-1]]
+      [body[0, len / 2], body[(len / 2)..]]
     end
     subject(:body) do
       inflater = HTTP::Response::Inflater.new(connection)

data/spec/lib/http/response_spec.rb

@@ -223,4 +223,40 @@ RSpec.describe HTTP::Response do
       end
     end
   end
+
+  describe "#body" do
+    let(:connection) { double(:sequence_id => 0) }
+    let(:chunks)     { ["Hello, ", "World!"] }
+
+    subject(:response) do
+      HTTP::Response.new(
+        :status     => 200,
+        :version    => "1.1",
+        :headers    => headers,
+        :request    => request,
+        :connection => connection
+      )
+    end
+
+    before do
+      allow(connection).to receive(:readpartial) { chunks.shift }
+      allow(connection).to receive(:body_completed?) { chunks.empty? }
+    end
+
+    context "with no Content-Type" do
+      let(:headers) { {} }
+
+      it "returns a body with default binary encoding" do
+        expect(response.body.to_s.encoding).to eq Encoding::BINARY
+      end
+    end
+
+    context "with Content-Type: application/json" do
+      let(:headers) { {"Content-Type" => "application/json"} }
+
+      it "returns a body with a default UTF_8 encoding" do
+        expect(response.body.to_s.encoding).to eq Encoding::UTF_8
+      end
+    end
+  end
 end

data/spec/support/http_handling_shared.rb

@@ -77,7 +77,7 @@ RSpec.shared_context "HTTP handling" do
         sleep 1.25
       end
 
-      expect { response }.to raise_error(HTTP::TimeoutError, /execution/)
+      expect { response }.to raise_error(HTTP::ConnectTimeoutError, /execution/)
     end
 
     it "errors if reading takes too long" do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: http
 version: !ruby/object:Gem::Version
-  version: 5.0.2
+  version: 5.1.0
 platform: ruby
 authors:
 - Tony Arcieri
@@ -11,7 +11,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-10 00:00:00.000000000 Z
+date: 2022-06-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -106,6 +106,7 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- SECURITY.md
 - http.gemspec
 - lib/http.rb
 - lib/http/chainable.rb
@@ -191,7 +192,8 @@ metadata:
   source_code_uri: https://github.com/httprb/http
   wiki_uri: https://github.com/httprb/http/wiki
   bug_tracker_uri: https://github.com/httprb/http/issues
-  changelog_uri: https://github.com/httprb/http/blob/v5.0.2/CHANGES.md
+  changelog_uri: https://github.com/httprb/http/blob/v5.1.0/CHANGES.md
+  rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -200,14 +202,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.5'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: HTTP should be easy